Skip to:
Content

bbPress.org


Ignore:
Timestamp:
03/06/2015 04:16:31 PM (11 years ago)
Author:
johnjamesjacoby
Message:

Add capability checks to admin-area ajax methods. Props jdgrimes. (trunk)

File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/src/includes/admin/converter.php

    r5571 r5627  
    303303     */
    304304    public function process_callback() {
     305
     306        // Bail if user cannot view import page
     307        if ( ! current_user_can( 'bbp_tools_import_page' ) ) {
     308            wp_die( '0' );
     309        }
    305310
    306311        // Verify intent
Note: See TracChangeset for help on using the changeset viewer.