Avoiding The Critical Issue Found In 600,000+ Download Plugin

WordPressHaving recently started doing development of WordPress I am tending to read a fair number of posts and news stories on it. One of the stories from a couple of weeks ago was about a critical security issue in the Custom Contact Forms plugin.

From what I have read, the security issue likely stemmed from a misunderstanding of the is_admin() function. On the surface is_admin() looks like it could be used to see if the user is an admin and can therefore change settings on the plugin; however, is_admin() is really intended for checking to see if the page being displayed is in the admin area.

When I am writing plugins, I use a lot of different resources, from the WordPress Function Reference to a couple of WordPress books and the results of online searches. However, when I do find an example somewhere I will use the Function Reference to ensure it does what I think it does.

I’ll admit when I read this story the first thing I did was to check my plugins and make sure I hadn’t made the same error. Fortunately, looking back at my code is_admin() was not a function I have used. To check if the user had permissions to change settings I am doing the following:

	if ( !current_user_can( 'manage_options' ) ){
		wp_die( 'Not allowed' );

The current_user_can function is used to determine what rights the user has. In the example above, I’m checking for manage_options which when the function returns true means the user has permissions to maintain the WordPress options; if the function returns false then wp_die() is called to stop all further processing ()within the brackets you pleace the message which should be displayed to the user.