<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt;  }
#msg dl a { font-weight: bold}
#msg dl a:link    { color:#fc3; }
#msg dl a:active  { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff  {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[14581] trunk: Use the edit_theme_options capability.</title>
</head>
<body>

<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/14581">14581</a></dd>
<dt>Author</dt> <dd>nacin</dd>
<dt>Date</dt> <dd>2010-05-12 19:19:57 +0000 (Wed, 12 May 2010)</dd>
</dl>

<h3>Log Message</h3>
<pre>Use the edit_theme_options capability. fixes <a href="http://trac.wordpress.org/ticket/13290">#13290</a>.</pre>

<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminadminajaxphp">trunk/wp-admin/admin-ajax.php</a></li>
<li><a href="#trunkwpadmincustombackgroundphp">trunk/wp-admin/custom-background.php</a></li>
<li><a href="#trunkwpadmincustomheaderphp">trunk/wp-admin/custom-header.php</a></li>
<li><a href="#trunkwpadminincludesdashboardphp">trunk/wp-admin/includes/dashboard.php</a></li>
<li><a href="#trunkwpadminmenuphp">trunk/wp-admin/menu.php</a></li>
<li><a href="#trunkwpadminnavmenusphp">trunk/wp-admin/nav-menus.php</a></li>
<li><a href="#trunkwpadminthemesphp">trunk/wp-admin/themes.php</a></li>
<li><a href="#trunkwpadminwidgetsphp">trunk/wp-admin/widgets.php</a></li>
<li><a href="#trunkwpincludesfunctionsphp">trunk/wp-includes/functions.php</a></li>
</ul>

</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminadminajaxphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/admin-ajax.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/admin-ajax.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/admin-ajax.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -132,7 +132,7 @@
</span><span class="cx">         die();
</span><span class="cx">         break;
</span><span class="cx"> case 'menu-quick-search':
</span><del>-        if ( ! current_user_can( 'switch_themes' ) )
</del><ins>+        if ( ! current_user_can( 'edit_theme_options' ) )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
</span><span class="lines">@@ -399,7 +399,7 @@
</span><span class="cx"> case 'delete-menu-item' :
</span><span class="cx">         $menu_item_id = (int) $_POST['menu-item'];
</span><span class="cx">         check_admin_referer( 'delete-menu_item_' . $menu_item_id );
</span><del>-        if ( ! current_user_can( 'switch_themes' ) )
</del><ins>+        if ( ! current_user_can( 'edit_theme_options' ) )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         if ( is_nav_menu_item( $menu_item_id ) &amp;&amp; wp_delete_post( $menu_item_id, true ) )
</span><span class="lines">@@ -817,7 +817,7 @@
</span><span class="cx">         $x-&gt;send();
</span><span class="cx">         break;
</span><span class="cx"> case 'add-menu-item' :
</span><del>-        if ( ! current_user_can( 'switch_themes' ) )
</del><ins>+        if ( ! current_user_can( 'edit_theme_options' ) )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
</span><span class="lines">@@ -1091,7 +1091,7 @@
</span><span class="cx">         die('1');
</span><span class="cx">         break;
</span><span class="cx"> case 'menu-quick-search':
</span><del>-        if ( ! current_user_can( 'switch_themes' ) )
</del><ins>+        if ( ! current_user_can( 'edit_theme_options' ) )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         require_once ABSPATH . 'wp-admin/includes/nav-menu.php';
</span><span class="lines">@@ -1328,7 +1328,7 @@
</span><span class="cx"> case 'widgets-order' :
</span><span class="cx">         check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
</span><span class="cx"> 
</span><del>-        if ( !current_user_can('switch_themes') )
</del><ins>+        if ( !current_user_can('edit_theme_options') )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         unset( $_POST['savewidgets'], $_POST['action'] );
</span><span class="lines">@@ -1358,7 +1358,7 @@
</span><span class="cx"> case 'save-widget' :
</span><span class="cx">         check_ajax_referer( 'save-sidebar-widgets', 'savewidgets' );
</span><span class="cx"> 
</span><del>-        if ( !current_user_can('switch_themes') || !isset($_POST['id_base']) )
</del><ins>+        if ( !current_user_can('edit_theme_options') || !isset($_POST['id_base']) )
