[theme-reviewers] Exposing admin urls

Chip Bennett chip at chipbennett.net
Fri May 17 12:39:02 UTC 2013


Is this an opportunity for clarification/elaboration in the Theme Security
section of the Guidelines?


On Fri, May 17, 2013 at 8:26 AM, Edward Caissie <edward.caissie at gmail.com>wrote:

> A recommendation for the next release would likely suffice ... it may have
> just been an over-sight on the Theme-Authors part to not wrap the link in a
> conditional.
>
> Edward Caissie
> aka Cais.
>
>
> On Fri, May 17, 2013 at 7:46 AM, esmi at quirm dot net <esmi at quirm.net>wrote:
>
>> on 17/05/2013 12:15 Srikanth Koneru said the following:
>>
>>    was asked to wrap current_user_can('edit_theme_**options') around an
>>> admin
>>> url once, so you are not being picky :)
>>> You can ask the theme author to display that message only for admin of
>>> the
>>> blog.
>>>
>>
>> Thanks. I'll make this a recommended step for a future update unless
>> anyone else feels it's a show stopper.
>>
>>
>> Mel
>> --
>> http://quirm.net
>> http://blackwidows.co.uk
>> ______________________________**_________________
>> theme-reviewers mailing list
>> theme-reviewers at lists.**wordpress.org<theme-reviewers at lists.wordpress.org>
>> http://lists.wordpress.org/**mailman/listinfo/theme-**reviewers<http://lists.wordpress.org/mailman/listinfo/theme-reviewers>
>>
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20130517/99e235df/attachment.html>


More information about the theme-reviewers mailing list