X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/38ca813a0e312e2768e5b9519f0415cd0aa84781..784f914b1e4b1c62d6657e86397c2e83bcee4295:/wp-admin/includes/ms.php?ds=sidebyside diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php index 98991ef6..6e8fb07e 100644 --- a/wp-admin/includes/ms.php +++ b/wp-admin/includes/ms.php @@ -25,44 +25,56 @@ function check_upload_size( $file ) { if ( defined( 'WP_IMPORTING' ) ) return $file; - $space_allowed = 1048576 * get_space_allowed(); - $space_used = get_dirsize( BLOGUPLOADDIR ); - $space_left = $space_allowed - $space_used; + $space_left = get_upload_space_available(); + $file_size = filesize( $file['tmp_name'] ); - if ( $space_left < $file_size ) - $file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ($file_size - $space_left) /1024 ) ); - if ( $file_size > ( 1024 * get_site_option( 'fileupload_maxk', 1500 ) ) ) - $file['error'] = sprintf(__('This file is too big. Files must be less than %1$s KB in size.'), get_site_option( 'fileupload_maxk', 1500 ) ); + if ( $space_left < $file_size ) { + $file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ); + } + + if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { + $file['error'] = sprintf( __( 'This file is too big. Files must be less than %1$s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ); + } + if ( upload_is_user_over_quota( false ) ) { $file['error'] = __( 'You have used your space quota. Please delete files before uploading.' ); } - if ( $file['error'] != '0' && !isset($_POST['html-upload']) ) + + if ( $file['error'] != '0' && ! isset( $_POST['html-upload'] ) && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) { wp_die( $file['error'] . ' ' . __( 'Back' ) . '' ); + } return $file; } -add_filter( 'wp_handle_upload_prefilter', 'check_upload_size' ); /** - * Delete a blog + * Delete a site. * * @since 3.0.0 * - * @param int $blog_id Blog ID - * @param bool $drop True if blog's table should be dropped. Default is false. - * @return void + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $blog_id Site ID. + * @param bool $drop True if site's database tables should be dropped. Default is false. */ function wpmu_delete_blog( $blog_id, $drop = false ) { global $wpdb; $switch = false; - if ( $blog_id != $wpdb->blogid ) { + if ( get_current_blog_id() != $blog_id ) { $switch = true; switch_to_blog( $blog_id ); } - $blog_prefix = $wpdb->get_blog_prefix( $blog_id ); - + $blog = get_blog_details( $blog_id ); + /** + * Fires before a site is deleted. + * + * @since MU + * + * @param int $blog_id The site ID. + * @param bool $drop True if site's table should be dropped. Default is false. + */ do_action( 'delete_blog', $blog_id, $drop ); $users = get_users( array( 'blog_id' => $blog_id, 'fields' => 'ids' ) ); @@ -70,32 +82,67 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { // Remove users from this blog. if ( ! empty( $users ) ) { foreach ( $users as $user_id ) { - remove_user_from_blog( $user_id, $blog_id) ; + remove_user_from_blog( $user_id, $blog_id ); } } update_blog_status( $blog_id, 'deleted', 1 ); - if ( $drop ) { - if ( substr( $blog_prefix, -1 ) == '_' ) - $blog_prefix = substr( $blog_prefix, 0, -1 ) . '\_'; + $current_site = get_current_site(); + + // If a full blog object is not available, do not destroy anything. + if ( $drop && ! $blog ) { + $drop = false; + } - $drop_tables = $wpdb->get_results( "SHOW TABLES LIKE '{$blog_prefix}%'", ARRAY_A ); - $drop_tables = apply_filters( 'wpmu_drop_tables', $drop_tables ); + // Don't destroy the initial, main, or root blog. + if ( $drop && ( 1 == $blog_id || is_main_site( $blog_id ) || ( $blog->path == $current_site->path && $blog->domain == $current_site->domain ) ) ) { + $drop = false; + } + + $upload_path = trim( get_option( 'upload_path' ) ); + + // If ms_files_rewriting is enabled and upload_path is empty, wp_upload_dir is not reliable. + if ( $drop && get_site_option( 