Introduce WP_List_Table::check_permissions() and WP_List_Table::prepare_items(). Fixes #14596; See #14579

git-svn-id: http://svn.automattic.com/wordpress/trunk@15496 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
scribu 2010-08-12 23:21:05 +00:00
parent 17cc67eb45
commit c6056827ed
16 changed files with 271 additions and 170 deletions

View File

@ -558,7 +558,7 @@ case 'add-tag' :
set_current_screen($_POST['screen']);
require_once( './includes/default-list-tables.php' );
$table = new WP_Terms_Table( 'ajax' );
$table = new WP_Terms_Table();
$level = 0;
$tag_full_name = false;
@ -626,7 +626,7 @@ case 'add-comment' :
die('-1');
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table( 'ajax' );
$table = new WP_Comments_Table();
global $comments;
@ -659,7 +659,7 @@ case 'get-comments' :
die('-1');
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table( 'ajax' );
$table = new WP_Comments_Table();
global $comments;
@ -685,7 +685,7 @@ case 'replyto-comment' :
check_ajax_referer( $action, '_ajax_nonce-replyto-comment' );
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table( 'ajax' );
$table = new WP_Comments_Table();
$comment_post_ID = (int) $_POST['comment_post_ID'];
if ( !current_user_can( 'edit_post', $comment_post_ID ) )
@ -776,7 +776,7 @@ case 'edit-comment' :
add_filter( 'comment_author', 'floated_admin_avatar' );
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table( 'ajax' );
$table = new WP_Comments_Table();
ob_start();
$table->single_row( $comment_id, $mode, $comments_listing, $checkbox );
@ -925,7 +925,7 @@ case 'add-user' :
$user_object = new WP_User( $user_id );
require_once( './includes/default-list-tables.php' );
$table = new WP_Users_Table( 'ajax' );
$table = new WP_Users_Table();
$x = new WP_Ajax_Response( array(
'what' => 'user',
@ -1218,7 +1218,7 @@ case 'inline-save':
edit_post();
require_once( './includes/default-list-tables.php' );
$table = new WP_Posts_Table( 'ajax' );
$table = new WP_Posts_Table();
$mode = $_POST['post_view'];
$table->display_rows( array( get_post( $_POST['post_ID'] ) ) );
@ -1228,19 +1228,14 @@ case 'inline-save':
case 'inline-save-tax':
check_ajax_referer( 'taxinlineeditnonce', '_inline_edit' );
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : false;
if ( ! $taxonomy )
die( __('Cheatin’ uh?') );
$tax = get_taxonomy($taxonomy);
require_once( './includes/default-list-tables.php' );
$table = new WP_Terms_Table();
if ( ! current_user_can( $tax->cap->edit_terms ) )
die( __('Cheatin’ uh?') );
$table->check_permissions('edit');
if ( ! isset($_POST['tax_ID']) || ! ( $id = (int) $_POST['tax_ID'] ) )
die(-1);
$taxonomy = !empty($_POST['taxonomy']) ? $_POST['taxonomy'] : 'post_tag';
$tag = get_term( $id, $taxonomy );
$_POST['description'] = $tag->description;
@ -1253,11 +1248,6 @@ case 'inline-save-tax':
die( __('Item not updated.') );
}
set_current_screen( 'edit-' . $taxonomy );
require_once( './includes/default-list-tables.php' );
$table = new WP_Terms_Table( 'ajax' );
echo $table->single_row( $tag, 0, $taxonomy );
} else {
if ( is_wp_error($updated) && $updated->get_error_message() )

View File

@ -9,8 +9,10 @@
/** WordPress Administration Bootstrap */
require_once('./admin.php');
if ( !current_user_can('edit_posts') )
wp_die(__('Cheatin’ uh?'));
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table;
$table->check_permissions();
if ( isset( $_REQUEST['doaction'] ) || isset( $_REQUEST['doaction2'] ) || isset( $_REQUEST['delete_all'] ) || isset( $_REQUEST['delete_all2'] ) ) {
check_admin_referer( 'bulk-comments' );
@ -95,9 +97,7 @@ if ( isset( $_REQUEST['doaction'] ) || isset( $_REQUEST['doaction2'] ) || isset
exit;
}
require_once( './includes/default-list-tables.php' );
$table = new WP_Comments_Table;
$table->prepare_items();
wp_enqueue_script('admin-comments');
enqueue_comment_hotkeys_js();

