| Dir : /home/trave494/footcrew.com/ads/wp-content/themes/classipress/includes/ |
| Server: Linux ngx353.inmotionhosting.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64 IP: 209.182.202.254 |
| Dir : /home/trave494/footcrew.com/ads/wp-content/themes/classipress/includes/security.php |
<?php
/**
* Prevent visitors without permissions to access the WordPress backend.
*
* @package ClassiPress\Security
* @author AppThemes
* @since ClassiPress 3.0
*/
/**
* Checks permissions to access the WordPress backend.
*
* @return void
*/
function cp_security_check() {
global $cp_options;
$cp_access_level = $cp_options->admin_security;
// if there's no value then give everyone access
if ( empty( $cp_access_level ) ) {
$cp_access_level = 'read';
}
// previous releases had incompatible capability with MU installs
if ( 'install_themes' == $cp_access_level ) {
$cp_access_level = 'manage_options';
}
$doing_ajax = defined( 'DOING_AJAX' ) && DOING_AJAX;
$doing_admin_post = ( basename( $_SERVER['SCRIPT_FILENAME'] ) === 'admin-post.php' );
if ( $cp_access_level == 'disable' || current_user_can( $cp_access_level ) || $doing_ajax || $doing_admin_post ) {
return;
}
appthemes_add_notice( 'denied-admin-access', __( 'Site administrator has blocked your access to the back-office.', APP_TD ), 'error' );
wp_redirect( CP_DASHBOARD_URL );
exit();
}
add_action( 'admin_init', 'cp_security_check', 1 );