In Custom_Background
and Custom_Header
:
* In `->init()`, don't check `current_user_can()` since `add_theme_page()` will return `false` immediately if the cap check fails. * Bail if `add_theme_page()` returns `false` * `wp_check_filetype_and_ext()` doesn't need a 3rd param, it already defaults to `null`. Passing `false` would fail a strict check. See #30799. git-svn-id: https://develop.svn.wordpress.org/trunk@31116 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
38f87e7c56
commit
b3322a9604
@ -125,17 +125,20 @@ class Custom_Background {
|
||||
* @since 3.0.0
|
||||
*/
|
||||
public function init() {
|
||||
if ( ! current_user_can('edit_theme_options') )
|
||||
$page = add_theme_page( __( 'Background' ), __( 'Background' ), 'edit_theme_options', 'custom-background', array( $this, 'admin_page' ) );
|
||||
if ( ! $page ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->page = $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array($this, 'admin_page'));
|
||||
$this->page = $page;
|
||||
|
||||
add_action("load-$page", array($this, 'admin_load'));
|
||||
add_action("load-$page", array($this, 'take_action'), 49);
|
||||
add_action("load-$page", array($this, 'handle_upload'), 49);
|
||||
add_action( "load-$page", array( $this, 'admin_load' ) );
|
||||
add_action( "load-$page", array( $this, 'take_action' ), 49 );
|
||||
add_action( "load-$page", array( $this, 'handle_upload' ), 49 );
|
||||
|
||||
if ( $this->admin_header_callback )
|
||||
add_action("admin_head-$page", $this->admin_header_callback, 51);
|
||||
if ( $this->admin_header_callback ) {
|
||||
add_action( "admin_head-$page", $this->admin_header_callback, 51 );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -427,7 +430,7 @@ if ( current_theme_supports( 'custom-background', 'default-color' ) )
|
||||
$overrides = array('test_form' => false);
|
||||
|
||||
$uploaded_file = $_FILES['import'];
|
||||
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
|
||||
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
|
||||
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
|
||||
wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );
|
||||
|
||||
|
@ -143,19 +143,21 @@ class Custom_Image_Header {
|
||||
* @since 2.1.0
|
||||
*/
|
||||
public function init() {
|
||||
if ( ! current_user_can('edit_theme_options') )
|
||||
$page = add_theme_page( __( 'Header' ), __( 'Header' ), 'edit_theme_options', 'custom-header', array( $this, 'admin_page' ) );
|
||||
if ( ! $page ) {
|
||||
return;
|
||||
}
|
||||
|
||||
$this->page = $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array($this, 'admin_page'));
|
||||
|
||||
add_action("admin_print_scripts-$page", array($this, 'js_includes'));
|
||||
add_action("admin_print_styles-$page", array($this, 'css_includes'));
|
||||
add_action("admin_head-$page", array($this, 'help') );
|
||||
add_action("admin_head-$page", array($this, 'take_action'), 50);
|
||||
add_action("admin_head-$page", array($this, 'js'), 50);
|
||||
if ( $this->admin_header_callback )
|
||||
add_action("admin_head-$page", $this->admin_header_callback, 51);
|
||||
$this->page = $page;
|
||||
|
||||
add_action( "admin_print_scripts-$page", array( $this, 'js_includes' ) );
|
||||
add_action( "admin_print_styles-$page", array( $this, 'css_includes' ) );
|
||||
add_action( "admin_head-$page", array( $this, 'help' ) );
|
||||
add_action( "admin_head-$page", array( $this, 'take_action' ), 50 );
|
||||
add_action( "admin_head-$page", array( $this, 'js' ), 50 );
|
||||
if ( $this->admin_header_callback ) {
|
||||
add_action( "admin_head-$page", $this->admin_header_callback, 51 );
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -862,7 +864,7 @@ wp_nonce_field( 'custom-header-options', '_wpnonce-custom-header-options' ); ?>
|
||||
$overrides = array('test_form' => false);
|
||||
|
||||
$uploaded_file = $_FILES['import'];
|
||||
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'], false );
|
||||
$wp_filetype = wp_check_filetype_and_ext( $uploaded_file['tmp_name'], $uploaded_file['name'] );
|
||||
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) )
|
||||
wp_die( __( 'The uploaded file is not a valid image. Please try again.' ) );
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user