diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index c4a3f0736..da72288d0 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -132,7 +132,7 @@ case 'imgedit-preview' : die(); break; case 'menu-quick-search': - if ( ! current_user_can( 'switch_themes' ) ) + if ( ! current_user_can( 'edit_theme_options' ) ) die('-1'); require_once ABSPATH . 'wp-admin/includes/nav-menu.php'; @@ -399,7 +399,7 @@ case 'delete-link' : case 'delete-menu-item' : $menu_item_id = (int) $_POST['menu-item']; check_admin_referer( 'delete-menu_item_' . $menu_item_id ); - if ( ! current_user_can( 'switch_themes' ) ) + if ( ! current_user_can( 'edit_theme_options' ) ) die('-1'); if ( is_nav_menu_item( $menu_item_id ) && wp_delete_post( $menu_item_id, true ) ) @@ -817,7 +817,7 @@ case 'edit-comment' : $x->send(); break; case 'add-menu-item' : - if ( ! current_user_can( 'switch_themes' ) ) + if ( ! current_user_can( 'edit_theme_options' ) ) die('-1'); check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' ); @@ -1091,7 +1091,7 @@ case 'hidden-columns' : die('1'); break; case 'menu-quick-search': - if ( ! current_user_can( 'switch_themes' ) ) + if ( ! current_user_can( 'edit_theme_options' ) ) die('-1'); require_once ABSPATH . 'wp-admin/includes/nav-menu.php'; @@ -1328,7 +1328,7 @@ case 'lj-importer' : case 'widgets-order' : check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' ); - if ( !current_user_can('switch_themes') ) + if ( !current_user_can('edit_theme_options') ) die('-1'); unset( $_POST['savewidgets'], $_POST['action'] ); @@ -1358,7 +1358,7 @@ case 'widgets-order' : case 'save-widget' : check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' ); - if ( !current_user_can('switch_themes') || !isset($_POST['id_base']) ) + if ( !current_user_can('edit_theme_options') || !isset($_POST['id_base']) ) die('-1'); unset( $_POST['savewidgets'], $_POST['action'] ); diff --git a/wp-admin/custom-background.php b/wp-admin/custom-background.php index ad99c4a1c..6e88d27d5 100644 --- a/wp-admin/custom-background.php +++ b/wp-admin/custom-background.php @@ -52,10 +52,10 @@ class Custom_Background { * @since 3.0.0 */ function init() { - if ( ! current_user_can('switch_themes') ) + if ( ! current_user_can('edit_theme_options') ) return; - $page = add_theme_page(__('Background'), __('Background'), 'switch_themes', 'custom-background', array(&$this, 'admin_page')); + $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array(&$this, 'admin_page')); add_action("load-$page", array(&$this, 'admin_load')); add_action("load-$page", array(&$this, 'take_action'), 49); diff --git a/wp-admin/custom-header.php b/wp-admin/custom-header.php index eac715dfa..c619c96e7 100644 --- a/wp-admin/custom-header.php +++ b/wp-admin/custom-header.php @@ -61,10 +61,10 @@ class Custom_Image_Header { * @since 2.1.0 */ function init() { - if ( ! current_user_can('switch_themes') ) + if ( ! current_user_can('edit_theme_options') ) return; - $page = add_theme_page(__('Header'), __('Header'), 'switch_themes', 'custom-header', array(&$this, 'admin_page')); + $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array(&$this, 'admin_page')); add_action("admin_print_scripts-$page", array(&$this, 'js_includes')); add_action("admin_print_styles-$page", array(&$this, 'css_includes')); @@ -125,7 +125,7 @@ class Custom_Image_Header { * @since 2.6.0 */ function take_action() { - if ( ! current_user_can('switch_themes') ) + if ( ! current_user_can('edit_theme_options') ) return; if ( isset( $_POST['textcolor'] ) ) { @@ -597,7 +597,7 @@ if ( !empty($this->default_headers) ) { * @since 2.1.0 */ function admin_page() { - if ( ! current_user_can('switch_themes') ) + if ( ! current_user_can('edit_theme_options') ) wp_die(__('You do not have permission to customize headers.')); $step = $this->step(); if ( 1 == $step ) diff --git a/wp-admin/includes/dashboard.php b/wp-admin/includes/dashboard.php index 9fe795655..84055f283 100644 --- a/wp-admin/includes/dashboard.php +++ b/wp-admin/includes/dashboard.php @@ -356,11 +356,15 @@ function wp_dashboard_right_now() { } $num = number_format_i18n( $num_widgets ); - if ( current_user_can( 'switch_themes' ) ) { + $switch_themes = $ct->title; + if ( current_user_can( 'switch_themes') ) { echo '' . __('Change Theme') . ''; - printf(_n('Theme %1$s with %2$s Widget', 'Theme %1$s with %2$s Widgets', $num_widgets), $ct->title, $num); + $switch_themes = '' . $switch_themes . ''; + } + if ( current_user_can( 'edit_theme_options' ) ) { + printf(_n('Theme %1$s with %2$s Widget', 'Theme %1$s with %2$s