@@ 77-83 (lines=7) @@ | ||
74 | } |
|
75 | } |
|
76 | ||
77 | if ( is_multisite() && ! current_user_can( 'manage_network_options' ) && 'update' != $action ) { |
|
78 | wp_die( |
|
79 | '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . |
|
80 | '<p>' . __( 'Sorry, you are not allowed to delete these items.' ) . '</p>', |
|
81 | 403 |
|
82 | ); |
|
83 | } |
|
84 | ||
85 | $whitelist_options = array( |
|
86 | 'general' => array( 'blogname', 'blogdescription', 'gmt_offset', 'date_format', 'time_format', 'start_of_week', 'timezone_string', 'WPLANG' ), |
@@ 12-18 (lines=7) @@ | ||
9 | /** WordPress Administration Bootstrap */ |
|
10 | require_once( dirname( __FILE__ ) . '/admin.php' ); |
|
11 | ||
12 | if ( ! current_user_can( 'switch_themes' ) && ! current_user_can( 'edit_theme_options' ) ) { |
|
13 | wp_die( |
|
14 | '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . |
|
15 | '<p>' . __( 'Sorry, you are not allowed to edit theme options on this site.' ) . '</p>', |
|
16 | 403 |
|
17 | ); |
|
18 | } |
|
19 | ||
20 | if ( current_user_can( 'switch_themes' ) && isset($_GET['action'] ) ) { |
|
21 | if ( 'activate' == $_GET['action'] ) { |
@@ 13-19 (lines=7) @@ | ||
10 | require_once( dirname( __FILE__ ) . '/admin.php' ); |
|
11 | ||
12 | if ( is_multisite() ) { |
|
13 | if ( ! current_user_can( 'create_users' ) && ! current_user_can( 'promote_users' ) ) { |
|
14 | wp_die( |
|
15 | '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . |
|
16 | '<p>' . __( 'Sorry, you are not allowed to add users to this network.' ) . '</p>', |
|
17 | 403 |
|
18 | ); |
|
19 | } |
|
20 | } elseif ( ! current_user_can( 'create_users' ) ) { |
|
21 | wp_die( |
|
22 | '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . |
@@ 472-483 (lines=12) @@ | ||
469 | global $pagenow; |
|
470 | ||
471 | // Check permissions for customize.php access since this method is called before customize.php can run any code, |
|
472 | if ( 'customize.php' === $pagenow && ! current_user_can( 'customize' ) ) { |
|
473 | if ( ! is_user_logged_in() ) { |
|
474 | auth_redirect(); |
|
475 | } else { |
|
476 | wp_die( |
|
477 | '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . |
|
478 | '<p>' . __( 'Sorry, you are not allowed to customize this site.' ) . '</p>', |
|
479 | 403 |
|
480 | ); |
|
481 | } |
|
482 | return; |
|
483 | } |
|
484 | ||
485 | if ( ! preg_match( '/^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/', $this->_changeset_uuid ) ) { |
|
486 | $this->wp_die( -1, __( 'Invalid changeset UUID' ) ); |