joemerchant2I'm writing a plugin that has submenus in the dashboard;
Plugin Name
- Plugin Dashboard
- plugin options
- plugin do something
- plugin do something else.
In coding the menu items above, I limit whether or not the subpages are viewable or not by using the capability option in the add_submenu_page() function. So far so good.
In the code for those sub-pages, is it good practice to add a is_user_logged_in() check? Also, should I then go ahead and check the user has the correct access?
As a person can type in a page address directly in the URL bar, I want to make sure I'm securing my plugin pages properly without doing anything that's not necessary.