Widgets', $num_widgets), $switch_themes, $num); } else { - printf(_n('Theme %1$s with %2$s Widget', 'Theme %1$s with %2$s Widgets', $num_widgets), $ct->title, $num); + printf(_n('Theme %1$s with %2$s Widget', 'Theme %1$s with %2$s Widgets', $num_widgets), $switch_themes, $num); } } else { if ( current_user_can( 'switch_themes' ) ) { diff --git a/wp-admin/menu.php b/wp-admin/menu.php index ef6a27044..19f7f88cd 100644 --- a/wp-admin/menu.php +++ b/wp-admin/menu.php @@ -145,9 +145,15 @@ unset($ptype, $ptype_obj); $menu[59] = array( '', 'read', 'separator2', '', 'wp-menu-separator' ); -$menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' ); - $submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php'); - $submenu['themes.php'][10] = array(__('Menus'), 'switch_themes', 'nav-menus.php'); +if ( current_user_can( 'switch_themes') ) { + $menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' ); + $submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php'); + $submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php'); +} else { + $menu[60] = array( __('Appearance'), 'edit_theme_options', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' ); + $submenu['themes.php'][5] = array(__('Themes'), 'edit_theme_options', 'themes.php'); + $submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php' ); +} // Add 'Editor' to the bottom of the Appearence menu. add_action('admin_menu', '_add_themes_utility_last', 101); @@ -281,7 +287,7 @@ foreach ( array( 'submenu' ) as $sub_loop ) { unset($sub_loop); // Loop over the top-level menu. -// Menus for which the original parent is not acessible due to lack of privs will have the next +// Menus for which the original parent is not accessible due to lack of privs will have the next // submenu in line be assigned as the new menu parent. foreach ( $menu as $id => $data ) { if ( empty($submenu[$data[2]]) ) diff --git a/wp-admin/nav-menus.php b/wp-admin/nav-menus.php index d5f544319..cb9efb82d 100644 --- a/wp-admin/nav-menus.php +++ b/wp-admin/nav-menus.php @@ -16,8 +16,8 @@ require_once( 'admin.php' ); require_once( ABSPATH . 'wp-admin/includes/nav-menu.php' ); // Permissions Check -if ( ! current_user_can('switch_themes') ) - wp_die( __( 'Cheatin’ uh?' )); +if ( ! current_user_can('edit_theme_options') ) + wp_die( __( 'Cheatin’ uh?' ) ); // Nav Menu CSS wp_admin_css( 'nav-menu' ); @@ -51,12 +51,9 @@ $action = isset( $_REQUEST['action'] ) ? $_REQUEST['action'] : 'edit'; switch ( $action ) { case 'add-menu-item': - if ( current_user_can( 'switch_themes' ) ) { - check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' ); - if ( isset( $_REQUEST['menu-item'] ) ) { - wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] ); - } - } + check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' ); + if ( isset( $_REQUEST['menu-item'] ) ) + wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] ); break; case 'move-down-menu-item' : // moving down a menu item is the same as moving up the next in order diff --git a/wp-admin/themes.php b/wp-admin/themes.php index 9451e3a6f..004d62fdc 100644 --- a/wp-admin/themes.php +++ b/wp-admin/themes.php @@ -9,10 +9,10 @@ /** WordPress Administration Bootstrap */ require_once('./admin.php'); -if ( !current_user_can('switch_themes') ) +if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') ) wp_die( __( 'Cheatin’ uh?' ) ); -if ( isset($_GET['action']) ) { +if ( current_user_can('switch_themes') && isset($_GET['action']) ) { if ( 'activate' == $_GET['action'] ) { check_admin_referer('switch-theme_' . $_GET['template']); switch_theme($_GET['template'], $_GET['stylesheet']); @@ -31,6 +31,8 @@ if ( isset($_GET['action']) ) { $title = __('Manage Themes'); $parent_file = 'themes.php'; +if ( current_user_can( 'switch_themes' ) ) : + $help = '
' . __('Themes give your WordPress style. Once a theme is installed, you may preview it, activate it or deactivate it here.') . '
'; if ( current_user_can('install_themes') ) { $help .= '' . sprintf(__('You can find additional themes for your site by using the new Theme Browser/Installer functionality or by browsing the WordPress Theme Directory directly and installing manually. To install a theme manually, upload its ZIP archive with the new uploader or copy its folder via FTP into your wp-content/themes
directory.'), 'theme-install.php', 'theme-install.php?tab=upload' ) . '
Network Themes screen before they appear here.'), admin_url( 'ms-themes.php') ); ?>
widgets settings screen to configure them.'), admin_url( 'widgets.php' ) ); ?>
Visit site' ), home_url( '/' ) ); ?>