'ms_files_rewriting' ) && empty( $upload_path ) ) { + $drop = false; + } - reset( $drop_tables ); - foreach ( (array) $drop_tables as $drop_table) { - $wpdb->query( "DROP TABLE IF EXISTS ". current( $drop_table ) ."" ); + if ( $drop ) { + $uploads = wp_get_upload_dir(); + + $tables = $wpdb->tables( 'blog' ); + /** + * Filter the tables to drop when the site is deleted. + * + * @since MU + * + * @param array $tables The site tables to be dropped. + * @param int $blog_id The ID of the site to drop tables for. + */ + $drop_tables = apply_filters( 'wpmu_drop_tables', $tables, $blog_id ); + + foreach ( (array) $drop_tables as $table ) { + $wpdb->query( "DROP TABLE IF EXISTS `$table`" ); } - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->blogs WHERE blog_id = %d", $blog_id ) ); - $dir = apply_filters( 'wpmu_delete_blog_upload_dir', WP_CONTENT_DIR . "/blogs.dir/{$blog_id}/files/", $blog_id ); + + $wpdb->delete( $wpdb->blogs, array( 'blog_id' => $blog_id ) ); + + /** + * Filter the upload base directory to delete when the site is deleted. + * + * @since MU + * + * @param string $uploads['basedir'] Uploads path without subdirectory. @see wp_upload_dir() + * @param int $blog_id The site ID. + */ + $dir = apply_filters( 'wpmu_delete_blog_upload_dir', $uploads['basedir'], $blog_id ); $dir = rtrim( $dir, DIRECTORY_SEPARATOR ); $top_dir = $dir; $stack = array($dir); $index = 0; while ( $index < count( $stack ) ) { - # Get indexed directory from stack + // Get indexed directory from stack $dir = $stack[$index]; $dh = @opendir( $dir ); @@ -104,42 +151,68 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { if ( $file == '.' || $file == '..' ) continue; - if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) + if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) { $stack[] = $dir . DIRECTORY_SEPARATOR . $file; - else if ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) + } elseif ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) { @unlink( $dir . DIRECTORY_SEPARATOR . $file ); + } } + @closedir( $dh ); } $index++; } - $stack = array_reverse( $stack ); // Last added dirs are deepest - foreach( (array) $stack as $dir ) { + $stack = array_reverse( $stack ); // Last added dirs are deepest + foreach ( (array) $stack as $dir ) { if ( $dir != $top_dir) @rmdir( $dir ); } - } - $wpdb->query( "DELETE FROM {$wpdb->usermeta} WHERE meta_key = '{$blog_prefix}autosave_draft_ids'" ); - $blogs = get_site_option( 'blog_list' ); - if ( is_array( $blogs ) ) { - foreach ( $blogs as $n => $blog ) { - if ( $blog['blog_id'] == $blog_id ) - unset( $blogs[$n] ); - } - update_site_option( 'blog_list', $blogs ); + clean_blog_cache( $blog ); } - if ( $switch === true ) + if ( $switch ) restore_current_blog(); } -// @todo Merge with wp_delete_user() ? +/** + * Delete a user from the network and remove from all sites. + * + * @since 3.0.0 + * + * @todo Merge with wp_delete_user() ? + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $id The user ID. + * @return bool True if the user was deleted, otherwise false. + */ function wpmu_delete_user( $id ) { global $wpdb; + if ( ! is_numeric( $id ) ) { + return false; + } + $id = (int) $id; + $user = new WP_User( $id ); + + if ( !$user->exists() ) + return false; + + // Global super-administrators are protected, and cannot be deleted. + $_super_admins = get_super_admins(); + if ( in_array( $user->user_login, $_super_admins, true ) ) { + return false; + } + /** + * Fires before a user is deleted from the network. + * + * @since MU + * + * @param int $id ID of the user about to be deleted from the network. + */ do_action( 'wpmu_delete_user', $id ); $blogs = get_blogs_of_user( $id ); @@ -166,48 +239,29 @@ function wpmu_delete_user( $id ) { } } - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->users WHERE ID = %d", $id ) ); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + $meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + