[wp-trac] [WordPress Trac] #14530: Cheating huh?
WordPress Trac
noreply at wordpress.org
Fri Jun 27 15:51:56 UTC 2014
#14530: Cheating huh?
-----------------------------+------------------------------
Reporter: shidouhikari | Owner:
Type: defect (bug) | Status: reopened
Priority: normal | Milestone: Awaiting Review
Component: Role/Capability | Version:
Severity: normal | Resolution:
Keywords: has-patch | Focuses:
-----------------------------+------------------------------
Comment (by kraftbj):
I'm going to mostly flip-flop on this ticket.
I'm okay wontfix'ing it. The error is really difficult to throw except in
two situations:
1. Edit Tags/Categories
2. Customizer
In instance 1, it should be throwing "You do not have sufficient
permissions to access this page" (
https://core.trac.wordpress.org/browser/trunk/src/wp-
admin/includes/menu.php#L317 ), except $pagenow includes the query string
(e.g. edit-tags.php?taxonomoy=category) while the $*_nopriv includes only
edit-tags.php. (ref: https://core.trac.wordpress.org/browser/trunk/src/wp-
admin/includes/plugin.php#L1637 ).
That is the root issue that should be addresses, IMO.
Instance 2: The Customizer doesn't use the admin menu, so it skips the
check that is "misfiring" from instance 1. Changing the error text for the
Customizer would be nice.
Attaching a patch to only change for the Customizer.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/14530#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list