</ins><span class="cx">                 die('-1');
</span><span class="cx"> 
</span><span class="cx">         unset( $_POST['savewidgets'], $_POST['action'] );
</span></span></pre></div>
<a id="trunkwpadmincustombackgroundphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/custom-background.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/custom-background.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/custom-background.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -52,10 +52,10 @@
</span><span class="cx">          * @since 3.0.0
</span><span class="cx">          */
</span><span class="cx">         function init() {
</span><del>-                if ( ! current_user_can('switch_themes') )
</del><ins>+                if ( ! current_user_can('edit_theme_options') )
</ins><span class="cx">                         return;
</span><span class="cx"> 
</span><del>-                $page = add_theme_page(__('Background'), __('Background'), 'switch_themes', 'custom-background', array(&amp;$this, 'admin_page'));
</del><ins>+                $page = add_theme_page(__('Background'), __('Background'), 'edit_theme_options', 'custom-background', array(&amp;$this, 'admin_page'));
</ins><span class="cx"> 
</span><span class="cx">                 add_action(&quot;load-$page&quot;, array(&amp;$this, 'admin_load'));
</span><span class="cx">                 add_action(&quot;load-$page&quot;, array(&amp;$this, 'take_action'), 49);
</span></span></pre></div>
<a id="trunkwpadmincustomheaderphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/custom-header.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/custom-header.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/custom-header.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -61,10 +61,10 @@
</span><span class="cx">          * @since 2.1.0
</span><span class="cx">          */
</span><span class="cx">         function init() {
</span><del>-                if ( ! current_user_can('switch_themes') )
</del><ins>+                if ( ! current_user_can('edit_theme_options') )
</ins><span class="cx">                         return;
</span><span class="cx"> 
</span><del>-                $page = add_theme_page(__('Header'), __('Header'), 'switch_themes', 'custom-header', array(&amp;$this, 'admin_page'));
</del><ins>+                $page = add_theme_page(__('Header'), __('Header'), 'edit_theme_options', 'custom-header', array(&amp;$this, 'admin_page'));
</ins><span class="cx"> 
</span><span class="cx">                 add_action(&quot;admin_print_scripts-$page&quot;, array(&amp;$this, 'js_includes'));
</span><span class="cx">                 add_action(&quot;admin_print_styles-$page&quot;, array(&amp;$this, 'css_includes'));
</span><span class="lines">@@ -125,7 +125,7 @@
</span><span class="cx">          * @since 2.6.0
</span><span class="cx">          */
</span><span class="cx">         function take_action() {
</span><del>-                if ( ! current_user_can('switch_themes') )
</del><ins>+                if ( ! current_user_can('edit_theme_options') )
</ins><span class="cx">                         return;
</span><span class="cx"> 
</span><span class="cx">                 if ( isset( $_POST['textcolor'] ) ) {
</span><span class="lines">@@ -597,7 +597,7 @@
</span><span class="cx">          * @since 2.1.0
</span><span class="cx">          */
</span><span class="cx">         function admin_page() {
</span><del>-                if ( ! current_user_can('switch_themes') )
</del><ins>+                if ( ! current_user_can('edit_theme_options') )
</ins><span class="cx">                         wp_die(__('You do not have permission to customize headers.'));
</span><span class="cx">                 $step = $this-&gt;step();
</span><span class="cx">                 if ( 1 == $step )
</span></span></pre></div>
<a id="trunkwpadminincludesdashboardphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/dashboard.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/dashboard.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/includes/dashboard.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -356,11 +356,15 @@
</span><span class="cx">                 }
