10h30/ultimatemember
1
0
Fork 0
mirror of https://github.com/10h30/ultimatemember.git synced 2026-06-05 15:09:37 +09:00
Code Issues Packages Projects Releases Wiki Activity

- fixed role security

Browse Source
This commit is contained in:
Denis Baranov
2017-12-25 09:31:42 +02:00
parent 47bb4fea61
commit ec7cac82b6
1 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
includes/core/class-user.php
+17 -1
View File
@@ -1122,9 +1122,25 @@ if ( ! class_exists( 'User' ) ) {
}
}
// update user
if ( count( $args ) > 1 ) {
global $wp_roles;
$um_roles = get_option( 'um_roles' );
if ( ! empty( $um_roles ) ) {
$role_keys = array_map( function( $item ) {
return 'um_' . $item;
}, get_option( 'um_roles' ) );
} else {
$role_keys = array();
}
$exclude_roles = array_diff( array_keys( $wp_roles->roles ), array_merge( $role_keys, array( 'subscriber' ) ) );
if ( in_array( $args['role'], $exclude_roles ) ) {
unset($args['role']);
}
wp_update_user( $args );
}