X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/256a3b381f63716209b3527d0a14442ae570c283..refs/tags/wordpress-4.3:/wp-admin/includes/ms.php diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php index e376a1ed..ffed184b 100644 --- a/wp-admin/includes/ms.php +++ b/wp-admin/includes/ms.php @@ -35,21 +35,22 @@ function check_upload_size( $file ) { if ( upload_is_user_over_quota( false ) ) { $file['error'] = __( 'You have used your space quota. Please delete files before uploading.' ); } - if ( $file['error'] != '0' && !isset($_POST['html-upload']) ) + if ( $file['error'] != '0' && ! isset( $_POST['html-upload'] ) && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) { wp_die( $file['error'] . ' ' . __( 'Back' ) . '' ); + } return $file; } -add_filter( 'wp_handle_upload_prefilter', 'check_upload_size' ); /** - * Delete a blog + * Delete a blog. * * @since 3.0.0 * - * @param int $blog_id Blog ID - * @param bool $drop True if blog's table should be dropped. Default is false. - * @return void + * @global wpdb $wpdb + * + * @param int $blog_id Blog ID. + * @param bool $drop True if blog's table should be dropped. Default is false. */ function wpmu_delete_blog( $blog_id, $drop = false ) { global $wpdb; @@ -84,11 +85,26 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { $current_site = get_current_site(); + // If a full blog object is not available, do not destroy anything. + if ( $drop && ! $blog ) { + $drop = false; + } + // Don't destroy the initial, main, or root blog. - if ( $drop && ( 1 == $blog_id || is_main_site( $blog_id ) || ( $blog->path == $current_site->path && $blog->domain == $current_site->domain ) ) ) + if ( $drop && ( 1 == $blog_id || is_main_site( $blog_id ) || ( $blog->path == $current_site->path && $blog->domain == $current_site->domain ) ) ) { $drop = false; + } + + $upload_path = trim( get_option( 'upload_path' ) ); + + // If ms_files_rewriting is enabled and upload_path is empty, wp_upload_dir is not reliable. + if ( $drop && get_site_option( 'ms_files_rewriting' ) && empty( $upload_path ) ) { + $drop = false; + } if ( $drop ) { + $uploads = wp_upload_dir(); + $tables = $wpdb->tables( 'blog' ); /** * Filter the tables to drop when the blog is deleted. @@ -106,7 +122,6 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { $wpdb->delete( $wpdb->blogs, array( 'blog_id' => $blog_id ) ); - $uploads = wp_upload_dir(); /** * Filter the upload base directory to delete when the blog is deleted. * @@ -122,7 +137,7 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { $index = 0; while ( $index < count( $stack ) ) { - # Get indexed directory from stack + // Get indexed directory from stack $dir = $stack[$index]; $dh = @opendir( $dir ); @@ -131,10 +146,11 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { if ( $file == '.' || $file == '..' ) continue; - if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) + if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) { $stack[] = $dir . DIRECTORY_SEPARATOR . $file; - else if ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) + } elseif ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) { @unlink( $dir . DIRECTORY_SEPARATOR . $file ); + } } @closedir( $dh ); } @@ -154,7 +170,18 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { restore_current_blog(); } -// @todo Merge with wp_delete_user() ? +/** + * Delete a user from the network and remove from all sites. + * + * @since 3.0.0 + * + * @todo Merge with wp_delete_user() ? + * + * @global wpdb $wpdb + * + * @param int $id The user ID. + * @return bool True if the user was deleted, otherwise false. + */ function wpmu_delete_user( $id ) { global $wpdb; @@ -163,6 +190,13 @@ function wpmu_delete_user( $id ) { if ( !$user->exists() ) return false; + + // Global super-administrators are protected, and cannot be deleted. + $_super_admins = get_super_admins(); + if ( in_array( $user->user_login, $_super_admins, true ) ) { + return false; + } + /** * Fires before a user is deleted from the network. * @@ -210,8 +244,15 @@ function wpmu_delete_user( $id ) { return true; } +/** + * Sends an email when a site administrator email address is changed. + * + * @since 3.0.0 + * + * @param string $old_value The old email address. Not currently used. + * @param string $value The new email address. + */ function update_option_new_admin_email( $old_value, $value ) { - $email = get_option( 'admin_email' ); if ( $value == get_option( 'admin_email' ) || !is_email( $value ) ) return; @@ -222,10 +263,12 @@ function update_option_new_admin_email( $old_value, $value ) { ); update_option( 'adminhash', $new_admin_email ); - $email_text = __( 'Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the administration email address on your site changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -242,7 +285,8 @@ All at ###SITENAME### * Filter the email text sent when the site admin email is changed. * * The following strings have a special meaning and will get replaced dynamically: - * ###ADMIN_URL### The link to click on to confirm the email change. Required otherwise this functunalty is will break. + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. * ###EMAIL### The new email. * ###SITENAME### The name of the site. * ###SITEURL### The URL to the site. @@ -254,16 +298,24 @@ All at ###SITENAME### */ $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); + $current_user = wp_get_current_user(); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'options.php?adminhash='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $value, $content ); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); } -add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); -add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); +/** + * Sends an email when an email address change is requested. + * + * @since 3.0.0 + * + * @global object $errors WP_Error object. + * @global object $wpdb WordPress database object. + */ function send_confirmation_on_profile_email() { global $errors, $wpdb; $current_user = wp_get_current_user(); @@ -292,9 +344,11 @@ function send_confirmation_on_profile_email() { ); update_option( $current_user->ID . '_new_email', $new_user_email ); - $email_text = __( 'Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the email address on your account changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -311,10 +365,11 @@ All at ###SITENAME### * Filter the email text sent when a user changes emails. * * The following strings have a special meaning and will get replaced dynamically: - * ###ADMIN_URL### The link to click on to confirm the email change. Required otherwise this functunalty is will break. - * ###EMAIL### The new email. - * ###SITENAME### The name of the site. - * ###SITEURL### The URL to the site. + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The new email. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. * * @since MU * @@ -323,22 +378,27 @@ All at ###SITENAME### */ $content = apply_filters( 'new_user_email_content', $email_text, $new_user_email ); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'profile.php?newuseremail='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $_POST['email'], $content); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); $_POST['email'] = $current_user->user_email; } } -add_action( 'personal_options_update', 'send_confirmation_on_profile_email' ); +/** + * Adds an admin notice alerting the user to check for confirmation email + * after email address change. + * + * @since 3.0.0 + */ function new_user_email_admin_notice() { if ( strpos( $_SERVER['PHP_SELF'], 'profile.php' ) && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) echo "
" . sprintf( __( "Your email address has not been updated yet. Please check your inbox at %s for a confirmation email." ), $email['newemail'] ) . "
"; } -add_action( 'admin_notices', 'new_user_email_admin_notice' ); /** * Check whether a blog has used its allotted upload space. @@ -346,7 +406,7 @@ add_action( 'admin_notices', 'new_user_email_admin_notice' ); * @since MU * * @param bool $echo Optional. If $echo is set and the quota is exceeded, a warning message is echoed. Default is true. - * @return int + * @return bool True if user is over upload space quota, otherwise false. */ function upload_is_user_over_quota( $echo = true ) { if ( get_site_option( 'upload_space_check_disabled' ) ) @@ -396,22 +456,25 @@ function display_space_usage() { * Get the remaining upload space for this blog. * * @since MU - * @uses upload_is_user_over_quota() - * @uses get_space_allowed() - * @uses get_upload_space_available() * * @param int $size Current max size in bytes * @return int Max size in bytes */ function fix_import_form_size( $size ) { - if ( upload_is_user_over_quota( false ) == true ) + if ( upload_is_user_over_quota( false ) ) { return 0; - + } $available = get_upload_space_available(); return min( $size, $available ); } -// Edit blog upload space setting on Edit Blog page +/** + * Displays the edit blog upload space setting form on the Edit Blog screen. + * + * @since 3.0.0 + * + * @param int $id The ID of the blog to display the setting for. + */ function upload_space_setting( $id ) { switch_to_blog( $id ); $quota = get_option( 'blog_upload_space' ); @@ -422,13 +485,31 @@ function upload_space_setting( $id ) { ?> - - + + + + + ' . sprintf( __( 'You attempted to access the "%1$s" dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the "%1$s" dashboard, please contact your network administrator.' ), $blog_name ) . '

'; $output .= '

' . __( 'If you reached this screen by accident and meant to visit one of your own sites, here are some shortcuts to help you find your way.' ) . '

'; @@ -536,29 +652,41 @@ function _access_denied_splash() { $output .= ''; foreach ( $blogs as $blog ) { - $output .= ""; - $output .= ""; - $output .= ""; - $output .= ""; + $output .= ''; + $output .= ""; + $output .= ''; + $output .= ''; } + $output .= '
"; - $output .= "{$blog->blogname}"; - $output .= ""; - $output .= "" . __( 'Visit Dashboard' ) . " | " . __( 'View Site' ) . "" ; - $output .= "
{$blog->blogname}' . __( 'Visit Dashboard' ) . ' | ' . + '' . __( 'View Site' ) . '
