[wp-trac] [WordPress Trac] #23377: map_meta_cap() throws error from has_cap() from current_user_can()
WordPress Trac
noreply at wordpress.org
Mon Feb 4 02:49:22 UTC 2013
#23377: map_meta_cap() throws error from has_cap() from current_user_can()
------------------------------------+-----------------------------
Reporter: wpsmith | Type: defect (bug)
Status: new | Priority: normal
Milestone: Awaiting Review | Component: Role/Capability
Version: | Severity: normal
Keywords: has-patch dev-feedback |
------------------------------------+-----------------------------
Based on the
[http://codex.wordpress.org/Function_Reference/current_user_can current
documentation], current_user_can() only requires one argument, a
capability. However, if I call it from the `save_post` hook with WP_DEBUG
turned on, I will receive the following errors:
{{{
Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-
includes/capabilities.php on line 1067
Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-
includes/capabilities.php on line 1067
Notice: Undefined offset: 0 in /var/www/XXXX/htdocs/wp-
includes/capabilities.php on line 1067
Warning: Cannot modify header information - headers already sent by
(output started at /var/www/XXXX/htdocs/wp-includes/capabilities.php:1067)
in /var/www/XXXX/htdocs/wp-includes/pluggable.php on line 876
}}}
As a result, the admin save post will die.
Basic Sample Code:
{{{
if ( ( 'page' == $post->post_type && ! current_user_can( 'edit_page' ) )
|| ! current_user_can( 'edit_post' ) )
return;
}}}
As a result, in my opinion `map_meta_cap()` should ensure that `$args[0]`
exists.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/23377>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list