X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/177fd6fefd2e3d5a0ea6591c71d660cabdb3c1a4..312084b5d95c21feb519ff03decf948420e1f6fa:/wp-admin/users.php diff --git a/wp-admin/users.php b/wp-admin/users.php index d8089b4c..d11ee53d 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -1,5 +1,15 @@ '; + $referer = ''; } elseif ( isset($_REQUEST['wp_http_referer']) ) { $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_REQUEST['wp_http_referer'])); - $referer = ''; + $referer = ''; } else { $redirect = 'users.php'; + $referer = ''; } -switch ($action) { +switch ($doaction) { +/* Bulk Dropdown menu Role changes */ case 'promote': check_admin_referer('bulk-users'); @@ -37,8 +48,9 @@ case 'promote': exit(); } - if ( !current_user_can('edit_users') ) - wp_die(__('You can’t edit users.')); + $editable_roles = get_editable_roles(); + if (!$editable_roles[$_REQUEST['new_role']]) + wp_die(__('You can’t give users that role.')); $userids = $_REQUEST['users']; $update = 'promote'; @@ -105,7 +117,7 @@ case 'delete': check_admin_referer('bulk-users'); - if ( empty($_REQUEST['users']) ) { + if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) { wp_redirect($redirect); exit(); } @@ -113,7 +125,10 @@ case 'delete': if ( !current_user_can('delete_users') ) $errors = new WP_Error('edit_users', __('You can’t delete users.')); - $userids = $_REQUEST['users']; + if ( empty($_REQUEST['users']) ) + $userids = array(intval($_REQUEST['user'])); + else + $userids = $_REQUEST['users']; include ('admin-header.php'); ?> @@ -122,17 +137,19 @@ case 'delete':
' . sprintf(_n('%s user deleted', '%s users deleted', $delete_count), $delete_count) . '
' . __('New user created.') . '
'; break; case 'promote': - ?> -' . __('Changed roles.') . '
'; break; case 'err_admin_role': - ?> -' . __('The current user’s role must have user editing capabilities.') . '
'; + $messages[] = '' . __('Other user roles have been changed.') . '
' . __('You can’t delete the current user.') . '
'; + $messages[] = '' . __('Other users have been deleted.') . '