Opened 7 years ago
Last modified 4 years ago
#36803 new defect (bug)
ms-files.php: inconsistent behaviour for upload visibility on archived sites
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 4.5.2 |
Component: | Media | Keywords: | needs-patch |
Focuses: | multisite | Cc: |
Description
Hey,
i just ran into an odd issue on one of our clients Multisites. I archived the said site and – as you know – it remains accessible for network admins. The matching files however don't. I followed this down to ms-files.php::21ff.
<?php if ( $current_blog->archived == '1' || $current_blog->spam == '1' || $current_blog->deleted == '1' ) { status_header( 404 ); die( '404 — File not found.' ); }
You see that ms-files.php checks, if the blog is archived (or spam or deleted) and than throws out a 404. Shouldn't this include a check for network admin users to see the files? Or, if that's not desirable, couldn't we make this check accessible for filters?
Thanks for the good work!
Christian
Change History (3)
Note: See
TracTickets for help on using
tickets.
Hi @antwortzeit, thanks for taking the time to open a ticket. We should be able to provide some more consistency here.
It looks like the safest way would be to add an
is_super_admin()
check rather than rely on any other capabilities. Becausems-files.php
usesSHORTINIT
, some of our other options are limited.