Use switch_themes instead of edit_themes so that non super admins on multisite installs can customize headers and backgrounds. Add CYA cap checks.
git-svn-id: https://develop.svn.wordpress.org/trunk@13043 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren
parent
718fa1b6e8
commit
d22d07e1f2
|
|
@ -52,6 +52,9 @@ class Custom_Background {
|
|||
* @since unknown
|
||||
*/
|
||||
function init() {
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
return;
|
||||
|
||||
$page = add_theme_page(__('Custom Background'), __('Custom Background'), 'switch_themes', 'custom-background', array(&$this, 'admin_page'));
|
||||
|
||||
add_action("admin_head-$page", array(&$this, 'take_action'), 50);
|
||||
|
|
@ -83,6 +86,9 @@ class Custom_Background {
|
|||
* @since unknown
|
||||
*/
|
||||
function take_action() {
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
return;
|
||||
|
||||
if ( isset($_POST['reset-background']) ) {
|
||||
check_admin_referer('custom-background');
|
||||
remove_theme_mods();
|
||||
|
|
@ -234,6 +240,8 @@ if ( get_background_image() ) :
|
|||
* @since unknown
|
||||
*/
|
||||
function admin_page() {
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
wp_die(__('You do not have permission to customize the background.'));
|
||||
$step = $this->step();
|
||||
if ( 1 == $step )
|
||||
$this->step_1();
|
||||
|
|
|
|||
|
|
@ -52,7 +52,10 @@ class Custom_Image_Header {
|
|||
* @since unknown
|
||||
*/
|
||||
function init() {
|
||||
$page = add_theme_page(__('Custom Header'), __('Custom Header'), 'edit_themes', 'custom-header', array(&$this, 'admin_page'));
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
return;
|
||||
|
||||
$page = add_theme_page(__('Custom Header'), __('Custom Header'), 'switch_themes', 'custom-header', array(&$this, 'admin_page'));
|
||||
|
||||
add_action("admin_print_scripts-$page", array(&$this, 'js_includes'));
|
||||
add_action("admin_print_styles-$page", array(&$this, 'css_includes'));
|
||||
|
|
@ -113,6 +116,9 @@ class Custom_Image_Header {
|
|||
* @since unknown
|
||||
*/
|
||||
function take_action() {
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
return;
|
||||
|
||||
if ( isset( $_POST['textcolor'] ) ) {
|
||||
check_admin_referer('custom-header');
|
||||
if ( 'blank' == $_POST['textcolor'] ) {
|
||||
|
|
@ -483,6 +489,8 @@ if ( $this->admin_image_div_callback ) {
|
|||
* @since unknown
|
||||
*/
|
||||
function admin_page() {
|
||||
if ( ! current_user_can('switch_themes') )
|
||||
wp_die(__('You do not have permission to customize headers.'));
|
||||
$step = $this->step();
|
||||
if ( 1 == $step )
|
||||
$this->step_1();
|
||||
|
|
|
|||
Loading…
Reference in New Issue