foreach ( $meta as $mid ) + delete_metadata_by_mid( 'user', $mid ); - clean_user_cache( $id ); + $wpdb->delete( $wpdb->users, array( 'ID' => $id ) ); - // allow for commit transaction + clean_user_cache( $user ); + + /** This action is documented in wp-admin/includes/user.php */ do_action( 'deleted_user', $id ); return true; } -function wpmu_get_blog_allowedthemes( $blog_id = 0 ) { - $themes = get_themes(); - - if ( $blog_id != 0 ) - switch_to_blog( $blog_id ); - - $blog_allowed_themes = get_option( 'allowedthemes' ); - if ( !is_array( $blog_allowed_themes ) || empty( $blog_allowed_themes ) ) { // convert old allowed_themes to new allowedthemes - $blog_allowed_themes = get_option( 'allowed_themes' ); - - if ( is_array( $blog_allowed_themes ) ) { - foreach( (array) $themes as $key => $theme ) { - $theme_key = esc_html( $theme['Stylesheet'] ); - if ( isset( $blog_allowed_themes[$key] ) == true ) { - $blog_allowedthemes[$theme_key] = 1; - } - } - $blog_allowed_themes = $blog_allowedthemes; - add_option( 'allowedthemes', $blog_allowed_themes ); - delete_option( 'allowed_themes' ); - } - } - - if ( $blog_id != 0 ) - restore_current_blog(); - - return $blog_allowed_themes; -} - +/** + * Sends an email when a site administrator email address is changed. + * + * @since 3.0.0 + * + * @param string $old_value The old email address. Not currently used. + * @param string $value The new email address. + */ function update_option_new_admin_email( $old_value, $value ) { - $email = get_option( 'admin_email' ); if ( $value == get_option( 'admin_email' ) || !is_email( $value ) ) return; @@ -218,10 +272,12 @@ function update_option_new_admin_email( $old_value, $value ) { ); update_option( 'adminhash', $new_admin_email ); - $content = apply_filters( 'new_admin_email_content', __( "Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the administration email address on your site changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -232,49 +288,76 @@ This email has been sent to ###EMAIL### Regards, All at ###SITENAME### -###SITEURL### "), $new_admin_email ); +###SITEURL###' ); + + /** + * Filter the email text sent when the site admin email is changed. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The new email. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since MU + * + * @param string $email_text Text in the email. + * @param string $new_admin_email New admin email that the current administration email was changed to. + */ + $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); - $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'options.php?adminhash='.$hash ) ), $content ); + $current_user = wp_get_current_user(); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); + $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $value, $content ); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); } -add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); -add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); +/** + * Sends an email when an email address change is requested. + * + * @since 3.0.0 + * + * @global WP_Error $errors WP_Error object. + * @global wpdb $wpdb WordPress database object. + */ function send_confirmation_on_profile_email() { global $errors, $wpdb; $current_user = wp_get_current_user(); if ( ! is_object($errors) ) $errors = new WP_Error(); - if ( $current_user->id != $_POST['user_id'] ) + if ( $current_user->ID != $_POST['user_id'] ) return false; if ( $current_user->user_email != $_POST['email'] ) { if ( !is_email( $_POST['email'] ) ) { - $errors->add( 'user_email', __( "ERROR: The e-mail address isn't correct." ), array( 'form-field' => 'email' ) ); + $errors->add( 'user_email', __( "ERROR: The email address isn’t correct." ), array( 'form-field' => 'email' ) ); return; } if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email'] ) ) ) { - $errors->add( 'user_email', __( "ERROR: The e-mail