View File

@ -12,6 +12,7 @@ require_once('./admin.php');
require_once( './includes/default-list-tables.php' );
$table = new WP_Terms_Table;
$table->check_permissions();
$title = $tax->labels->name;
@ -151,6 +152,8 @@ if ( ! empty($_REQUEST['_wp_http_referer']) ) {
exit;
}
$table->prepare_items();
wp_enqueue_script('admin-tags');
if ( current_user_can($tax->cap->edit_terms) )
wp_enqueue_script('inline-edit-tax');

View File

@ -12,6 +12,7 @@ require_once( './admin.php' );
require_once( './includes/default-list-tables.php' );
$table = new WP_Posts_Table;
$table->check_permissions();
// Back-compat for viewing comments of an entry
if ( $_redirect = intval( max( @$_REQUEST['p'], @$_REQUEST['attachment_id'], @$_REQUEST['page_id'] ) ) ) {
@ -118,6 +119,8 @@ if ( 'post' != $post_type ) {
$post_new_file = 'post-new.php';
}
$table->prepare_items();
wp_enqueue_script('inline-edit-post');
$title = $post_type_object->labels->name;

View File

@ -22,8 +22,8 @@ class WP_Posts_Table extends WP_List_Table {
*/
var $_hierarchical_display;
function WP_Posts_Table( $context = 'normal' ) {
global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode, $current_screen;
function WP_Posts_Table() {
global $post_type_object, $post_type, $current_screen;
if ( !isset( $_REQUEST['post_type'] ) )
$post_type = 'post';
@ -35,16 +35,21 @@ class WP_Posts_Table extends WP_List_Table {
$post_type_object = get_post_type_object( $post_type );
if ( !current_user_can( $post_type_object->cap->edit_posts ) )
wp_die( __( 'Cheatin’ uh?' ) );
parent::WP_List_Table( array(
'screen' => $current_screen,
'plural' => 'posts',
) );
}
if ( 'normal' != $context )
return;
function check_permissions() {
global $post_type_object;
if ( !current_user_can( $post_type_object->cap->edit_posts ) )
wp_die( __( 'Cheatin’ uh?' ) );
}
function prepare_items() {
global $post_type_object, $post_type, $avail_post_stati, $wp_query, $per_page, $mode;
$avail_post_stati = wp_edit_posts_query();
@ -1072,34 +1077,24 @@ class WP_Posts_Table extends WP_List_Table {
class WP_Media_Table extends WP_List_Table {
function WP_Media_Table( $context = 'normal' ) {
global $wpdb, $wp_query, $detached, $post_mime_types, $avail_post_mime_types;
function WP_Media_Table() {
global $detached;
if ( isset( $_REQUEST['find_detached'] ) ) {
if ( !current_user_can( 'edit_posts' ) )
wp_die( __( 'You are not allowed to scan for lost attachments.' ) );
$lost = $wpdb->get_col( "
SELECT ID FROM $wpdb->posts
WHERE post_type = 'attachment' AND post_parent > '0'
AND post_parent NOT IN (
SELECT ID FROM $wpdb->posts
WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
)
" );
$_REQUEST['detached'] = 1;
}
$detached = isset( $_REQUEST['detached'] );
$detached = isset( $_REQUEST['detached'] ) || isset( $_REQUEST['find_detached'] );
parent::WP_List_Table( array(
'screen' => $detached ? 'upload-detached' : 'upload',
'plural' => 'media'
) );
}
if ( 'normal' != $context )
return;
function check_permissions() {
if ( !current_user_can('upload_files') )
wp_die( __( 'You do not have permission to upload files.' ) );
}
function prepare_items() {
global $lost, $wpdb, $wp_query, $post_mime_types, $avail_post_mime_types;
$q = $_REQUEST;
@ -1502,19 +1497,10 @@ class WP_Terms_Table extends WP_List_Table {
var $callback_args;
function WP_Terms_Table( $context = 'normal' ) {
function WP_Terms_Table() {
global $post_type, $taxonomy, $tax, $current_screen;
parent::WP_List_Table( array(
'screen' => $current_screen,
'plural' => 'tags',
'singular' => 'tag',
) );
if ( 'normal' != $context )
return;
wp_reset_vars( array( 'action', 'tag', 'taxonomy', 'post_type' ) );
wp_reset_vars( array( 'action', 'taxonomy', 'post_type' ) );
if ( empty( $taxonomy ) )
$taxonomy = 'post_tag';
@ -1524,12 +1510,31 @@ class WP_Terms_Table extends WP_List_Table {
