Skip to content

Commit 59c5258

Browse files
mahajanleena1995mahajanleena1995
committed
added user capability check
1 parent bd9dc1c commit 59c5258

File tree

1 file changed

+10
-10
lines changed

1 file changed

+10
-10
lines changed

admin/index.php

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -913,7 +913,7 @@ function rich_snippet_dashboard() {
913913
}
914914
// Update options.
915915
if ( isset( $_POST['setting_submit'] ) ) {
916-
if ( ! isset( $_POST['snippet_woocommerce_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_woocommerce_nonce_field'], 'snippet_woocommerce_form_action' )
916+
if ( ! isset( $_POST['snippet_woocommerce_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_woocommerce_nonce_field'], 'snippet_woocommerce_form_action' ) || ! current_user_can( 'manage_options' )
917917
) {
918918
print 'Sorry, your nonce did not verify.';
919919
exit;
@@ -930,7 +930,7 @@ function rich_snippet_dashboard() {
930930
}
931931
}
932932
if ( isset( $_POST['item_submit'] ) ) {
933-
if ( ! isset( $_POST['snippet_review_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_review_nonce_field'], 'snippet_review_form_action' )
933+
if ( ! isset( $_POST['snippet_review_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_review_nonce_field'], 'snippet_review_form_action' || ! current_user_can( 'manage_options' ) )
934934
) {
935935
print 'Sorry, your nonce did not verify.';
936936
exit;
@@ -945,7 +945,7 @@ function rich_snippet_dashboard() {
945945
}
946946
}
947947
if ( isset( $_POST['event_submit'] ) ) {
948-
if ( ! isset( $_POST['snippet_event_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_event_nonce_field'], 'snippet_event_form_action' )
948+
if ( ! isset( $_POST['snippet_event_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_event_nonce_field'], 'snippet_event_form_action' ) || ! current_user_can( 'manage_options' )
949949
) {
950950
print 'Sorry, your nonce did not verify.';
951951
exit;
@@ -960,7 +960,7 @@ function rich_snippet_dashboard() {
960960
}
961961
}
962962
if ( isset( $_POST['person_submit'] ) ) {
963-
if ( ! isset( $_POST['snippet_person_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_person_nonce_field'], 'snippet_person_form_action' )
963+
if ( ! isset( $_POST['snippet_person_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_person_nonce_field'], 'snippet_person_form_action' ) || ! current_user_can( 'manage_options' )
964964
) {
965965
print 'Sorry, your nonce did not verify.';
966966
exit;
@@ -975,7 +975,7 @@ function rich_snippet_dashboard() {
975975
}
976976
}
977977
if ( isset( $_POST['product_submit'] ) ) {
978-
if ( ! isset( $_POST['snippet_product_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_product_nonce_field'], 'snippet_product_form_action' )
978+
if ( ! isset( $_POST['snippet_product_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_product_nonce_field'], 'snippet_product_form_action' ) || ! current_user_can( 'manage_options' )
979979
) {
980980
print 'Sorry, your nonce did not verify.';
981981
exit;
@@ -990,7 +990,7 @@ function rich_snippet_dashboard() {
990990
}
991991
}
992992
if ( isset( $_POST['recipe_submit'] ) ) {
993-
if ( ! isset( $_POST['snippet_recipe_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_recipe_nonce_field'], 'snippet_recipe_form_action' )
993+
if ( ! isset( $_POST['snippet_recipe_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_recipe_nonce_field'], 'snippet_recipe_form_action' ) || ! current_user_can( 'manage_options' )
994994
) {
995995
print 'Sorry, your nonce did not verify.';
996996
exit;
@@ -1005,7 +1005,7 @@ function rich_snippet_dashboard() {
10051005
}
10061006
}
10071007
if ( isset( $_POST['software_submit'] ) ) {
1008-
if ( ! isset( $_POST['snippet_soft_app_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_soft_app_nonce_field'], 'snippet_soft_app_form_action' )
1008+
if ( ! isset( $_POST['snippet_soft_app_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_soft_app_nonce_field'], 'snippet_soft_app_form_action' ) || ! current_user_can( 'manage_options' )
10091009
) {
10101010
print 'Sorry, your nonce did not verify.';
10111011
exit;
@@ -1020,7 +1020,7 @@ function rich_snippet_dashboard() {
10201020
}
10211021
}
10221022
if ( isset( $_POST['video_submit'] ) ) {
1023-
if ( ! isset( $_POST['snippet_video_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_video_nonce_field'], 'snippet_video_form_action' )
1023+
if ( ! isset( $_POST['snippet_video_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_video_nonce_field'], 'snippet_video_form_action' ) || ! current_user_can( 'manage_options' )
10241024
) {
10251025
print 'Sorry, your nonce did not verify.';
10261026
exit;
@@ -1035,7 +1035,7 @@ function rich_snippet_dashboard() {
10351035
}
10361036
}
10371037
if ( isset( $_POST['article_submit'] ) ) {
1038-
if ( ! isset( $_POST['snippet_article_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_article_nonce_field'], 'snippet_article_form_action' )
1038+
if ( ! isset( $_POST['snippet_article_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_article_nonce_field'], 'snippet_article_form_action' ) || ! current_user_can( 'manage_options' )
10391039
) {
10401040
print 'Sorry, your nonce did not verify.';
10411041
exit;
@@ -1050,7 +1050,7 @@ function rich_snippet_dashboard() {
10501050
}
10511051
}
10521052
if ( isset( $_POST['service_submit'] ) ) {
1053-
if ( ! isset( $_POST['snippet_service_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_service_nonce_field'], 'snippet_service_form_action' )
1053+
if ( ! isset( $_POST['snippet_service_nonce_field'] ) || ! wp_verify_nonce( $_POST['snippet_service_nonce_field'], 'snippet_service_form_action' ) || ! current_user_can( 'manage_options' )
10541054
) {
10551055
print 'Sorry, your nonce did not verify.';
10561056
exit;

0 commit comments

Comments
 (0)