[wp-hackers] Alternative to get_currentuserinfo
sam at rephrase.net
Sun Aug 27 03:40:42 GMT 2006
On 8/27/06, Mike Purvis <mike at uwmike.com> wrote:
> I've been getting some bug reports about WP-Cats which trace back to
> the get_currentuserinfo call. Given that this is kind of a volatile
> override-able function, maybe it's not the best mechanism for locking
> out non-admins/editors from plugin functionality.
Based on my quick glance at wp-cats-0.12...
Isn't the appropriate thing there `current_user_can('edit_post', $post_id)` ?
Also, the way you're doing it now (reading
`$userdata->wp_capabilities`) only works if the table prefix is 'wp_'.
More information about the wp-hackers