$tax = get_taxonomy( $taxonomy );
if ( ! current_user_can( $tax->cap->manage_terms ) )
wp_die( __( 'Cheatin’ uh?' ) );
if ( empty( $post_type ) || !in_array( $post_type, get_post_types( array( 'public' => true ) ) ) )
$post_type = 'post';
if ( !isset( $current_screen ) )
set_current_screen( 'edit-' . $taxonomy );
parent::WP_List_Table( array(
'screen' => $current_screen,
'plural' => 'tags',
'singular' => 'tag',
) );
}
function check_permissions( $type = 'manage' ) {
global $tax;
$cap = 'manage' == $type ? $tax->cap->manage_terms : $tax->cap->edit_terms;
if ( !current_user_can( $tax->cap->manage_terms ) )
wp_die( __( 'Cheatin’ uh?' ) );
}
function prepare_items() {
global $taxonomy;
$tags_per_page = (int) get_user_option( 'edit_' . $taxonomy . '_per_page' );
if ( empty( $tags_per_page ) || $tags_per_page < 1 )
@ -1851,17 +1856,21 @@ class WP_Terms_Table extends WP_List_Table {
class WP_Users_Table extends WP_List_Table {
function WP_Users_Table( $context = 'normal' ) {
function WP_Users_Table() {
global $role, $usersearch;
parent::WP_List_Table( array(
'screen' => 'users',
'plural' => 'users'
) );
}
if ( 'normal' != $context )
return;
function check_permissions() {
if ( !current_user_can('list_users') )
wp_die(__('Cheatin&#8217; uh?'));
}
function prepare_items() {
$usersearch = isset( $_REQUEST['s'] ) ? $_REQUEST['s'] : '';
$role = isset( $_REQUEST['role'] ) ? $_REQUEST['role'] : '';
@ -2089,21 +2098,25 @@ class WP_Users_Table extends WP_List_Table {
class WP_Comments_Table extends WP_List_Table {
function WP_Comments_Table( $context = 'normal' ) {
global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
function WP_Comments_Table() {
parent::WP_List_Table( array(
'screen' => 'edit-comments',
'plural' => 'comments'
) );
}
if ( 'normal' != $context )
return;
function check_permissions() {
if ( !current_user_can('edit_posts') )
wp_die(__('Cheatin&#8217; uh?'));
}
function prepare_items() {
global $comments, $extra_comments, $total_comments, $post_id, $comment_status, $mode;
$post_id = isset( $_REQUEST['post_ID'] ) ? absint( $_REQUEST['post_ID'] ) : 0;
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'detail' : $_REQUEST['mode'];
$comment_status = isset( $_REQUEST['comment_status'] ) ? $_REQUEST['comment_status'] : 'all';
if ( !in_array( $comment_status, array( 'all', 'moderated', 'approved', 'spam', 'trash' ) ) )
$comment_status = 'all';
@ -2508,6 +2521,18 @@ class WP_Comments_Table extends WP_List_Table {
class WP_Links_Table extends WP_List_Table {
function WP_Links_Table() {
parent::WP_List_Table( array(
'screen' => 'link-manager',
'plural' => 'bookmarks',
) );
}
function check_permissions() {
if ( ! current_user_can( 'manage_links' ) )
wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
}
function prepare_items() {
global $cat_id, $s, $orderby, $order;
wp_reset_vars( array( 'action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'orderby', 'order', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]', 's' ) );
@ -2524,11 +2549,6 @@ class WP_Links_Table extends WP_List_Table {
$args['order'] = $order;
$this->items = get_bookmarks( $args );
parent::WP_List_Table( array(
'screen' => 'link-manager',
'plural' => 'bookmarks',
) );
}
function no_items() {
@ -2690,15 +2710,22 @@ class WP_Links_Table extends WP_List_Table {
class WP_Sites_Table extends WP_List_Table {
function WP_Sites_Table() {
parent::WP_List_Table( array(
'screen' => 'ms-sites',
'plural' => 'sites',
) );
}
function check_permissions() {
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __( 'You do not have permission to access this page.' ) );
}
function prepare_items() {
global $s, $mode, $wpdb;
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
parent::WP_List_Table( array(
'callback' => 'site_rows',
'screen' => 'ms-sites',
) );
