has_cap example

<?php                 }

                ?> </body></html> <?php
                exit;
            }

            // Check if it is time to add a redirect to the admin email confirmation screen.             if ( is_a( $user, 'WP_User' ) && $user->exists() && $user->has_cap( 'manage_options' ) ) {
                $admin_email_lifespan = (int) get_option( 'admin_email_lifespan' );

                /* * If `0` (or anything "falsey" as it is cast to int) is returned, the user will not be redirected * to the admin email confirmation screen. */
                /** This filter is documented in wp-login.php */
                $admin_email_check_interval = (int) apply_filters( 'admin_email_check_interval', 6 * MONTH_IN_SECONDS );

                if ( $admin_email_check_interval > 0 && time() > $admin_email_lifespan ) {
                    $redirect_to = add_query_arg(
                        


        $potential_role = isset( $wp_roles->role_objects[ $new_role ] ) ? $wp_roles->role_objects[ $new_role ] : false;

        /* * Don't let anyone with 'promote_users' edit their own role to something without it. * Multisite super admins can freely edit their roles, they possess all caps. */
        if (
            ( is_multisite() && current_user_can( 'manage_network_users' ) ) ||
            get_current_user_id() !== $user_id ||
            ( $potential_role && $potential_role->has_cap( 'promote_users' ) )
        ) {
            $user->role = $new_role;
        }
    }

    if ( isset( $_POST['email'] ) ) {
        $user->user_email = sanitize_text_field( wp_unslash( $_POST['email'] ) );
    }
    if ( isset( $_POST['url'] ) ) {
        if ( empty( $_POST['url'] ) || 'http://' === $_POST['url'] ) {
            $user->user_url = '';
        }


            $potential_role = $wp_roles->role_objects[ $role ];

            /* * Don't let anyone with 'edit_users' (admins) edit their own role to something without it. * Multisite super admins can freely edit their blog roles -- they possess all caps. */
            if ( ! ( is_multisite()
                && current_user_can( 'manage_sites' ) )
                && get_current_user_id() === $user_id
                && ! $potential_role->has_cap( 'edit_users' )
            ) {
                return new WP_Error(
                    'rest_user_invalid_role',
                    __( 'Sorry, you are not allowed to give users that role.' ),
                    array( 'status' => rest_authorization_required_code() )
                );
            }

            // Include user admin functions to get access to get_editable_roles().             require_once ABSPATH . 'wp-admin/includes/user.php';

            

function upgrade_440() {
    global $wp_current_db_version$wpdb;

    if ( $wp_current_db_version < 34030 ) {
        $wpdb->query( "ALTER TABLE {$wpdb->options} MODIFY option_name VARCHAR(191)" );
    }

    // Remove the unused 'add_users' role.     $roles = wp_roles();
    foreach ( $roles->role_objects as $role ) {
        if ( $role->has_cap( 'add_users' ) ) {
            $role->remove_cap( 'add_users' );
        }
    }
}

/** * Executes changes made in WordPress 4.5.0. * * @ignore * @since 4.5.0 * * @global int $wp_current_db_version The old (current) database version. * @global wpdb $wpdb WordPress database abstraction object. */
                $ddate           = preg_replace( '!\s*\(.+\)\s*$!', '', $ddate );
                $ddate_timestamp = strtotime( $ddate );
                $post_date       = gmdate( 'Y-m-d H:i:s', $ddate_timestamp + $time_difference );
                $post_date_gmt   = gmdate( 'Y-m-d H:i:s', $ddate_timestamp );
            }
        }
    }

    // Set $post_status based on $author_found and on author's publish_posts capability.     if ( $author_found ) {
        $user        = new WP_User( $post_author );
        $post_status = ( $user->has_cap( 'publish_posts' ) ) ? 'publish' : 'pending';
    } else {
        // Author not found in DB, set status to pending. Author already set to admin.         $post_status = 'pending';
    }

    $subject = trim( $subject );

    if ( 'multipart/alternative' === $content_type ) {
        $content = explode( '--' . $boundary$content );
        $content = $content[2];

        

    public function determine_charset( $charset$collate ) {
        if ( ( $this->use_mysqli && ! ( $this->dbh instanceof mysqli ) ) || empty( $this->dbh ) ) {
            return compact( 'charset', 'collate' );
        }

        if ( 'utf8' === $charset && $this->has_cap( 'utf8mb4' ) ) {
            $charset = 'utf8mb4';
        }

        if ( 'utf8mb4' === $charset && ! $this->has_cap( 'utf8mb4' ) ) {
            $charset = 'utf8';
            $collate = str_replace( 'utf8mb4_', 'utf8_', $collate );
        }

        if ( 'utf8mb4' === $charset ) {
            // _general_ is outdated, so we can upgrade it to _unicode_, instead.             if ( ! $collate || 'utf8_general_ci' === $collate ) {
                
