X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/9e77185fafaf4e60e2b73821e0e4b9b1a11fb85f..7f1521bf193b382565eb753043c161f4cb3fcda7:/wp-admin/network/users.php diff --git a/wp-admin/network/users.php b/wp-admin/network/users.php index 39ab1b5a..c900b825 100644 --- a/wp-admin/network/users.php +++ b/wp-admin/network/users.php @@ -14,51 +14,70 @@ if ( ! is_multisite() ) wp_die( __( 'Multisite support is not enabled.' ) ); if ( ! current_user_can( 'manage_network_users' ) ) - wp_die( __( 'You do not have permission to access this page.' ) ); + wp_die( __( 'You do not have permission to access this page.' ), 403 ); function confirm_delete_users( $users ) { $current_user = wp_get_current_user(); - if ( !is_array( $users ) ) + if ( ! is_array( $users ) || empty( $users ) ) { return false; + } ?>

-

+ + +

+ +

+ +
ID . '">' . $current_user->user_login . ''; + $admin_out = ''; ?> + + $val ) { - if ( $val != '' && $val != '0' ) { - $delete_user = get_userdata( $val ); - - if ( ! current_user_can( 'delete_user', $delete_user->ID ) ) + if ( ! current_user_can( 'delete_user', $delete_user->ID ) ) { wp_die( sprintf( __( 'Warning! User %s cannot be deleted.' ), $delete_user->user_login ) ); + } - if ( in_array( $delete_user->user_login, $site_admins ) ) - wp_die( sprintf( __( 'Warning! User cannot be deleted. The user %s is a network administrator.' ), $delete_user->user_login ) ); - - echo "\n"; - $blogs = get_blogs_of_user( $val, true ); - - if ( !empty( $blogs ) ) { + if ( in_array( $delete_user->user_login, $site_admins ) ) { + wp_die( sprintf( __( 'Warning! User cannot be deleted. The user %s is a network administrator.' ), '' . $delete_user->user_login . '' ) ); + } + ?> + + + -

' . $delete_user->user_login . '' ); ?>

+
"; + } else { + ?> + + +
user_login; ?> + ' . "\n"; ?> +

' . $delete_user->user_login . '' + ); ?>

$details ) { $blog_users = get_users( array( 'blog_id' => $details->userblog_id, 'fields' => array( 'ID', 'user_login' ) ) ); if ( is_array( $blog_users ) && !empty( $blog_users ) ) { $user_site = "{$details->blogname}"; - $user_dropdown = ""; $user_list = ''; foreach ( $blog_users as $user ) { - if ( ! in_array( $user->ID, $allusers ) ) + if ( ! in_array( $user->ID, $allusers ) ) { $user_list .= ""; + } } - if ( '' == $user_list ) + if ( '' == $user_list ) { $user_list = $admin_out; + } $user_dropdown .= $user_list; $user_dropdown .= "\n"; ?> @@ -67,23 +86,37 @@ function confirm_delete_users( $users ) {
    • + \n" . $user_dropdown; ?> "; - } + echo "

    + +
    + +

    + +

    +
    - '; confirm_delete_users( $_POST['allusers'] ); echo ''; - require_once( ABSPATH . 'wp-admin/admin-footer.php' ); - } else { + require_once( ABSPATH . 'wp-admin/admin-footer.php' ); + } else { wp_redirect( network_admin_url( 'users.php' ) ); } exit(); case 'allusers': if ( !current_user_can( 'manage_network_users' ) ) - wp_die( __( 'You do not have permission to access this page.' ) ); + wp_die( __( 'You do not have permission to access this page.' ), 403 ); if ( ( isset( $_POST['action']) || isset($_POST['action2'] ) ) && isset( $_POST['allusers'] ) ) { check_admin_referer( 'bulk-users-network' ); @@ -123,12 +156,12 @@ if ( isset( $_GET['action'] ) ) { $doaction = $_POST['action'] != -1 ? $_POST['action'] : $_POST['action2']; $userfunction = ''; - foreach ( (array) $_POST['allusers'] as $key => $val ) { - if ( !empty( $val ) ) { + foreach ( (array) $_POST['allusers'] as $user_id ) { + if ( !empty( $user_id ) ) { switch ( $doaction ) { case 'delete': if ( ! current_user_can( 'delete_users' ) ) - wp_die( __( 'You do not have permission to access this page.' ) ); + wp_die( __( 'You do not have permission to access this page.' ), 403 ); $title = __( 'Users' ); $parent_file = 'users.php'; require_once( ABSPATH . 'wp-admin/admin-header.php' ); @@ -139,26 +172,26 @@ if ( isset( $_GET['action'] ) ) { exit(); case 'spam': - $user = get_userdata( $val ); + $user = get_userdata( $user_id ); if ( is_super_admin( $user->ID ) ) wp_die( sprintf( __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ) ); $userfunction = 'all_spam'; - $blogs = get_blogs_of_user( $val, true ); - foreach ( (array) $blogs as $key => $details ) { + $blogs = get_blogs_of_user( $user_id, true ); + foreach ( (array) $blogs as $details ) { if ( $details->userblog_id != $current_site->blog_id ) // main blog not a spam ! update_blog_status( $details->userblog_id, 'spam', '1' ); } - update_user_status( $val, 'spam', '1' ); + update_user_status( $user_id, 'spam', '1' ); break; case 'notspam': $userfunction = 'all_notspam'; - $blogs = get_blogs_of_user( $val, true ); - foreach ( (array) $blogs as $key => $details ) + $blogs = get_blogs_of_user( $user_id, true ); + foreach ( (array) $blogs as $details ) update_blog_status( $details->userblog_id, 'spam', '0' ); - update_user_status( $val, 'spam', '0' ); + update_user_status( $user_id, 'spam', '0' ); break; } } @@ -177,7 +210,7 @@ if ( isset( $_GET['action'] ) ) { case 'dodelete': check_admin_referer( 'ms-users-delete' ); if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' ) ) ) - wp_die( __( 'You do not have permission to access this page.' ) ); + wp_die( __( 'You do not have permission to access this page.' ), 403 ); if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) { foreach ( $_POST['blog'] as $id => $users ) { @@ -223,7 +256,7 @@ if ( $pagenum > $total_pages && $total_pages > 0 ) { $title = __( 'Users' ); $parent_file = 'users.php'; -add_screen_option( 'per_page', array('label' => _x( 'Users', 'users per page (screen options)' )) ); +add_screen_option( 'per_page' ); get_current_screen()->add_help_tab( array( 'id' => 'overview', @@ -239,7 +272,7 @@ get_current_screen()->add_help_tab( array( get_current_screen()->set_help_sidebar( '

    ' . __('For more information:') . '

    ' . - '

    ' . __('Documentation on Network Users') . '

    ' . + '

    ' . __('Documentation on Network Users') . '

    ' . '

    ' . __('Support Forums') . '

    ' ); @@ -247,7 +280,7 @@ require_once( ABSPATH . 'wp-admin/admin-header.php' ); if ( isset( $_REQUEST['updated'] ) && $_REQUEST['updated'] == 'true' && ! empty( $_REQUEST['action'] ) ) { ?> -

    +

    views(); ?> -

    + search_box( __( 'Search Users' ), 'all-user' ); ?>