+/**
+ * Edit user administration panel.
+ *
+ * @package WordPress
+ * @subpackage Administration
+ */
+
+/** WordPress Administration Bootstrap */
+require_once('./admin.php');
+
+wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
+
+$user_id = (int) $user_id;
+$current_user = wp_get_current_user();
+if ( ! defined( 'IS_PROFILE_PAGE' ) )
+ define( 'IS_PROFILE_PAGE', ( $user_id == $current_user->ID ) );
+
+if ( ! $user_id && IS_PROFILE_PAGE )
+ $user_id = $current_user->ID;
+elseif ( ! $user_id && ! IS_PROFILE_PAGE )
+ wp_die(__( 'Invalid user ID.' ) );
+elseif ( ! get_userdata( $user_id ) )
+ wp_die( __('Invalid user ID.') );
+
+wp_enqueue_script('user-profile');
+wp_enqueue_script('password-strength-meter');
+
+$title = IS_PROFILE_PAGE ? __('Profile') : __('Edit User');
+if ( current_user_can('edit_users') && !IS_PROFILE_PAGE )
+ $submenu_file = 'users.php';
+else
+ $submenu_file = 'profile.php';
+$parent_file = 'users.php';
+
+// contextual help - choose Help on the top right of admin panel to preview this.
+add_contextual_help($current_screen,
+ '<p>' . __('Your profile contains information about you (your “account”) as well as some personal options related to using WordPress.') . '</p>' .
+ '<p>' . __('You can change your password, turn on keyboard shortcuts, change the color scheme of your WordPress administration screens, and turn off the WYSIWYG (Visual) editor, among other things.') . '</p>' .
+ '<p>' . __('Your username cannot be changed, but you can use other fields to enter your real name or a nickname, and change which name to display on your posts.') . '</p>' .
+ '<p>' . __('Required fields are indicated; the rest are optional. Profile information will only be displayed if your theme is set up to do so.') . '</p>' .
+ '<p>' . __('Remember to click the Update Profile button when you are finished.') . '</p>' .
+ '<p><strong>' . __('For more information:') . '</strong></p>' .
+ '<p>' . __('<a href="http://codex.wordpress.org/Users_Your_Profile_SubPanel" target="_blank">Documentation on User Profiles</a>') . '</p>' .
+ '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>'
+);
+
+
+$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
+
+$all_post_caps = array('posts', 'pages');
+$user_can_edit = false;
+foreach ( $all_post_caps as $post_cap )
+ $user_can_edit |= current_user_can("edit_$post_cap");
+
+/**
+ * Optional SSL preference that can be turned on by hooking to the 'personal_options' action.
+ *
+ * @since 2.7.0
+ *
+ * @param object $user User data object
+ */
+function use_ssl_preference($user) {
+?>
+ <tr>
+ <th scope="row"><?php _e('Use https')?></th>
+ <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td>
+ </tr>
+<?php
+}
+
+
+// Only allow super admins on multisite to edit every user.
+if ( is_multisite() && ! current_user_can( 'manage_network_users' ) && $user_id != $current_user->ID && ! apply_filters( 'enable_edit_any_user_configuration', true ) )
+ wp_die( __( 'You do not have permission to edit this user.' ) );
+
+// Execute confirmed email change. See send_confirmation_on_profile_email().
+if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
+ $new_email = get_option( $current_user->ID . '_new_email' );
+ if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
+ $user->ID = $current_user->ID;
+ $user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
+ if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
+ $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
+ wp_update_user( get_object_vars( $user ) );
+ delete_option( $current_user->ID . '_new_email' );
+ wp_redirect( add_query_arg( array('updated' => 'true'), admin_url( 'profile.php' ) ) );
+ die();