Make WordPress Core

Opened 15 years ago

Last modified 3 weeks ago

#14060 reviewing defect (bug)

Misleading "You do not have sufficient permissions to access this page."

Reported by: hakre's profile hakre Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: Future Release Priority: normal
Severity: normal Version: 3.0
Component: Plugins Keywords: has-patch needs-testing has-screenshots early
Focuses: Cc:

Description

When accessing a page of a plugin in the admin that does not exists any longer, you're told by an error message, that:

You do not have sufficient permissions to access this page.

This message is a little misleading, because there is no such page.

A message that better reflects the decision to display it would be less misleading, e.g.:

The requested page is not accessible.

Attachments (6)

14060.patch (469 bytes) - added by hakre 15 years ago.
Simple Patch
14060-More-Information.diff (479 bytes) - added by envygeeks 15 years ago.
Better description
14060.2.patch (2.0 KB) - added by SergeyBiryukov 14 years ago.
14060.3.diff (2.3 KB) - added by Nikschavan 9 years ago.
Refreshed the patch
14060.4.diff (2.4 KB) - added by Nikschavan 7 years ago.
Refreshed the patch with current trunk
page-does-not-exist.png (150.1 KB) - added by Nikschavan 7 years ago.

Download all attachments as: .zip

Change History (32)

@hakre
15 years ago

Simple Patch

#1 @hakre
15 years ago

FYI: at the end of Plugin.php there are a lot of functions undocumented and in addition to that important global variables for the admin like $parent_file or $plugin_page are not documented as well.

#2 @nacin
15 years ago

Related, #14039

@envygeeks
15 years ago

Better description

#3 @dd32
14 years ago

  • Keywords needs-patch added; has-patch removed

Both of those proposed wordings are not appropriate IMO.

The major case of that block is to prevent users accessing pages which they do not have access to, The current wording seems appropriate for that (A straight up, Permission denied message).

"The requested page is not accessible." - Doesn't convey the reason for the page being inaccessible.

An alternate solution could be such as follows to give non-existant pages a specific error:

if ( !admin_page_exists() ) {
 do_action...
 wp_die "non-existant page!"
} elseif ( !user_can_access_admin_page() ) {
 do_action...
 wp_die "You dont have access!...";
}

#4 @Ornani
14 years ago

I'm with dd32.

#5 @hakre
14 years ago

For my scenario to check whether or not a page exists, would haven been helpful already.

#6 @nacin
14 years ago

  • Milestone changed from Awaiting Review to Future Release

#7 @hakre
14 years ago

Related: #15394

#8 @ramiy
14 years ago

Related: #18218

#9 @SergeyBiryukov
14 years ago

  • Keywords has-patch added; needs-patch removed

14060.2.patch implements dd32's suggestion.

#10 @SergeyBiryukov
13 years ago

Closed #18662 as a duplicate.

#11 @jane
13 years ago

"The requested page no longer exists."

#12 @SergeyBiryukov
13 years ago

  • Component changed from Accessibility to Plugins

#15 @chriscct7
9 years ago

  • Keywords needs-refresh added

@Nikschavan
9 years ago

Refreshed the patch

#16 @Nikschavan
9 years ago

  • Keywords needs-testing added; needs-refresh removed

Refreshed the patch by @SergeyBiryukov

@Nikschavan
7 years ago

Refreshed the patch with current trunk

#18 @Nikschavan
7 years ago

  • Keywords has-screenshots added

Updated the patch with the latest trunk attached a screenshot of the error message.

Can this be targeted for 4.9?

#19 @SergeyBiryukov
7 years ago

  • Milestone changed from Future Release to 4.9
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#20 @SergeyBiryukov
7 years ago

  • Keywords early added
  • Milestone changed from 4.9 to 5.0

#21 @SergeyBiryukov
6 years ago

  • Milestone changed from 5.0 to 5.1

#22 @pento
6 years ago

  • Milestone changed from 5.1 to 5.2

Patch needs testing and review.

#23 @jorbin
6 years ago

  • Milestone changed from 5.2 to Future Release

As 5.2 is now in beta and this was something that needed early attention, I'm removing it from the milestone.

This ticket was mentioned in PR #7613 on WordPress/wordpress-develop by @nirajgirixd.


3 months ago
#24

## Description

This PR addresses the issue where the misleading message You do not have sufficient permissions to access this page. was displayed when attempting to access an admin page that doesn't exist. Instead of suggesting a permissions problem, the fix ensures that users are now shown a clearer message: The requested page does not exist. This provides a more accurate and user-friendly explanation when the page is missing or unavailable.

## Screenshot

https://github.com/user-attachments/assets/583b2664-3d82-4df5-9487-5a4512099f9b

## Testing Instructions

  • Install a plugin that includes a settings page.
  • Navigate to the plugin's settings page and copy the URL.
  • Go to the plugins page and deactivate the plugin you just installed.
  • Paste the copied URL of the plugin's settings page into the browser's address bar and press Enter.
  • You should now see the message The requested page does not exist. instead of You do not have sufficient permissions to access this page.

## Trac ticket: https://core.trac.wordpress.org/ticket/14060

#25 @sainathpoojary
5 weeks ago

Tested the implementation and verified that the message now correctly shows "The requested page does not exist" instead of the previous permissions error.

Patch tested: https://github.com/WordPress/wordpress-develop/pull/7613

https://utfs.io/f/PL8E4NiPUWyORiNw9VNTu5OnjW2XKY0IRv1P9lgoTaLbV4qy

Environment

  • WordPress: 6.7-beta3-59237-src
  • PHP: 8.2.26
  • Server: nginx/1.27.3
  • Database: mysqli (Server: 8.0.40 / Client: mysqlnd 8.2.26)
  • Browser: Chrome 131.0.0.0
  • OS: macOS
  • Theme: Twenty Twenty-Five 1.0
  • MU Plugins: None activated
  • Plugins: None activated

#26 @thabotswana
3 weeks ago

Test Report

This report validates that the indicated patch addresses the issue.

Patch tested: https://patch-diff.githubusercontent.com/raw/WordPress/wordpress-develop/pull/7613.diff

Environment

  • OS: macOS 15.2
  • Web Server: PHP.wasm
  • PHP: 7.4.31-dev
  • WordPress: 6.8-alpha-20241025.105215
  • Browser: Firefox 133.0.3
  • Theme: Twenty Twenty-Five
  • Active Plugins: None

Actual Results

  • ✅ Issue resolved with patch.

Supplemental Artifacts

https://d.pr/i/q4JYLM

Note: See TracTickets for help on using tickets.