From f283e26138cde636fbe0b86e7ff79365da485fc8 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@git.wordpress.org>
Date: Tue, 16 Oct 2007 16:09:01 +0000
Subject: [PATCH] Add current_user_can() checks to link.php. Props DD32. fixes
 #4627

git-svn-id: https://develop.svn.wordpress.org/trunk@6255 602fd350-edb4-49c9-b593-d223f7449a82
---
 wp-admin/link.php | 27 ++++++++-------------------
 1 file changed, 8 insertions(+), 19 deletions(-)

diff --git a/wp-admin/link.php b/wp-admin/link.php
index 464943a8f0..1d7e4d6a6f 100644
--- a/wp-admin/link.php
+++ b/wp-admin/link.php
@@ -3,6 +3,9 @@ require_once ('admin.php');
 
 wp_reset_vars(array('action', 'cat_id', 'linkurl', 'name', 'image', 'description', 'visible', 'target', 'category', 'link_id', 'submit', 'order_by', 'links_show_cat_id', 'rating', 'rel', 'notes', 'linkcheck[]'));
 
+if ( ! current_user_can('manage_links') )
+	wp_die( __('You do not have sufficient permissions to edit the links for this blog.') );
+
 if ('' != $_POST['deletebookmarks'])
 	$action = 'deletebookmarks';
 if ('' != $_POST['move'])
@@ -13,13 +16,9 @@ if ('' != $_POST['linkcheck'])
 $this_file = 'link-manager.php';
 
 switch ($action) {
-		case 'deletebookmarks' :
+	case 'deletebookmarks' :
 		check_admin_referer('bulk-bookmarks');
 
-		// check the current user's level first.
-		if (!current_user_can('manage_links'))
-			wp_die(__('Cheatin&#8217; uh?'));
-
 		//for each link id (in $linkcheck[]) change category to selected value
 		if (count($linkcheck) == 0) {
 			wp_redirect($this_file);
@@ -41,10 +40,6 @@ switch ($action) {
 	case 'move' :
 		check_admin_referer('bulk-bookmarks');
 
-		// check the current user's level first.
-		if (!current_user_can('manage_links'))
-			wp_die(__('Cheatin&#8217; uh?'));
-
 		//for each link id (in $linkcheck[]) change category to selected value
 		if (count($linkcheck) == 0) {
 			wp_redirect($this_file);
@@ -63,7 +58,7 @@ switch ($action) {
 
 		add_link();
 
-		wp_redirect(wp_get_referer().'?added=true');
+		wp_redirect( wp_get_referer() . '?added=true' );
 		exit;
 		break;
 
@@ -81,9 +76,6 @@ switch ($action) {
 		$link_id = (int) $_GET['link_id'];
 		check_admin_referer('delete-bookmark_' . $link_id);
 
-		if (!current_user_can('manage_links'))
-			wp_die(__('Cheatin&#8217; uh?'));
-
 		wp_delete_link($link_id);
 
 		wp_redirect($this_file);
@@ -97,21 +89,18 @@ switch ($action) {
 		$parent_file = 'link-manager.php';
 		$submenu_file = 'link-manager.php';
 		$title = __('Edit Link');
-		include_once ('admin-header.php');
-		if (!current_user_can('manage_links'))
-			wp_die(__('You do not have sufficient permissions to edit the links for this blog.'));
 
 		$link_id = (int) $_GET['link_id'];
 
 		if (!$link = get_link_to_edit($link_id))
 			wp_die(__('Link not found.'));
 
+		include_once ('admin-header.php');
 		include ('edit-link-form.php');
+		include ('admin-footer.php');
 		break;
 
 	default :
 		break;
 }
-
-include ('admin-footer.php');
-?>
+?>
\ No newline at end of file