[wp-trac] [WordPress Trac] #23861: Using current_user_can() inside a plugin causes a fatal error

WordPress Trac noreply at wordpress.org
Mon Mar 25 14:29:41 UTC 2013


#23861: Using current_user_can() inside a plugin causes a fatal error
--------------------------+----------------------
 Reporter:  PhilippH      |       Owner:
     Type:  defect (bug)  |      Status:  closed
 Priority:  normal        |   Milestone:
Component:  Plugins       |     Version:  3.5.1
 Severity:  blocker       |  Resolution:  invalid
 Keywords:                |
--------------------------+----------------------
Changes (by johnbillion):

 * status:  new => closed
 * resolution:   => invalid
 * milestone:  Awaiting Review =>


Old description:

> I experienced that using the function current_user_can() causes an fatal
> error:
> '''Fatal error: Call to undefined function wp_get_current_user() in
> /var/www/wp-includes/capabilities.php on line 1281'''
>
> For reproducing the error:
> - Download wordpress 3.5.1 and install it.
> - Install LeagueManager plugin
> (http://wordpress.org/extend/plugins/leaguemanager/)
> - Activate it
> or
> - add following line at the end of wp-content/plugins/hello.php:
> -- echo current_user_can("switch_themes"); // any capability causes the
> error
>
> My environment:
> - Debian wheezy
> - apache2 & php5 & mysql from official package mirror
>
> I also noticed that this error is caused by using user_can() inside a
> plugin. (with an other error message indeed)
> After adding include("pluggable.php") to capabilities.php, the problem
> seems to be resolved!

New description:

 I experienced that using the function current_user_can() causes an fatal
 error:
 '''Fatal error: Call to undefined function wp_get_current_user() in
 /var/www/wp-includes/capabilities.php on line 1281'''

 For reproducing the error:
 - Download wordpress 3.5.1 and install it.
 - Install LeagueManager plugin
 (http://wordpress.org/extend/plugins/leaguemanager/)
 - Activate it
 or
 - add following line at the end of wp-content/plugins/hello.php:
 {{{
 echo current_user_can("switch_themes");
 // any capability causes the error
 }}}

 My environment:
 - Debian wheezy
 - apache2 & php5 & mysql from official package mirror

 I also noticed that this error is caused by using user_can() inside a
 plugin. (with an other error message indeed)
 After adding include("pluggable.php") to capabilities.php, the problem
 seems to be resolved!

--

Comment:

 The `current_user_can()` function, along with all the others in
 `pluggable.php`, are pluggable (hence the file name). This means they are
 explicitly defined after plugins are loaded so that plugins may override
 them (for example to implement a different authentication mechanism).

 This means you cannot use any of the functions in `pluggable.php` directly
 in a plugin file (which you shouldn't do anyway). You must use them inside
 functions which are called on hooks.

 For example:

 {{{
 function my_special_function() {
   if ( current_user_can( 'do_whatever' ) )
   // do your thing
 }
 add_action( 'plugins_loaded', 'my_special_function' );
 }}}

-- 
Ticket URL: <http://core.trac.wordpress.org/ticket/23861#comment:2>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software


More information about the wp-trac mailing list