[wp-trac] Re: [WordPress Trac] #5265: current_user_can() can run before wp_get_current_user() is defined

WordPress Trac wp-trac at lists.automattic.com
Mon Dec 10 03:34:28 GMT 2007 

#5265: current_user_can() can run before wp_get_current_user() is defined
----------------------------+-----------------------------------------------
 Reporter:  Viper007Bond    |        Owner:  anonymous
     Type:  defect          |       Status:  reopened 
 Priority:  normal          |    Milestone:  2.4      
Component:  Administration  |      Version:  2.3.1    
 Severity:  normal          |   Resolution:           
 Keywords:                  |  
----------------------------+-----------------------------------------------
Comment (by DD32):

 Replying to [comment:8 Viper007Bond]:
 > * Load `pluggable.php` before any user script is able to run so that
 `current_user_can()` won't throw a PHP error[[BR]]

 Well that option is useless, It needs to be loaded after plugins to allow
 plugins to override them.

 > * Put a `function_exists()` check inside of `current_user_can()` so that
 it can't run until everything it needs to operate is loaded[[BR]]
 That could work, If function doesnt exist, then user cannot perform
 operation, Which would backfire on anything requesting the action anyway,
 the function doesnt know yet if a user can or cant perform the action,
 returning null instead might be an option, But will still be interprated
 as a negitive response to most code.

 > * Move `capabilities.php` to after plugins are loaded (seems like a bad
 idea)

 That could work, But what about functions in the other set of files loaded
 before the plugins? What if they require a function in
 {{{capabilities.php}}}?, or a function in {{{pluggable.php}}}, Should we
 move those after plugins are loaded too?

 At least some of the files need to be loaded before plugins
 (database/get_option/sanitize_option/etc), All which require another
 function, which requires another.. Eitherway, You'll find another function
 which will need a function which is undefined at that stage.

 Thats why plugin_loaded/init hooks are provided, To allow for code to be
 run once WP has loaded all its files, and is ready to work as intended,
 Until that time comes, Any code in any file(be it WP's or a Plugins) cant
 expect all functions to behave as intended.

 > I hate to get in an open/close war

 And for that reason, I'll not touch the status of it

-- 
Ticket URL: <http://trac.wordpress.org/ticket/5265#comment:9>
WordPress Trac <http://trac.wordpress.org/>
WordPress blogging software

More information about the wp-trac mailing list