This plugin has a similar issue to this:
edit_pluginsis used as the capability to include the settings page. However, I like using this line in all my wp-config.php files:
define( 'DISALLOW_FILE_EDIT', true );
I never want any of my clients editing theme or plugin files via the admin interface, and after a nightmare experience bringing a client’s site down by careless use of it, I never want to give myself the temptation! It’s useless at best to me, so I turn it off.
edit_pluginsis used as an “admin-only” check and the above constant is
true, the plugin is rendered useless.
Why not use
manage_options? It’s admin-only, there’s no reason (as above) that it would be disabled, and it’s, let’s say “semantic” (i.e. it makes sense!).
- The topic ‘bad choice for capability check’ is closed to new replies.