Last active
August 29, 2015 14:13
-
-
Save Pross/769de6e9219705041c67 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Plugin Name: PageLines Security Patcher | |
| Description: Blocks the recent exploits for legacy themes in the event you cant update the themes. | |
| Version: 1.0 | |
| Author: PageLines | |
| */ | |
| class Fix_Pagelines_Legacy { | |
| function __construct() { | |
| add_action( 'after_setup_theme', array( $this, 'sanitize' ) ); | |
| } | |
| function sanitize() { | |
| if( ! current_user_can( 'edit_themes' ) ) { | |
| remove_all_actions( 'wp_ajax_pagelines_ajax_save_option' ); | |
| remove_action( 'admin_init', 'pagelines_register_settings', 5 ); | |
| } | |
| } | |
| } | |
| new Fix_Pagelines_Legacy; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This code breaks Pagelines for multisite where a normal administrator does not have the 'edit_themes' capability. Instead the capability should instead be 'edit_theme_options' which administrators possess on both single and multisite instances.