X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/5aa86a9053fb0fa15846bb60aac2fb8fdfff524a..refs/tags/wordpress-3.5.1:/wp-admin/user-edit.php

diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php
index 5f3d07e0..eadc1f08 100644
--- a/wp-admin/user-edit.php
+++ b/wp-admin/user-edit.php
@@ -36,7 +36,6 @@ if ( current_user_can('edit_users') && !is_user_admin() )
 else
 	$parent_file = 'profile.php';
 
-
 $profile_help = '<p>' . __('Your profile contains information about you (your &#8220;account&#8221;) as well as some personal options related to using WordPress.') . '</p>' .
 	'<p>' . __('You can change your password, turn on keyboard shortcuts, change the color scheme of your WordPress administration screens, and turn off the WYSIWYG (Visual) editor, among other things. You can hide the Toolbar (formerly called the Admin Bar) from the front end of your site, however it cannot be disabled on the admin screens.') . '</p>' .
 	'<p>' . __('Your username cannot be changed, but you can use other fields to enter your real name or a nickname, and change which name to display on your posts.') . '</p>' .
@@ -75,7 +74,6 @@ function use_ssl_preference($user) {
 <?php
 }
 
-
 // Only allow super admins on multisite to edit every user.
 if ( is_multisite() && ! current_user_can( 'manage_network_users' ) && $user_id != $current_user->ID && ! apply_filters( 'enable_edit_any_user_configuration', true ) )
 	wp_die( __( 'You do not have permission to edit this user.' ) );
@@ -84,11 +82,12 @@ if ( is_multisite() && ! current_user_can( 'manage_network_users' ) && $user_id
 if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
 	$new_email = get_option( $current_user->ID . '_new_email' );
 	if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
+		$user = new stdClass;
 		$user->ID = $current_user->ID;
 		$user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
 		if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
 			$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
-		wp_update_user( get_object_vars( $user ) );
+		wp_update_user( $user );
 		delete_option( $current_user->ID . '_new_email' );
 		wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
 		die();
@@ -141,7 +140,7 @@ if ( !is_multisite() ) {
 }
 
 if ( !is_wp_error( $errors ) ) {
-	$redirect = (IS_PROFILE_PAGE ? "profile.php?" : "user-edit.php?user_id=$user_id&"). "updated=true";
+	$redirect = add_query_arg( 'updated', true, get_edit_user_link( $user_id ) );
 	if ( $wp_http_referer )
 		$redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
 	wp_redirect($redirect);
@@ -247,13 +246,13 @@ if ( !( IS_PROFILE_PAGE && !$user_can_edit ) ) : ?>
 	</tr>
 
 <?php if ( !IS_PROFILE_PAGE && !is_network_admin() ) : ?>
-<tr><th><label for="role"><?php _e('Role:') ?></label></th>
+<tr><th><label for="role"><?php _e('Role') ?></label></th>
 <td><select name="role" id="role">
 <?php
-// Get the highest/primary role for this user
+// Compare user role against currently editable roles
 // TODO: create a function that does this: wp_get_user_role()
-$user_roles = $profileuser->roles;
-$user_role = array_shift($user_roles);
+$user_roles = array_intersect( array_values( $profileuser->roles ), array_keys( get_editable_roles() ) );
+$user_role  = array_shift( $user_roles );
 
 // print the full list of roles with the primary one selected.
 wp_dropdown_roles($user_role);
@@ -268,9 +267,9 @@ else
 <?php endif; //!IS_PROFILE_PAGE
 
 if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) ) { ?>
-<tr><th><label for="role"><?php _e('Super Admin'); ?></label></th>
+<tr><th><?php _e('Super Admin'); ?></th>
 <td>
-<?php if ( $profileuser->user_email != get_site_option( 'admin_email' ) ) : ?>
+<?php if ( $profileuser->user_email != get_site_option( 'admin_email' ) || ! is_super_admin( $profileuser->ID ) ) : ?>
 <p><label><input type="checkbox" id="super_admin" name="super_admin"<?php checked( is_super_admin( $profileuser->ID ) ); ?> /> <?php _e( 'Grant this user super admin privileges for the Network.' ); ?></label></p>
 <?php else : ?>
 <p><?php _e( 'Super admin privileges cannot be removed because this user has the network admin email.' ); ?></p>
@@ -321,7 +320,7 @@ if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_c
 
 			foreach ( $public_display as $id => $item ) {
 		?>
-			<option id="<?php echo $id; ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
+			<option <?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
 		<?php
 			}
 		?>
@@ -425,11 +424,10 @@ if ( $show_password_fields ) :
 break;
 }
 ?>
-<script type="text/javascript" charset="utf-8">
+<script type="text/javascript">
 	if (window.location.hash == '#password') {
 		document.getElementById('pass1').focus();
 	}
 </script>
 <?php
 include( ABSPATH . 'wp-admin/admin-footer.php');
-?>