</span><span class="cx">                 $num = number_format_i18n( $num_widgets );
</span><span class="cx"> 
</span><del>-                if ( current_user_can( 'switch_themes' ) ) {
</del><ins>+                $switch_themes = $ct-&gt;title;
+                if ( current_user_can( 'switch_themes') ) {
</ins><span class="cx">                         echo '&lt;a href=&quot;themes.php&quot; class=&quot;button rbutton&quot;&gt;' . __('Change Theme') . '&lt;/a&gt;';
</span><del>-                        printf(_n('Theme &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;themes.php&quot;&gt;%1$s&lt;/a&gt;&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;widgets.php&quot;&gt;%2$s Widget&lt;/a&gt;&lt;/span&gt;', 'Theme &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;themes.php&quot;&gt;%1$s&lt;/a&gt;&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;widgets.php&quot;&gt;%2$s Widgets&lt;/a&gt;&lt;/span&gt;', $num_widgets), $ct-&gt;title, $num);
</del><ins>+                        $switch_themes = '&lt;a href=&quot;themes.php&quot;&gt;' . $switch_themes . '&lt;/a&gt;';
+                }
+                if ( current_user_can( 'edit_theme_options' ) ) {
+                        printf(_n('Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;widgets.php&quot;&gt;%2$s Widget&lt;/a&gt;&lt;/span&gt;', 'Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;&lt;a href=&quot;widgets.php&quot;&gt;%2$s Widgets&lt;/a&gt;&lt;/span&gt;', $num_widgets), $switch_themes, $num);
</ins><span class="cx">                 } else {
</span><del>-                        printf(_n('Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;%2$s Widget&lt;/span&gt;', 'Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;%2$s Widgets&lt;/span&gt;', $num_widgets), $ct-&gt;title, $num);
</del><ins>+                        printf(_n('Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;%2$s Widget&lt;/span&gt;', 'Theme &lt;span class=&quot;b&quot;&gt;%1$s&lt;/span&gt; with &lt;span class=&quot;b&quot;&gt;%2$s Widgets&lt;/span&gt;', $num_widgets), $switch_themes, $num);
</ins><span class="cx">                 }
</span><span class="cx">         } else {
</span><span class="cx">                 if ( current_user_can( 'switch_themes' ) ) {
</span></span></pre></div>
<a id="trunkwpadminmenuphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/menu.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/menu.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/menu.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -145,9 +145,15 @@
</span><span class="cx"> 
</span><span class="cx"> $menu[59] = array( '', 'read', 'separator2', '', 'wp-menu-separator' );
</span><span class="cx"> 
</span><del>-$menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
-        $submenu['themes.php'][5]  = array(__('Themes'), 'switch_themes', 'themes.php');
-        $submenu['themes.php'][10] = array(__('Menus'), 'switch_themes', 'nav-menus.php');
</del><ins>+if ( current_user_can( 'switch_themes') ) {
+        $menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
+                $submenu['themes.php'][5]  = array(__('Themes'), 'switch_themes', 'themes.php');
+                $submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php');
+} else {
+        $menu[60] = array( __('Appearance'), 'edit_theme_options', 'themes.php', '', 'menu-top menu-icon-appearance', 'menu-appearance', 'div' );
+                $submenu['themes.php'][5]  = array(__('Themes'), 'edit_theme_options', 'themes.php');
+                $submenu['themes.php'][10] = array(__('Menus'), 'edit_theme_options', 'nav-menus.php' );
+}
</ins><span class="cx"> 
</span><span class="cx"> // Add 'Editor' to the bottom of the Appearence menu.
</span><span class="cx"> add_action('admin_menu', '_add_themes_utility_last', 101);
</span><span class="lines">@@ -281,7 +287,7 @@
</span><span class="cx"> unset($sub_loop);
</span><span class="cx"> 
</span><span class="cx"> // Loop over the top-level menu.
</span><del>-// Menus for which the original parent is not acessible due to lack of privs will have the next
</del><ins>+// Menus for which the original parent is not accessible due to lack of privs will have the next
</ins><span class="cx"> // submenu in line be assigned as the new menu parent.