'; - wp_die( $output ); + wp_die( $output, 403 ); } -add_action( 'admin_page_access_denied', '_access_denied_splash', 99 ); +/** + * Checks if the current user has permissions to import new users. + * + * @since 3.0.0 + * + * @param string $permission A permission to be checked. Currently not used. + * @return bool True if the user has proper permissions, false if they do not. + */ function check_import_new_users( $permission ) { if ( !is_super_admin() ) return false; return true; } -add_filter( 'import_allow_create_users', 'check_import_new_users' ); // See "import_allow_fetch_attachments" and "import_attachment_size_limit" filters too. +/** + * Generates and displays a drop-down of available languages. + * + * @since 3.0.0 + * + * @param array $lang_files Optional. An array of the language files. Default empty array. + * @param string $current Optional. The current language code. Default empty. + */ function mu_dropdown_languages( $lang_files = array(), $current = '' ) { $flag = false; $output = array(); @@ -586,6 +714,7 @@ function mu_dropdown_languages( $lang_files = array(), $current = '' ) { // Order by name uksort( $output, 'strnatcasecmp' ); + /** * Filter the languages available in the dropdown. * @@ -596,9 +725,19 @@ function mu_dropdown_languages( $lang_files = array(), $current = '' ) { * @param string $current The current language code. */ $output = apply_filters( 'mu_dropdown_languages', $output, $lang_files, $current ); + echo implode( "\n\t", $output ); } +/** + * Displays an admin notice to upgrade all sites after a core upgrade. + * + * @since 3.0.0 + * + * @global int $wp_db_version The version number of the database. + * + * @return false False if the current user is not a super admin. + */ function site_admin_notice() { global $wp_db_version; if ( !is_super_admin() ) @@ -606,9 +745,19 @@ function site_admin_notice() { if ( get_site_option( 'wpmu_upgrade_site' ) != $wp_db_version ) echo "
" . sprintf( __( 'Thank you for Updating! Please visit the Upgrade Network page to update all your sites.' ), esc_url( network_admin_url( 'upgrade.php' ) ) ) . "
"; } -add_action( 'admin_notices', 'site_admin_notice' ); -add_action( 'network_admin_notices', 'site_admin_notice' ); +/** + * Avoids a collision between a site slug and a permalink slug. + * + * In a subdirectory install this will make sure that a site and a post do not use the + * same subdirectory by checking for a site with the same name as a new post. + * + * @since 3.0.0 + * + * @param array $data An array of post data. + * @param array $postarr An array of posts. Not currently used. + * @return array The new array of post data after checking for collisions. + */ function avoid_blog_page_permalink_collision( $data, $postarr ) { if ( is_subdomain_install() ) return $data; @@ -630,14 +779,21 @@ function avoid_blog_page_permalink_collision( $data, $postarr ) { } return $data; } -add_filter( 'wp_insert_post_data', 'avoid_blog_page_permalink_collision', 10, 2 ); +/** + * Handles the display of choosing a user's primary site. + * + * This displays the user's primary site and allows the user to choose + * which site is primary. + * + * @since 3.0.0 + */ function choose_primary_blog() { ?> - + @@ -687,14 +843,18 @@ function choose_primary_blog() { * Grants Super Admin privileges. * * @since 3.0.0 + * + * @global array $super_admins + * * @param int $user_id ID of the user to be granted Super Admin privileges. + * @return bool True on success, false on failure. This can fail when the user is + * already a super admin or when the `$super_admins` global is defined. */ function grant_super_admin( $user_id ) { - global $super_admins; - // If global super_admins override is defined, there is nothing to do here. - if ( isset( $super_admins ) ) + if ( isset( $GLOBALS['super_admins'] ) ) { return false; + } /** * Fires before the user is granted Super Admin privileges. @@ -730,14 +890,18 @@ function grant_super_admin( $user_id ) { * Revokes Super Admin privileges. * * @since 3.0.0 + * + * @global array $super_admins + * * @param int $user_id ID of the user Super Admin privileges to be revoked from. + * @return bool True on success, false on failure. This can fail when the user's email + * is the network admin email or when the `$super_admins` global is defined. */ function revoke_super_admin( $user_id ) { - global $super_admins; - // If global super_admins override is defined, there is nothing to do here. - if ( isset( $super_admins ) ) + if ( isset( $GLOBALS['super_admins'] ) ) { return false; + } /** * Fires before the user's Super Admin privileges are revoked. @@ -772,12 +936,17 @@ function revoke_super_admin( $user_id ) { } /** - * Whether or not we can edit this network from this page + * Whether or not we can edit this network from this page. * - * By default editing of network is restricted to the Network Admin for that site_id this allows for this to be overridden + * By default editing of network is restricted to the Network Admin for that `$site_id` + * this allows for this to be overridden. * * @since 3.1.0 - * @param integer $site_id The network/site ID to check. + * + * @global wpdb $wpdb + * + * @param int $site_id The network/site ID to check. + * @return bool True if network can be edited, otherwise false. */ function can_edit_network( $site_id ) { global $wpdb; @@ -802,14 +971,13 @@ function can_edit_network( $site_id ) { * Thickbox image paths for Network Admin. * * @since 3.1.0 + * * @access private */ function _thickbox_path_admin_subfolder() { ?>
1 ) { $found = false; ?> - userblog_id ) $found = true; @@ -654,12 +810,12 @@ function choose_primary_blog() { userblog_id ); } } elseif ( count( $all_blogs ) == 1 ) { - $blog = array_shift( $all_blogs ); - echo $blog->domain; + $blog = reset( $all_blogs ); + echo esc_url( get_home_url( $blog->userblog_id ) ); if ( $primary_blog != $blog->userblog_id ) // Set the primary blog again if it's out of sync with blog list. update_user_meta( get_current_user_id(), 'primary_blog', $blog->userblog_id ); } else { @@ -672,10 +828,10 @@ function choose_primary_blog() {
- +