$pagenum = $this->get_pagenum();
$per_page = (int) get_user_option( 'ms_sites_per_page' );
@ -2978,13 +3005,23 @@ class WP_Sites_Table extends WP_List_Table {
class WP_MS_Users_Table extends WP_List_Table {
function WP_MS_Users_Table() {
global $s, $mode, $wpdb;
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
parent::WP_List_Table( array(
'screen' => 'ms-users',
) );
}
function check_permissions() {
if ( !is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
if ( ! current_user_can( 'manage_network_users' ) )
wp_die( __( 'You do not have permission to access this page.' ) );
}
function prepare_items() {
global $s, $mode, $wpdb;
$mode = ( empty( $_REQUEST['mode'] ) ) ? 'list' : $_REQUEST['mode'];
$pagenum = $this->get_pagenum();
@ -3201,24 +3238,31 @@ class WP_MS_Users_Table extends WP_List_Table {
class WP_Plugins_Table extends WP_List_Table {
function WP_Plugins_Table() {
global $status, $plugins, $totals, $page, $orderby, $order, $s;
parent::WP_List_Table( array(
'screen' => 'plugins',
'plural' => 'plugins',
) );
}
function check_permissions() {
if ( is_multisite() ) {
$menu_perms = get_site_option( 'menu_items', array() );
if ( empty( $menu_perms['plugins'] ) ) {
if ( !is_super_admin() )
wp_die( __( 'Cheatin&#8217; uh?' ) );
}
}
if ( !current_user_can('activate_plugins') )
wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
}
function prepare_items() {
global $status, $plugins, $totals, $page, $orderby, $order, $s;
wp_reset_vars( array( 'orderby', 'order', 's' ) );
$default_status = get_user_option( 'plugins_last_view' );
if ( empty( $default_status ) )
$default_status = 'all';
$status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
$status = 'all';
if ( $status != $default_status && 'search' != $status )
update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
$page = $this->get_pagenum();
$plugins = array(
@ -3538,13 +3582,20 @@ class WP_Plugins_Table extends WP_List_Table {
class WP_Plugin_Install_Table extends WP_List_Table {
function WP_Plugin_Install_Table() {
include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
global $tabs, $tab, $paged, $type, $term;
parent::WP_List_Table( array(
'screen' => 'plugin-install',
) );
}
function check_permissions() {
if ( ! current_user_can('install_plugins') )
wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
}
function prepare_items() {
include( ABSPATH . 'wp-admin/includes/plugin-install.php' );
global $tabs, $tab, $paged, $type, $term;
wp_reset_vars( array( 'tab' ) );
@ -3743,6 +3794,17 @@ class WP_Plugin_Install_Table extends WP_List_Table {
class WP_Themes_Table extends WP_List_Table {
function WP_Themes_Table() {
parent::__construct( array(
'screen' => 'themes',
) );
}
function check_permissions() {
if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
wp_die( __( 'Cheatin&#8217; uh?' ) );
}
function prepare_items() {
global $ct;
$ct = current_theme_info();
@ -3758,10 +3820,6 @@ class WP_Themes_Table extends WP_List_Table {
$this->items = array_slice( $themes, $start, $per_page );
parent::__construct( array(
'screen' => 'themes',
) );
$this->set_pagination_args( array(
'query_var' => 'pagenum',
'total_items' => count( $themes ),
@ -3885,13 +3943,20 @@ foreach ( $cols as $col => $theme_name ) {
class WP_Theme_Install_Table extends WP_List_Table {
function WP_Theme_Install_Table() {
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
parent::WP_List_Table( array(
'screen' => 'theme-install',
) );
}
function check_permissions() {
if ( ! current_user_can('install_themes') )
wp_die( __( 'You do not have sufficient permissions to install themes on this site.' ) );
}
function prepare_items() {
include( ABSPATH . 'wp-admin/includes/theme-install.php' );
global $tabs, $tab, $paged, $type, $term, $theme_field_defaults;
wp_reset_vars( array( 'tab' ) );

