Commit dad0f768 authored by Eric Windham's avatar Eric Windham

added auth check to Preview update and updated error message for some auth checks

parent a01ec443
Pipeline #3628 passed with stages
in 1 minute and 11 seconds
......@@ -11,7 +11,7 @@ class NF_AJAX_Controllers_DeleteAllData extends NF_Abstracts_Controller
{
// Does the current user have admin privileges
if (!current_user_can('manage_options')) {
$this->_data['errors'] = __('Access denied. You must have admin privileges to view this data.', 'ninja-forms');
$this->_data['errors'] = __('Access denied. You must have admin privileges to perform this action.', 'ninja-forms');
$this->_respond();
}
......
......@@ -19,7 +19,7 @@ class NF_AJAX_Controllers_Fields extends NF_Abstracts_Controller
// Does the current user have admin privileges
if (!current_user_can('manage_options')) {
$this->_data['errors'] = __('Access denied. You must have admin privileges to view this data.', 'ninja-forms');
$this->_data['errors'] = __('Access denied. You must have admin privileges to perform this action.', 'ninja-forms');
$this->_respond();
}
......
......@@ -13,6 +13,12 @@ class NF_AJAX_Controllers_Preview extends NF_Abstracts_Controller
public function update()
{
// Does the current user have admin privileges
if (!current_user_can('manage_options')) {
$this->_data['errors'] = __('Access denied. You must have admin privileges to perform this action.', 'ninja-forms');
$this->_respond();
}
check_ajax_referer( 'ninja_forms_builder_nonce', 'security' );
$form = json_decode( stripslashes( $_POST['form'] ), ARRAY_A );
......
......@@ -22,7 +22,7 @@ class NF_AJAX_REST_RequiredUpdate extends NF_AJAX_REST_Controller
// Does the current user have admin privileges
if (!current_user_can('manage_options')) {
$data['error'] = __('Access denied. You must have admin privileges to view this data.', 'ninja-forms');
$data['error'] = __('Access denied. You must have admin privileges to perform this action.', 'ninja-forms');
return $data;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment