From 1383c80f8c39f909c8f6ae5d5a1090d593de5a8f Mon Sep 17 00:00:00 2001
From: champsupertramp <heychampsupertramp@gmail.com>
Date: Mon, 27 Jun 2016 16:57:02 +0800
Subject: [PATCH] Fix admin navigation

---
 core/um-actions-core.php | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/core/um-actions-core.php b/core/um-actions-core.php
index 9da04aaa..f9c4d42c 100644
--- a/core/um-actions-core.php
+++ b/core/um-actions-core.php
@@ -8,13 +8,18 @@
 		global $ultimatemember;
 		
 		if ( is_admin() ) return false;
-		if ( !isset( $_REQUEST['um_action'] ) ) return false;
+		if ( ! is_user_logged_in() ) return false;
+		if ( ! isset( $_REQUEST['um_action'] ) ) return false;
 		if ( isset( $_REQUEST['uid'] ) && !$ultimatemember->user->user_exists_by_id( $_REQUEST['uid'] ) ) return false;
 		
 		if ( isset( $_REQUEST['uid'] ) ) {
 			if ( is_super_admin( $_REQUEST['uid'] ) )
 				wp_die('Super administrators can not be modified.');
 		}
+
+		if ( isset( $_REQUEST['um_action'] ) && ! current_user_can( 'edit_users' ) ){
+						wp_die( __( 'You do not have enough permissions to do that.','ultimatemember') );
+		}
 		
 		if ( isset($_REQUEST['uid'])){
 			$uid = $_REQUEST['uid'];