$user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
        $update   = 'promote';

        foreach ( $user_ids as $id ) {
            if ( ! current_user_can( 'promote_user', $id ) ) {
                wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 );
            }

            // The new role of the current user must also have the promote_users cap or be a multisite super admin.             if ( $id === $current_user->ID
                && ! $wp_roles->role_objects[ $role ]->has_cap( 'promote_users' )
                && ! ( is_multisite() && current_user_can( 'manage_network_users' ) )
            ) {
                    $update = 'err_admin_role';
                    continue;
            }

            // If the user doesn't already belong to the blog, bail.             if ( is_multisite() && ! is_user_member_of_blog( $id ) ) {
                wp_die(
                    '<h1>' . __( 'Something went wrong.' ) . '</h1>' .
                    '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>',
                    
$constant = $match[1];
            $padding  = $match[2];

            switch ( $constant ) {
                case 'DB_NAME':
                case 'DB_USER':
                case 'DB_PASSWORD':
                case 'DB_HOST':
                    $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'" . addcslashes( constant( $constant ), "\\'" ) . "' );\r\n";
                    break;
                case 'DB_CHARSET':
                    if ( 'utf8mb4' === $wpdb->charset || ( ! $wpdb->charset && $wpdb->has_cap( 'utf8mb4' ) ) ) {
                        $config_file[ $line_num ] = "define( '" . $constant . "'," . $padding . "'utf8mb4' );\r\n";
                    }
                    break;
                case 'AUTH_KEY':
                case 'SECURE_AUTH_KEY':
                case 'LOGGED_IN_KEY':
                case 'NONCE_KEY':
                case 'AUTH_SALT':
                case 'SECURE_AUTH_SALT':
                case 'LOGGED_IN_SALT':
                case 'NONCE_SALT':
                    
if ( ! empty( $commentdata['user_id'] ) ) {
        $user        = get_userdata( $commentdata['user_id'] );
        $post_author = $wpdb->get_var(
            $wpdb->prepare(
                "SELECT post_author FROM $wpdb->posts WHERE ID = %d LIMIT 1",
                $commentdata['comment_post_ID']
            )
        );
    }

    if ( isset( $user ) && ( $commentdata['user_id'] == $post_author || $user->has_cap( 'moderate_comments' ) ) ) {
        // The author and the admins get respect.         $approved = 1;
    } else {
        // Everyone else's comments will be checked.         if ( check_comment(
            $commentdata['comment_author'],
            $commentdata['comment_author_email'],
            $commentdata['comment_author_url'],
            $commentdata['comment_content'],
            $commentdata['comment_author_IP'],
            $commentdata['comment_agent'],
            
$post = get_post( $post );
    if ( ! $post ) {
        return false;
    }

    $author = get_userdata( $post->post_author );

    if ( ! $author ) {
        return false;
    }

    return $author->has_cap( $capability, ...$args );
}

/** * Returns whether a particular user has the specified capability. * * This function also accepts an ID of an object to check against if the capability is a meta capability. Meta * capabilities such as `edit_post` and `edit_user` are capabilities used by the `map_meta_cap()` function to * map to primitive capabilities that a user or role has, such as `edit_posts` and `edit_others_posts`. * * Example usage: * * user_can( $user->ID, 'edit_posts' ); * user_can( $user->ID, 'edit_post', $post->ID ); * user_can( $user->ID, 'edit_post_meta', $post->ID, $meta_key ); * * @since 3.1.0 * @since 5.3.0 Formalized the existing and already documented `...$args` parameter * by adding it to the function signature. * * @param int|WP_User $user User ID or object. * @param string $capability Capability name. * @param mixed ...$args Optional further parameters, typically starting with an object ID. * @return bool Whether the user has the given capability. */

function get_editable_user_ids( $user_id$exclude_zeros = true, $post_type = 'post' ) {
    _deprecated_function( __FUNCTION__, '3.1.0', 'get_users()' );

    global $wpdb;

    if ( ! $user = get_userdata( $user_id ) )
        return array();
    $post_type_obj = get_post_type_object($post_type);

    if ( ! $user->has_cap($post_type_obj->cap->edit_others_posts) ) {
        if ( $user->has_cap($post_type_obj->cap->edit_posts) || ! $exclude_zeros )
            return array($user->ID);
        else
            return array();
    }

    if ( !is_multisite() )
        $level_key = $wpdb->get_blog_prefix() . 'user_level';
    else
        $level_key = $wpdb->get_blog_prefix() . 'capabilities'; // WPMU site admins don't have user_levels.
    
Home | Imprint | This part of the site doesn't use cookies.