WP Merge

git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@599 7be80a69-a1ef-0310-a953-fb0f7c49ff36
author: donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> 2006-06-27 11:03:10 +0000
committer: donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> 2006-06-27 11:03:10 +0000
commit: 8db1e81228b0e295199f6e3ee8a99d223c48f8c2 (patch)
tree: 131d8b23b9e939a9c23f24ec650b343efa918c5c /wp-admin/admin-functions.php
parent: 13aff523358403d08dc7fcb0d844a2e6c12df41a (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 3cae3ae..038eb8c 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -412,8 +412,8 @@ function edit_user($user_id = 0) {
 	if (isset ($_POST['pass2']))
 		$pass2 = $_POST['pass2'];
 
-	if (isset ($_POST['role'])) {
-		if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
+	if (isset ($_POST['role']) && current_user_can('edit_users')) {
+		if ($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
 			$user->role = $_POST['role'];
 	}
author	donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36>	2006-06-27 11:03:10 +0000
committer	donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36>	2006-06-27 11:03:10 +0000
commit	8db1e81228b0e295199f6e3ee8a99d223c48f8c2 (patch)
tree	131d8b23b9e939a9c23f24ec650b343efa918c5c /wp-admin/admin-functions.php
parent	13aff523358403d08dc7fcb0d844a2e6c12df41a (diff)