</span><span class="cx"> foreach ( $menu as $id =&gt; $data ) {
</span><span class="cx">         if ( empty($submenu[$data[2]]) )
</span></span></pre></div>
<a id="trunkwpadminnavmenusphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/nav-menus.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/nav-menus.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/nav-menus.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -16,8 +16,8 @@
</span><span class="cx"> require_once( ABSPATH . 'wp-admin/includes/nav-menu.php' );
</span><span class="cx"> 
</span><span class="cx"> // Permissions Check
</span><del>-if ( ! current_user_can('switch_themes') )
-        wp_die( __( 'Cheatin&amp;#8217; uh?' ));
</del><ins>+if ( ! current_user_can('edit_theme_options') )
+        wp_die( __( 'Cheatin&amp;#8217; uh?' ) );
</ins><span class="cx"> 
</span><span class="cx"> // Nav Menu CSS
</span><span class="cx"> wp_admin_css( 'nav-menu' );
</span><span class="lines">@@ -51,12 +51,9 @@
</span><span class="cx"> 
</span><span class="cx"> switch ( $action ) {
</span><span class="cx">         case 'add-menu-item':
</span><del>-                if ( current_user_can( 'switch_themes' ) ) {
-                        check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
-                        if ( isset( $_REQUEST['menu-item'] ) ) {
-                                wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] );
-                        }
-                }
</del><ins>+                check_admin_referer( 'add-menu_item', 'menu-settings-column-nonce' );
+                if ( isset( $_REQUEST['menu-item'] ) )
+                        wp_save_nav_menu_item( $nav_menu_selected_id, $_REQUEST['menu-item'] );
</ins><span class="cx">                 break;
</span><span class="cx">         case 'move-down-menu-item' :
</span><span class="cx">                 // moving down a menu item is the same as moving up the next in order
</span></span></pre></div>
<a id="trunkwpadminthemesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/themes.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/themes.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/themes.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -9,10 +9,10 @@
</span><span class="cx"> /** WordPress Administration Bootstrap */
</span><span class="cx"> require_once('./admin.php');
</span><span class="cx"> 
</span><del>-if ( !current_user_can('switch_themes') )
</del><ins>+if ( !current_user_can('switch_themes') &amp;&amp; !current_user_can('edit_theme_options') )
</ins><span class="cx">         wp_die( __( 'Cheatin&amp;#8217; uh?' ) );
</span><span class="cx"> 
</span><del>-if ( isset($_GET['action']) ) {
</del><ins>+if ( current_user_can('switch_themes') &amp;&amp; isset($_GET['action']) ) {
</ins><span class="cx">         if ( 'activate' == $_GET['action'] ) {
</span><span class="cx">                 check_admin_referer('switch-theme_' . $_GET['template']);
</span><span class="cx">                 switch_theme($_GET['template'], $_GET['stylesheet']);
</span><span class="lines">@@ -31,6 +31,8 @@
</span><span class="cx"> $title = __('Manage Themes');
</span><span class="cx"> $parent_file = 'themes.php';
</span><span class="cx"> 
</span><ins>+if ( current_user_can( 'switch_themes' ) ) :
+
</ins><span class="cx"> $help = '&lt;p&gt;' . __('Themes give your WordPress style. Once a theme is installed, you may preview it, activate it or deactivate it here.') . '&lt;/p&gt;';
</span><span class="cx"> if ( current_user_can('install_themes') ) {
</span><span class="cx">         $help .= '&lt;p&gt;' . sprintf(__('You can find additional themes for your site by using the new &lt;a href=&quot;%1$s&quot;&gt;Theme Browser/Installer&lt;/a&gt; functionality or by browsing the &lt;a href=&quot;http://wordpress.org/extend/themes/&quot;&gt;WordPress Theme Directory&lt;/a&gt; directly and installing manually.  To install a theme &lt;em&gt;manually&lt;/em&gt;, &lt;a href=&quot;%2$s&quot;&gt;upload its ZIP archive with the new uploader&lt;/a&gt; or copy its folder via FTP into your &lt;code&gt;wp-content/themes&lt;/code&gt; directory.'), 'theme-install.php', 'theme-install.php?tab=upload' ) . '&lt;/p&gt;';
