Protecting user profile edits (1 post)

  1. Sarah Anderson
    Posted 4 years ago #

    I'm writing a plugin to add in custom fields to the user profile, and going over old code I found I had the following at the start of the update function

    if ( !current_user_can( 'edit_user', $user_id ) )
            return false;

    Looking online this seems to be what everyone uses. However, looking on at the function in the code and looking on the codex page for the current_user_can function, it doesn't accept 2 parameters, and there isn't a capability called 'edit_user'

    I feel like I'm missing something?! And if this is wrong, is there a suitable single function to check if the current user can edit the user's profile in question? I know how to do it with two functions but figured I'd check if there was one.

    Thanks in advance.

Topic Closed

This topic has been closed to new replies.

About this Topic

  • RSS feed for this topic
  • Started 4 years ago by Sarah Anderson
  • This topic is not resolved
  • WordPress version: 3.3.1