View File

@ -93,6 +93,28 @@ class WP_List_Table {
}
}
/**
* Checks the current user's permissions
* @uses wp_die()
*
* @since 3.1.0
* @access public
*/
function check_permissions() {
die( 'function WP_List_Table::check_permissions() must be over-ridden in a sub-class.' );
}
/**
* Prepares the list of items for displaying.
* @uses WP_List_Table::set_pagination_args()
*
* @since 3.1.0
* @access public
*/
function prepare_items() {
die( 'function WP_List_Table::prepare_items() must be over-ridden in a sub-class.' );
}
/**
* An internal method that sets all the necessary pagination arguments
*
@ -568,6 +590,9 @@ class WP_List_Table {
* @access public
*/
function ajax_response() {
$this->check_permissions();
$this->prepare_items();
extract( $this->_args );
extract( $this->_pagination_args );

View File

@ -9,15 +9,17 @@
/** Load WordPress Administration Bootstrap */
require_once ('admin.php');
require_once( './includes/default-list-tables.php' );
$table = new WP_Links_Table;
$table->check_permissions();
// Handle bulk deletes
if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
check_admin_referer( 'bulk-bookmarks' );
$doaction = $_REQUEST['action'] ? $_REQUEST['action'] : $_REQUEST['action2'];
if ( ! current_user_can( 'manage_links' ) )
wp_die( __( 'You do not have sufficient permissions to edit the links for this site.' ) );
if ( 'delete' == $doaction ) {
$bulklinks = (array) $_REQUEST['linkcheck'];
foreach ( $bulklinks as $link_id ) {
@ -33,9 +35,7 @@ if ( isset( $_REQUEST['action'] ) && isset( $_REQUEST['linkcheck'] ) ) {
exit;
}
require_once( './includes/default-list-tables.php' );
$table = new WP_Links_Table;
$table->prepare_items();
$title = __('Links');
$this_file = $parent_file = 'link-manager.php';

View File

@ -12,8 +12,10 @@ require_once( './admin.php' );
if ( ! is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
if ( ! current_user_can( 'manage_sites' ) )
wp_die( __( 'You do not have permission to access this page.' ) );
require_once( '../includes/default-list-tables.php' );
$table = new WP_Sites_Table;
$table->check_permissions();
$title = __( 'Sites' );
$parent_file = 'sites.php';
@ -348,9 +350,7 @@ switch ( $action ) {
// List sites
case 'list':
default:
require_once( '../includes/default-list-tables.php' );
$table = new WP_Sites_Table;
$table->prepare_items();
require_once( '../admin-header.php' );
?>

View File

@ -9,11 +9,11 @@
require_once( './admin.php' );
if ( !is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
require_once( '../includes/default-list-tables.php' );
if ( ! current_user_can( 'manage_network_users' ) )
wp_die( __( 'You do not have permission to access this page.' ) );
$table = new WP_MS_Users_Table;
$table->check_permissions();
$table->prepare_items();
$title = __( 'Users' );
$parent_file = 'users.php';
@ -32,10 +32,6 @@ add_contextual_help($current_screen,
'<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
);
require_once( '../includes/default-list-tables.php' );
$table = new WP_MS_Users_Table;
require_once( '../admin-header.php' );
if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) {

View File

@ -9,12 +9,11 @@
/** WordPress Administration Bootstrap */
require_once('./admin.php');
if ( ! current_user_can('install_plugins') )
wp_die(__('You do not have sufficient permissions to install plugins on this site.'));
require_once( './includes/default-list-tables.php' );
$table = new WP_Plugin_Install_Table;
$table->check_permissions();
$table->prepare_items();
$title = __('Install Plugins');
$parent_file = 'plugins.php';

View File

@ -8,17 +8,11 @@
/** WordPress Administration Bootstrap */
require_once('./admin.php');
if ( is_multisite() ) {
$menu_perms = get_site_option( 'menu_items', array() );
if ( empty( $menu_perms['plugins'] ) ) {
if ( ! is_super_admin() )
wp_die( __( 'Cheatin&#8217; uh?' ) );
}
}
require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
if ( ! current_user_can( 'activate_plugins' ) )
wp_die( __( 'You do not have sufficient permissions to manage plugins for this site.' ) );
$table = new WP_Plugins_Table;
$table->check_permissions();
if ( isset($_POST['clear-recent-list']) )
$action = 'clear-recent-list';
@ -299,9 +293,16 @@ if ( !empty($action) ) {
}
}
require_once( ABSPATH . 'wp-admin/includes/default-list-tables.php' );
$default_status = get_user_option( 'plugins_last_view' );
if ( empty( $default_status ) )
$default_status = 'all';
$status = isset( $_REQUEST['plugin_status'] ) ? $_REQUEST['plugin_status'] : $default_status;
if ( !in_array( $status, array( 'all', 'active', 'inactive', 'recently_activated', 'upgrade', 'network', 'mustuse', 'dropins', 'search' ) ) )
$status = 'all';
if ( $status != $default_status && 'search' != $status )
update_user_meta( get_current_user_id(), 'plugins_last_view', $status );
$table = new WP_Plugins_Table;
$table->prepare_items();
wp_enqueue_script('plugin-install');
add_thickbox();