address is already used." ), array( 'form-field' => 'email' ) ); - delete_option( $current_user->ID . '_new_email' ); + $errors->add( 'user_email', __( "ERROR: The email address is already used." ), array( 'form-field' => 'email' ) ); + delete_user_meta( $current_user->ID, '_new_email' ); return; } $hash = md5( $_POST['email'] . time() . mt_rand() ); $new_user_email = array( - 'hash' => $hash, - 'newemail' => $_POST['email'] - ); - update_option( $current_user->ID . '_new_email', $new_user_email ); + 'hash' => $hash, + 'newemail' => $_POST['email'] + ); + update_user_meta( $current_user->ID, '_new_email', $new_user_email ); - $content = apply_filters( 'new_user_email_content', __( "Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the email address on your account changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -285,187 +368,226 @@ This email has been sent to ###EMAIL### Regards, All at ###SITENAME### -###SITEURL###" ), $new_user_email ); - +###SITEURL###' ); + + /** + * Filter the email text sent when a user changes emails. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The new email. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since MU + * + * @param string $email_text Text in the email. + * @param string $new_user_email New user email that the current user has changed to. + */ + $content = apply_filters( 'new_user_email_content', $email_text, $new_user_email ); + + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'profile.php?newuseremail='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $_POST['email'], $content); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); $_POST['email'] = $current_user->user_email; } } -add_action( 'personal_options_update', 'send_confirmation_on_profile_email' ); - -function new_user_email_admin_notice() { - if ( strpos( $_SERVER['PHP_SELF'], 'profile.php' ) && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) - echo "
' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '' . esc_html( $email['newemail'] ) . '
' ) . '
' . sprintf( __( 'You attempted to access the "%1$s" dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the "%1$s" dashboard, please contact your network administrator.' ), $blog_name ) . '
'; $output .= '' . __( 'If you reached this screen by accident and meant to visit one of your own sites, here are some shortcuts to help you find your way.' ) . '
'; @@ -517,29 +666,41 @@ function _access_denied_splash() { $output .= '"; - $output .= "{$blog->blogname}"; - $output .= " | "; - $output .= ""; - $output .= "" . __( 'Visit Dashboard' ) . " | " . __( 'View Site' ) . "" ; - $output .= " | "; - $output .= "
{$blog->blogname} | "; + $output .= '' . __( 'Visit Dashboard' ) . ' | ' . + '' . __( 'View Site' ) . ' | '; + $output .= '
/* That's all, stop editing! Happy blogging. */
please add this code:" );
- $msg .= "$out
";
- echo "%1$s
file is deprecated. Please remove it and update your server rewrite rules to use %2$s
instead.' ), 'wp-content/blogs.php', 'wp-includes/ms-files.php' ) . '';
-}
-add_action( 'network_admin_notices', 'ms_deprecated_blogs_file' );
-
/**
- * Grants super admin privileges.
+ * Grants Super Admin privileges.
*
* @since 3.0.0
- * @param int $user_id
+ *
+ * @global array $super_admins
+ *
+ * @param int $user_id ID of the user to be granted Super Admin privileges.
+ * @return bool True on success, false on failure. This can fail when the user is
+ * already a super admin or when the `$super_admins` global is defined.
*/
function grant_super_admin( $user_id ) {
- global $super_admins;
-
// If global super_admins override is defined, there is nothing to do here.
- if ( isset($super_admins) )
+ if ( isset( $GLOBALS['super_admins'] ) ) {
return false;
+ }
+ /**
+ * Fires before the user is granted Super Admin privileges.
+ *
+ * @since 3.0.0
+ *
+ * @param int $user_id ID of the user that is about to be granted Super Admin privileges.
