Add some CYA cap checks.

git-svn-id: http://svn.automattic.com/wordpress/trunk@11763 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2009-08-01 21:58:59 +00:00
parent a8890b9160
commit 9bb224cf1e
3 changed files with 9 additions and 0 deletions
--- a/wp-admin/edit-pages.php
+++ b/wp-admin/edit-pages.php
@@ -9,6 +9,9 @@
 /** WordPress Administration Bootstrap */
 require_once('admin.php');

+if ( !current_user_can('edit_pages') )
+	wp_die(__('Cheatin&#8217; uh?'));
+
 // Handle bulk actions
 if ( isset($_GET['doaction']) || isset($_GET['doaction2']) || isset($_GET['delete_all']) || isset($_GET['delete_all2']) ) {
 	check_admin_referer('bulk-pages');