View File

@ -9,12 +9,11 @@
/** WordPress Administration Bootstrap */
require_once('./admin.php');
if ( ! current_user_can('install_themes') )
wp_die(__('You do not have sufficient permissions to install themes on this site.'));
require_once( './includes/default-list-tables.php' );
$table = new WP_Theme_Install_Table;
$table->check_permissions();
$table->prepare_items();
$title = __('Install Themes');
$parent_file = 'themes.php';

View File

@ -9,8 +9,10 @@
/** WordPress Administration Bootstrap */
require_once('./admin.php');
if ( !current_user_can('switch_themes') && !current_user_can('edit_theme_options') )
wp_die( __( 'Cheatin&#8217; uh?' ) );
require_once( './includes/default-list-tables.php' );
$table = new WP_Themes_Table;
$table->check_permissions();
if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
if ( 'activate' == $_GET['action'] ) {
@ -28,9 +30,7 @@ if ( current_user_can('switch_themes') && isset($_GET['action']) ) {
}
}
require_once( './includes/default-list-tables.php' );
$table = new WP_Themes_Table;
$table->prepare_items();
$title = __('Manage Themes');
$parent_file = 'themes.php';

View File

@ -9,11 +9,30 @@
/** WordPress Administration Bootstrap */
require_once( './admin.php' );
if ( !current_user_can('upload_files') )
wp_die(__('You do not have permission to upload files.'));
require_once( './includes/default-list-tables.php' );
$table = new WP_Media_Table;
$table->check_permissions();
// Handle bulk actions
if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
if ( isset($_REQUEST['find_detached']) ) {
check_admin_referer('bulk-media');
if ( !current_user_can('edit_posts') )
wp_die( __('You are not allowed to scan for lost attachments.') );
$lost = $wpdb->get_col( "
SELECT ID FROM $wpdb->posts
WHERE post_type = 'attachment' AND post_parent > '0'
AND post_parent NOT IN (
SELECT ID FROM $wpdb->posts
WHERE post_type NOT IN ( 'attachment', '" . join( "', '", get_post_types( array( 'public' => false ) ) ) . "' )
)
" );
$_REQUEST['detached'] = 1;
} elseif ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
check_admin_referer( 'bulk-media' );
$parent_id = (int) $_REQUEST['found_post_id'];
@ -111,9 +130,7 @@ if ( isset( $_REQUEST['found_post_id'] ) && isset( $_REQUEST['media'] ) ) {
exit;
}
require_once( './includes/default-list-tables.php' );
$table = new WP_Media_Table;
$table->prepare_items();
$title = __('Media Library');
$parent_file = 'upload.php';

View File

@ -12,8 +12,10 @@ require_once( './admin.php' );
/** WordPress Registration API */
require_once( ABSPATH . WPINC . '/registration.php');
if ( !current_user_can('list_users') )
wp_die(__('Cheatin&#8217; uh?'));
require_once( './includes/default-list-tables.php' );
$table = new WP_Users_Table;
$table->check_permissions();
$title = __('Users');
$parent_file = 'users.php';
@ -306,9 +308,7 @@ default:
exit;
}
require_once( './includes/default-list-tables.php' );
$table = new WP_Users_Table;
$table->prepare_items();
include('./admin-header.php');

View File

@ -2656,6 +2656,9 @@ function wp_nonce_ays( $action ) {
* @param string|array $args Optional arguements to control behaviour.
*/
function wp_die( $message, $title = '', $args = array() ) {
if ( defined( 'DOING_AJAX' ) && DOING_AJAX )
die('-1');
if ( function_exists( 'apply_filters' ) ) {
$function = apply_filters( 'wp_die_handler', '_default_wp_die_handler');
} else {