+ */
do_action( 'grant_super_admin', $user_id );
// Directly fetch site_admins instead of using get_super_admins()
$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
- $user = new WP_User( $user_id );
- if ( ! in_array( $user->user_login, $super_admins ) ) {
+ $user = get_userdata( $user_id );
+ if ( $user && ! in_array( $user->user_login, $super_admins ) ) {
$super_admins[] = $user->user_login;
update_site_option( 'site_admins' , $super_admins );
+
+ /**
+ * Fires after the user is granted Super Admin privileges.
+ *
+ * @since 3.0.0
+ *
+ * @param int $user_id ID of the user that was granted Super Admin privileges.
+ */
do_action( 'granted_super_admin', $user_id );
return true;
}
@@ -710,28 +899,47 @@ function grant_super_admin( $user_id ) {
}
/**
- * Revokes super admin privileges.
+ * Revokes Super Admin privileges.
*
* @since 3.0.0
- * @param int $user_id
+ *
+ * @global array $super_admins
+ *
+ * @param int $user_id ID of the user Super Admin privileges to be revoked from.
+ * @return bool True on success, false on failure. This can fail when the user's email
+ * is the network admin email or when the `$super_admins` global is defined.
*/
function revoke_super_admin( $user_id ) {
- global $super_admins;
-
// If global super_admins override is defined, there is nothing to do here.
- if ( isset($super_admins) )
+ if ( isset( $GLOBALS['super_admins'] ) ) {
return false;
+ }
+ /**
+ * Fires before the user's Super Admin privileges are revoked.
+ *
+ * @since 3.0.0
+ *
+ * @param int $user_id ID of the user Super Admin privileges are being revoked from.
+ */
do_action( 'revoke_super_admin', $user_id );
// Directly fetch site_admins instead of using get_super_admins()
$super_admins = get_site_option( 'site_admins', array( 'admin' ) );
- $user = new WP_User( $user_id );
- if ( $user->user_email != get_site_option( 'admin_email' ) ) {
+ $user = get_userdata( $user_id );
+ if ( $user && 0 !== strcasecmp( $user->user_email, get_site_option( 'admin_email' ) ) ) {
if ( false !== ( $key = array_search( $user->user_login, $super_admins ) ) ) {
unset( $super_admins[$key] );
update_site_option( 'site_admins', $super_admins );
+
+ /**
+ * Fires after the user's Super Admin privileges are revoked.
+ *
+ * @since 3.0.0
+ *
+ * @param int $user_id ID of the user Super Admin privileges were revoked from.
+ */
do_action( 'revoked_super_admin', $user_id );
return true;
}
@@ -740,21 +948,34 @@ function revoke_super_admin( $user_id ) {
}
/**
- * Whether or not we can edit this network from this page
+ * Whether or not we can edit this network from this page.
*
- * By default editing of network is restricted to the Network Admin for that site_id this allows for this to be overridden
+ * By default editing of network is restricted to the Network Admin for that `$site_id`
+ * this allows for this to be overridden.
*
* @since 3.1.0
- * @param integer $site_id The network/site id to check.
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @param int $site_id The network/site ID to check.
+ * @return bool True if network can be edited, otherwise false.
*/
function can_edit_network( $site_id ) {
global $wpdb;
- if ($site_id == $wpdb->siteid )
+ if ( $site_id == $wpdb->siteid )
$result = true;
else
$result = false;
+ /**
+ * Filter whether this network can be edited from this page.
+ *
+ * @since 3.1.0
+ *
+ * @param bool $result Whether the network can be edited from this page.
+ * @param int $site_id The network/site ID to check.
+ */
return apply_filters( 'can_edit_network', $result, $site_id );
}
@@ -762,17 +983,144 @@ function can_edit_network( $site_id ) {
* Thickbox image paths for Network Admin.
*
* @since 3.1.0
+ *
* @access private
*/
function _thickbox_path_admin_subfolder() {
?>
+
+
+
+
+
+
+
+
+
+
+
+