[wp-hackers] Alternative to get_currentuserinfo

Sam Angove sam at rephrase.net
Sun Aug 27 03:40:42 GMT 2006


On 8/27/06, Mike Purvis <mike at uwmike.com> wrote:
>
> I've been getting some bug reports about WP-Cats which trace back to
> the get_currentuserinfo call. Given that this is kind of a volatile
> override-able function, maybe it's not the best mechanism for locking
> out non-admins/editors from plugin functionality.

Based on my quick glance at wp-cats-0.12...

Isn't the appropriate thing there `current_user_can('edit_post', $post_id)` ?

Also, the way you're doing it now (reading
`$userdata->wp_capabilities`) only works if the table prefix is 'wp_'.


More information about the wp-hackers mailing list