Enforce edit_users cap for users.php. Props westi. fixes #3410

git-svn-id: http://svn.automattic.com/wordpress/trunk@4559 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2006-11-30 18:38:06 +00:00 · 2006-11-30 18:38:06 +00:00 · 9c822fc9b3
parent 7c759611cc
commit 9c822fc9b3
1 changed files with 4 additions and 4 deletions
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@ -2,11 +2,11 @@
 require_once('admin.php');
 require_once( ABSPATH . WPINC . '/registration.php');

+if ( !current_user_can('edit_users') )
+	wp_die(__('Cheatin&#8217; uh?'));
+
 $title = __('Users');
-if ( current_user_can('edit_users') )
-	$parent_file = 'users.php';
-else
-	$parent_file = 'profile.php';
+$parent_file = 'users.php';

 $action = $_REQUEST['action'];
 $update = '';