Skip to:
Content

bbPress.org

Ticket #2389: 1[1]

File 1[1], 2.8 KB (added by alex-ye, 8 years ago)

Hotfix

Line 
1Index: includes/admin/forums.php
2--- includes/admin/forums.php Base (BASE)
3+++ includes/admin/forums.php Locally Modified (Based On LOCAL)
4@@ -40,6 +40,7 @@
5         */
6        public function __construct() {
7                $this->setup_globals();
8+                $this->check_admin_cap();
9                $this->setup_actions();
10        }
11 
12@@ -94,6 +95,22 @@
13        }
14 
15        /**
16+        * Check if the current user have the capability to view the forums admin.
17+        *
18+        * @since bbPress (rX)
19+        */
20+        public function check_admin_cap() {
21+                global $pagenow;
22+
23+                if ( 'post.php' === $pagenow && ! empty( $_GET['post'] ) ) {
24+
25+                        if ( bbp_is_forum( (int) $_GET['post'] ) && ! current_user_can( 'bbp_forums_admin' ) )
26+                            wp_die( __( 'You are not allowed to view the forums admin.', 'bbpress' ) );
27+
28+                }
29+        }
30+
31+       /**
32         * Admin globals
33         *
34         * @since bbPress (r2646)
35
36Index: includes/admin/replies.php
37--- includes/admin/replies.php Base (BASE)
38+++ includes/admin/replies.php Locally Modified (Based On LOCAL)
39@@ -40,6 +40,7 @@
40         */
41        public function __construct() {
42                $this->setup_globals();
43+                $this->check_admin_cap();
44                $this->setup_actions();
45        }
46 
47@@ -105,6 +106,22 @@
48        }
49 
50        /**
51+        * Check if the current user have the capability to view the replies admin.
52+        *
53+        * @since bbPress (rX)
54+        */
55+        public function check_admin_cap() {
56+                global $pagenow;
57+
58+                if ( 'post.php' === $pagenow && ! empty( $_GET['post'] ) ) {
59+
60+                        if ( bbp_is_reply( (int) $_GET['post'] ) && ! current_user_can( 'bbp_replies_admin' ) )
61+                            wp_die( __( 'You are not allowed to view the replies admin.', 'bbpress' ) );
62+
63+                }
64+        }
65+
66+       /**
67         * Admin globals
68         *
69         * @since bbPress (r2646)
70
71Index: includes/admin/topics.php
72--- includes/admin/topics.php Base (BASE)
73+++ includes/admin/topics.php Locally Modified (Based On LOCAL)
74@@ -40,6 +40,7 @@
75         */
76        public function __construct() {
77                $this->setup_globals();
78+                $this->check_admin_cap();
79                $this->setup_actions();
80        }
81 
82@@ -105,6 +106,22 @@
83        }
84 
85        /**
86+        * Check if the current user have the capability to view the topics admin.
87+        *
88+        * @since bbPress (rX)
89+        */
90+        public function check_admin_cap() {
91+                global $pagenow;
92+
93+                if ( 'post.php' === $pagenow && ! empty( $_GET['post'] ) ) {
94+
95+                        if ( bbp_is_topic( (int) $_GET['post'] ) && ! current_user_can( 'bbp_topics_admin' ) )
96+                            wp_die( __( 'You are not allowed to view the topics admin.', 'bbpress' ) );
97+
98+                }
99+        }
100+
101+       /**
102         * Admin globals
103         *
104         * @since bbPress (r2646)
105