[theme-reviewers] Exposing admin urls
esmi at quirm dot net
esmi at quirm.net
Fri May 17 11:08:36 UTC 2013
Just started my first theme review, so this may be the first of many
questions. Sorry... :-)
How do we feel about exposing admin urls when a user is not logged in?
The theme I am reviewing uses admin_url() in the unpopulated sidebar and
footer to direct the site admin to Appearance -> Widgets. But this link
is also visible to non-logged-in users. I appreciate that the WP admin
url is hardly a secret but, if was me, I'd only display the link within
a conditional to check that the user is logged in & had the appropriate
privileges.
Is this worth noting? Perhaps as a recommended fix in a future version?
Or am I being just too darn picky?
Mel
--
http://quirm.net
http://blackwidows.co.uk
More information about the theme-reviewers
mailing list