<?php
/**
- * Add Site Administration Screen
+ * Add New User network administration panel.
*
* @package WordPress
* @subpackage Multisite
*/
/** Load WordPress Administration Bootstrap */
-require_once( './admin.php' );
+require_once( dirname( __FILE__ ) . '/admin.php' );
if ( ! is_multisite() )
wp_die( __( 'Multisite support is not enabled.' ) );
get_current_screen()->set_help_sidebar(
'<p><strong>' . __('For more information:') . '</strong></p>' .
'<p>' . __('<a href="http://codex.wordpress.org/Network_Admin_Users_Screen" target="_blank">Documentation on Network Users</a>') . '</p>' .
- '<p>' . __('<a href="http://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
+ '<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
);
if ( isset($_REQUEST['action']) && 'add-user' == $_REQUEST['action'] ) {
if ( ! is_array( $_POST['user'] ) )
wp_die( __( 'Cannot create an empty user.' ) );
- $user = $_POST['user'];
+ $user = wp_unslash( $_POST['user'] );
$user_details = wpmu_validate_user_signup( $user['username'], $user['email'] );
if ( is_wp_error( $user_details[ 'errors' ] ) && ! empty( $user_details[ 'errors' ]->errors ) ) {
$add_user_errors = $user_details[ 'errors' ];
} else {
$password = wp_generate_password( 12, false);
- $user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) );
+ $user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, sanitize_email( $user['email'] ) );
if ( ! $user_id ) {
$add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) );
$title = __('Add New User');
$parent_file = 'users.php';
-require('../admin-header.php'); ?>
+require( ABSPATH . 'wp-admin/admin-header.php' ); ?>
<div class="wrap">
-<?php screen_icon(); ?>
<h2 id="add-new-user"><?php _e('Add New User') ?></h2>
<?php
if ( ! empty( $messages ) ) {
<td colspan="2"><?php _e( 'Username and password will be mailed to the above email address.' ) ?></td>
</tr>
</table>
- <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ) ?>
+ <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?>
<?php submit_button( __('Add User'), 'primary', 'add-user' ); ?>
</form>
</div>
<?php
-require('../admin-footer.php');
+require( ABSPATH . 'wp-admin/admin-footer.php' );