[wp-trac] [WordPress Trac] #59000: Add a check for wp_get_current_user to current_user_can
WordPress Trac
noreply at wordpress.org
Tue Aug 8 10:11:29 UTC 2023
#59000: Add a check for wp_get_current_user to current_user_can
-----------------------------------+------------------------------
Reporter: scruffian | Owner: (none)
Type: defect (bug) | Status: new
Priority: normal | Milestone: Awaiting Review
Component: Users | Version:
Severity: normal | Resolution:
Keywords: has-patch 2nd-opinion | Focuses:
-----------------------------------+------------------------------
Changes (by johnbillion):
* keywords: has-patch => has-patch 2nd-opinion
Comment:
I'd be very wary of changing this. If user capability checks are being
performed before pluggable functions are defined then they are unreliable.
Changing the function to return false if `wp_get_current_user()` isn't
defined just papers over the incorrect usage.
What's the reason the capability checks are being called before pluggable
functions are defined?
--
Ticket URL: <https://core.trac.wordpress.org/ticket/59000#comment:3>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list