X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/8f374b7233bc2815ccc387e448d208c5434eb961..72836ec95a52eacbda4dc5aa296b7dd6de08bd3b:/wp-admin/network/site-users.php?ds=sidebyside diff --git a/wp-admin/network/site-users.php b/wp-admin/network/site-users.php index 58796b25..62c6212c 100644 --- a/wp-admin/network/site-users.php +++ b/wp-admin/network/site-users.php @@ -8,7 +8,7 @@ */ /** Load WordPress Administration Bootstrap */ -require_once( './admin.php' ); +require_once( dirname( __FILE__ ) . '/admin.php' ); if ( ! is_multisite() ) wp_die( __( 'Multisite support is not enabled.' ) ); @@ -45,33 +45,26 @@ if ( ! $id ) wp_die( __('Invalid site ID.') ); $details = get_blog_details( $id ); -if ( !can_edit_network( $details->site_id ) ) +if ( ! can_edit_network( $details->site_id ) ) wp_die( __( 'You do not have permission to access this page.' ) ); $is_main_site = is_main_site( $id ); -// get blog prefix -$blog_prefix = $wpdb->get_blog_prefix( $id ); +switch_to_blog( $id ); -// @todo This is a hack. Eventually, add API to WP_Roles allowing retrieval of roles for a particular blog. -if ( ! empty($wp_roles->use_db) ) { - $editblog_roles = get_blog_option( $id, "{$blog_prefix}user_roles" ); -} else { - // Roles are stored in memory, not the DB. - $editblog_roles = $wp_roles->roles; -} -$default_role = get_blog_option( $id, 'default_role' ); +$editblog_roles = $wp_roles->roles; + +$default_role = get_option( 'default_role' ); $action = $wp_list_table->current_action(); if ( $action ) { - switch_to_blog( $id ); switch ( $action ) { case 'newuser': check_admin_referer( 'add-user', '_wpnonce_add-new-user' ); $user = $_POST['user']; - if ( !is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) { + if ( ! is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) { $update = 'err_new'; } else { $password = wp_generate_password( 12, false); @@ -92,11 +85,10 @@ if ( $action ) { if ( !empty( $_POST['newuser'] ) ) { $update = 'adduser'; $newuser = $_POST['newuser']; - $userid = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM " . $wpdb->users . " WHERE user_login = %s", $newuser ) ); - if ( $userid ) { - $user = $wpdb->get_var( "SELECT user_id FROM " . $wpdb->usermeta . " WHERE user_id='$userid' AND meta_key='{$blog_prefix}capabilities'" ); - if ( $user == false ) - add_user_to_blog( $id, $userid, $_POST['new_role'] ); + $user = get_user_by( 'login', $newuser ); + if ( $user && $user->exists() ) { + if ( ! is_user_member_of_blog( $user->ID, $id ) ) + add_user_to_blog( $id, $user->ID, $_POST['new_role'] ); else $update = 'err_add_member'; } else { @@ -108,7 +100,7 @@ if ( $action ) { break; case 'remove': - if ( !current_user_can('remove_users') ) + if ( ! current_user_can( 'remove_users' ) ) die(__('You can’t remove users.')); check_admin_referer( 'bulk-users' ); @@ -143,7 +135,7 @@ if ( $action ) { if ( !is_user_member_of_blog( $user_id ) ) wp_die(__('Cheatin’ uh?')); - $user = new WP_User( $user_id ); + $user = get_userdata( $user_id ); $user->set_role( $_REQUEST['new_role'] ); } } else { @@ -152,11 +144,12 @@ if ( $action ) { break; } - restore_current_blog(); wp_safe_redirect( add_query_arg( 'update', $update, $referer ) ); exit(); } +restore_current_blog(); + if ( isset( $_GET['action'] ) && 'update-site' == $_GET['action'] ) { wp_safe_redirect( $referer ); exit(); @@ -174,7 +167,7 @@ $submenu_file = 'sites.php'; if ( ! wp_is_large_network( 'users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) wp_enqueue_script( 'user-suggest' ); -require('../admin-header.php'); ?> +require( ABSPATH . 'wp-admin/admin-header.php' ); ?>