[wp-trac] Re: [WordPress Trac] #5487: query.php mistakenly uses
is_admin() to check for admin privileges
WordPress Trac
wp-trac at lists.automattic.com
Wed Dec 19 17:07:45 GMT 2007
#5487: query.php mistakenly uses is_admin() to check for admin privileges
---------------------------------------------------+------------------------
Reporter: pishmishy | Owner: pishmishy
Type: defect | Status: assigned
Priority: high | Milestone: 2.4
Component: Security | Version: 2.3.1
Severity: major | Resolution:
Keywords: query is_admin has-patch dev-feedback |
---------------------------------------------------+------------------------
Comment (by ryan):
We do a current_user_can() check in the block of code already. is_admin()
is used to see what context the user is in. Is the user in the admin? I
think we need to retain is_admin() and have it check a constant set in
admin.php to determine admin context.
--
Ticket URL: <http://trac.wordpress.org/ticket/5487#comment:5>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list