Skip to:
Content

BuddyPress.org


Ignore:
Timestamp:
11/12/2013 03:14:04 PM (11 years ago)
Author:
boonebgorges
Message:

Don't do capabilities checks in bp_core_process_spammer_status()

These inline checks prevent the function from being used programmatically, such
as during a cron job. Instead, we move the cap checks up to the controller
"action" functions.

Fixes #5233

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/bp-settings/bp-settings-actions.php

    r7228 r7562  
    279279    }
    280280
     281    // Only super admins can currently spam users (but they can't spam
     282    // themselves)
     283    if ( ! is_super_admin() || bp_is_my_profile() ) {
     284        return;
     285    }
     286
    281287    // Nonce check
    282288    check_admin_referer( 'capabilities' );
Note: See TracChangeset for help on using the changeset viewer.