</span><span class="lines">@@ -42,6 +44,8 @@
</span><span class="cx"> add_thickbox();
</span><span class="cx"> wp_enqueue_script( 'theme-preview' );
</span><span class="cx"> 
</span><ins>+endif;
+
</ins><span class="cx"> require_once('./admin-header.php');
</span><span class="cx"> if ( is_multisite() &amp;&amp; current_user_can('edit_themes') ) {
</span><span class="cx">         ?&gt;&lt;div id=&quot;message0&quot; class=&quot;updated&quot;&gt;&lt;p&gt;&lt;?php printf( __('Administrator: new themes must be activated in the &lt;a href=&quot;%s&quot;&gt;Network Themes&lt;/a&gt; screen before they appear here.'), admin_url( 'ms-themes.php') ); ?&gt;&lt;/p&gt;&lt;/div&gt;&lt;?php
</span><span class="lines">@@ -51,7 +55,7 @@
</span><span class="cx"> &lt;?php if ( ! validate_current_theme() ) : ?&gt;
</span><span class="cx"> &lt;div id=&quot;message1&quot; class=&quot;updated&quot;&gt;&lt;p&gt;&lt;?php _e('The active theme is broken.  Reverting to the default theme.'); ?&gt;&lt;/p&gt;&lt;/div&gt;
</span><span class="cx"> &lt;?php elseif ( isset($_GET['activated']) ) :
</span><del>-                if ( isset($wp_registered_sidebars) &amp;&amp; count( (array) $wp_registered_sidebars ) ) { ?&gt;
</del><ins>+                if ( isset($wp_registered_sidebars) &amp;&amp; count( (array) $wp_registered_sidebars ) &amp;&amp; current_user_can('edit_theme_options') ) { ?&gt;
</ins><span class="cx"> &lt;div id=&quot;message2&quot; class=&quot;updated&quot;&gt;&lt;p&gt;&lt;?php printf( __('New theme activated. This theme supports widgets, please visit the &lt;a href=&quot;%s&quot;&gt;widgets settings&lt;/a&gt; screen to configure them.'), admin_url( 'widgets.php' ) ); ?&gt;&lt;/p&gt;&lt;/div&gt;&lt;?php
</span><span class="cx">                 } else { ?&gt;
</span><span class="cx"> &lt;div id=&quot;message2&quot; class=&quot;updated&quot;&gt;&lt;p&gt;&lt;?php printf( __( 'New theme activated. &lt;a href=&quot;%s&quot;&gt;Visit site&lt;/a&gt;' ), home_url( '/' ) ); ?&gt;&lt;/p&gt;&lt;/div&gt;&lt;?php
</span><span class="lines">@@ -114,6 +118,13 @@
</span><span class="cx"> &lt;/div&gt;
</span><span class="cx"> 
</span><span class="cx"> &lt;div class=&quot;clear&quot;&gt;&lt;/div&gt;
</span><ins>+&lt;?php
+if ( ! current_user_can( 'switch_themes' ) ) {
+        echo '&lt;/div&gt;';
+        require( './admin-footer.php' );
+        exit;
+}
+?&gt;
</ins><span class="cx"> &lt;h3&gt;&lt;?php _e('Available Themes'); ?&gt;&lt;/h3&gt;
</span><span class="cx"> &lt;div class=&quot;clear&quot;&gt;&lt;/div&gt;
</span><span class="cx"> 
</span></span></pre></div>
<a id="trunkwpadminwidgetsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/widgets.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/widgets.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-admin/widgets.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -12,7 +12,7 @@
</span><span class="cx"> /** WordPress Administration Widgets API */
</span><span class="cx"> require_once(ABSPATH . 'wp-admin/includes/widgets.php');
</span><span class="cx"> 
</span><del>-if ( ! current_user_can('switch_themes') )
</del><ins>+if ( ! current_user_can('edit_theme_options') )
</ins><span class="cx">         wp_die( __( 'Cheatin&amp;#8217; uh?' ));
</span><span class="cx"> 
</span><span class="cx"> wp_admin_css( 'widgets' );
</span></span></pre></div>
<a id="trunkwpincludesfunctionsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/functions.php (14580 => 14581)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/functions.php        2010-05-12 19:12:18 UTC (rev 14580)
+++ trunk/wp-includes/functions.php        2010-05-12 19:19:57 UTC (rev 14581)
</span><span class="lines">@@ -2974,7 +2974,7 @@
</span><span class="cx">  */
</span><span class="cx"> function wp_widgets_add_menu() {
</span><span class="cx">         global $submenu;
</span><del>-        $submenu['themes.php'][7] = array( __( 'Widgets' ), 'switch_themes', 'widgets.php' );
</del><ins>+        $submenu['themes.php'][7] = array( __( 'Widgets' ), 'edit_theme_options', 'widgets.php' );
</ins><span class="cx">         ksort( $submenu['themes.php'], SORT_NUMERIC );
</span><span class="cx"> }
</span><span class="cx"> 
</span></span></pre>
</div>
</div>

</body>
</html>