[wp-trac] [WordPress Trac] #14530: Cheating huh?

WordPress Trac noreply at wordpress.org
Fri Jun 27 15:51:56 UTC 2014

#14530: Cheating huh?
 Reporter:  shidouhikari     |       Owner:
     Type:  defect (bug)     |      Status:  reopened
 Priority:  normal           |   Milestone:  Awaiting Review
Component:  Role/Capability  |     Version:
 Severity:  normal           |  Resolution:
 Keywords:  has-patch        |     Focuses:

Comment (by kraftbj):

 I'm going to mostly flip-flop on this ticket.

 I'm okay wontfix'ing it. The error is really difficult to throw except in
 two situations:
 1. Edit Tags/Categories
 2. Customizer

 In instance 1, it should be throwing "You do not have sufficient
 permissions to access this page" (
 admin/includes/menu.php#L317 ), except $pagenow includes the query string
 (e.g. edit-tags.php?taxonomoy=category) while the $*_nopriv includes only
 edit-tags.php. (ref: https://core.trac.wordpress.org/browser/trunk/src/wp-
 admin/includes/plugin.php#L1637 ).

 That is the root issue that should be addresses, IMO.

 Instance 2: The Customizer doesn't use the admin menu, so it skips the
 check that is "misfiring" from instance 1. Changing the error text for the
 Customizer would be nice.

 Attaching a patch to only change for the Customizer.

Ticket URL: <https://core.trac.wordpress.org/ticket/14530#comment:18>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list