require_once('admin.php');
$title = __('Edit User');
-$parent_file = 'profile.php';
+if ( current_user_can('edit_users') )
+ $parent_file = 'users.php';
+else
+ $parent_file = 'profile.php';
$submenu_file = 'users.php';
-$wpvarstoreset = array('action', 'redirect', 'profile', 'user_id');
-for ($i=0; $i<count($wpvarstoreset); $i += 1) {
- $wpvar = $wpvarstoreset[$i];
- if (!isset($$wpvar)) {
- if (empty($_POST["$wpvar"])) {
- if (empty($_GET["$wpvar"])) {
- $$wpvar = '';
- } else {
- $$wpvar = $_GET["$wpvar"];
- }
- } else {
- $$wpvar = $_POST["$wpvar"];
- }
- }
-}
+wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
+
+$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
+
+$user_id = (int) $user_id;
+
+if ( !$user_id )
+ wp_die(__('Invalid user ID.'));
switch ($action) {
case 'switchposts':
check_admin_referer('update-user_' . $user_id);
-$errors = array();
+if ( !current_user_can('edit_user', $user_id) )
+ wp_die(__('You do not have permission to edit this user.'));
-if (!current_user_can('edit_users'))
- $errors['head'] = __('You do not have permission to edit this user.');
-else
- $errors = edit_user($user_id);
+$errors = edit_user($user_id);
-if(count($errors) == 0) {
- wp_redirect("user-edit.php?user_id=$user_id&updated=true");
+if( !is_wp_error( $errors ) ) {
+ $redirect = "user-edit.php?user_id=$user_id&updated=true";
+ $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
+ wp_redirect($redirect);
exit;
}
default:
-include ('admin-header.php');
+$profileuser = get_user_to_edit($user_id);
-$profileuser = new WP_User($user_id);
+if ( !current_user_can('edit_user', $user_id) )
+ wp_die(__('You do not have permission to edit this user.'));
-if (!current_user_can('edit_users')) $errors['head'] = __('You do not have permission to edit this user.');
+include ('admin-header.php');
?>
<?php if ( isset($_GET['updated']) ) : ?>
<div id="message" class="updated fade">
<p><strong><?php _e('User updated.') ?></strong></p>
+ <?php if ( $wp_http_referer ) : ?>
+ <p><a href="users.php"><?php _e('« Back to Authors and Users'); ?></a></p>
+ <?php endif; ?>
</div>
<?php endif; ?>
-<?php if ( count($errors) != 0 ) : ?>
+<?php if ( is_wp_error( $errors ) ) : ?>
<div class="error">
<ul>
<?php
- foreach($errors as $error) echo "<li>$error</li>";
+ foreach( $errors->get_error_messages() as $message )
+ echo "<li>$message</li>";
?>
</ul>
</div>
<form name="profile" id="your-profile" action="user-edit.php" method="post">
<?php wp_nonce_field('update-user_' . $user_id) ?>
+<?php if ( $wp_http_referer ) : ?>
+ <input type="hidden" name="wp_http_referer" value="<?php echo clean_url($wp_http_referer); ?>" />
+<?php endif; ?>
<p>
<input type="hidden" name="from" value="profile" />
<input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
</p>
+<p><label for="rich_editing"><input name="rich_editing" type="checkbox" id="rich_editing" value="true" <?php checked('true', $profileuser->rich_editing); ?> /> <?php _e('Use the visual editor when writing'); ?></label></p>
+
+<p class="submit"><input type="submit" value="<?php _e('Update User »'); ?>" name="submit" /></p>
+
<fieldset>
<legend><?php _e('Name'); ?></legend>
<p><label><?php _e('Username: (no editing)'); ?><br />
<?php
// print_r($profileuser);
echo '<select name="role">';
+$role_list = '';
+$user_has_role = false;
foreach($wp_roles->role_names as $role => $name) {
- $selected = ($profileuser->has_cap($role)) ? ' selected="selected"' : '';
- echo "<option value=\"{$role}\"{$selected}>{$name}</option>";
+ if ( $profileuser->has_cap($role) ) {
+ $selected = ' selected="selected"';
+ $user_has_role = true;
+ } else {
+ $selected = '';
+ }
+ $role_list .= "<option value=\"{$role}\"{$selected}>{$name}</option>";
}
-echo '</select>';
+if ( $user_has_role )
+ $role_list .= '<option value="">' . __('— No role for this blog —') . '</option>';
+else
+ $role_list .= '<option value="" selected="selected">' . __('— No role for this blog —') . '</option>';
+echo $role_list . '</select>';
?></label></p>
<p><label><?php _e('First name:') ?><br />
<p><label><?php _e('Nickname:') ?><br />
<input type="text" name="nickname" value="<?php echo $profileuser->nickname ?>" /></label></p>
-</p><label><?php _e('Display name publicly as:') ?> <br />
+<p><label><?php _e('Display name publicly as:') ?> <br />
<select name="display_name">
<option value="<?php echo $profileuser->display_name; ?>"><?php echo $profileuser->display_name; ?></option>
<option value="<?php echo $profileuser->nickname ?>"><?php echo $profileuser->nickname ?></option>
<input type="text" name="yim" value="<?php echo $profileuser->yim ?>" />
</label></p>
-<p><label><?php _e('Jabber / Google Talk:') ?>
+<p><label><?php _e('Jabber / Google Talk:') ?><br />
<input type="text" name="jabber" value="<?php echo $profileuser->jabber ?>" /></label>
</p>
</fieldset>
<?php do_action('edit_user_profile'); ?>
<br clear="all" />
- <table width="99%" border="0" cellspacing="2" cellpadding="3" class="editform">
- <?php
- if(count($profileuser->caps) > count($profileuser->roles)):
- ?>
- <tr>
- <th scope="row"><?php _e('Additional Capabilities:') ?></th>
- <td><?php
+ <table width="99%" border="0" cellspacing="2" cellpadding="3" class="editform">
+ <?php
+ if(count($profileuser->caps) > count($profileuser->roles)):
+ ?>
+ <tr>
+ <th scope="row"><?php _e('Additional Capabilities:') ?></th>
+ <td><?php
$output = '';
foreach($profileuser->caps as $cap => $value) {
if(!$wp_roles->is_role($cap)) {
}
echo $output;
?></td>
- </tr>
- <?php
- endif;
- ?>
- </table>
+ </tr>
+ <?php
+ endif;
+ ?>
+ </table>
<p class="submit">
<input type="hidden" name="action" value="update" />
<input type="hidden" name="user_id" id="user_id" value="<?php echo $user_id; ?>" />
- <input type="submit" value="<?php _e('Update User »') ?>" name="submit" />
+ <input type="submit" value="<?php _e('Update User »') ?>" name="submit" />
</p>
</form>
</div>