X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/f9001779751f83dc8a10e478bfecb4d8dd5f964c..ac7339a398e6df50f722bc9616291ce5447d8e5e:/wp-admin/ms-delete-site.php diff --git a/wp-admin/ms-delete-site.php b/wp-admin/ms-delete-site.php index 8b26b0b6..af8a5e05 100644 --- a/wp-admin/ms-delete-site.php +++ b/wp-admin/ms-delete-site.php @@ -7,13 +7,12 @@ * @since 3.0.0 */ -require_once( './admin.php' ); +require_once( dirname( __FILE__ ) . '/admin.php' ); if ( !is_multisite() ) wp_die( __( 'Multisite support is not enabled.' ) ); -// @todo Create a delete blog cap. -if ( ! current_user_can( 'manage_options' ) ) +if ( ! current_user_can( 'delete_site' ) ) wp_die(__( 'You do not have sufficient permissions to delete this site.')); if ( isset( $_GET['h'] ) && $_GET['h'] != '' && get_option( 'delete_blog_hash' ) != false ) { @@ -25,23 +24,29 @@ if ( isset( $_GET['h'] ) && $_GET['h'] != '' && get_option( 'delete_blog_hash' ) } } +$blog = get_blog_details(); +$user = wp_get_current_user(); + $title = __( 'Delete Site' ); $parent_file = 'tools.php'; -require_once( './admin-header.php' ); +require_once( ABSPATH . 'wp-admin/admin-header.php' ); echo '
'; -screen_icon(); echo '

' . esc_html( $title ) . '

'; if ( isset( $_POST['action'] ) && $_POST['action'] == 'deleteblog' && isset( $_POST['confirmdelete'] ) && $_POST['confirmdelete'] == '1' ) { + check_admin_referer( 'delete-blog' ); + $hash = wp_generate_password( 20, false ); update_option( 'delete_blog_hash', $hash ); $url_delete = esc_url( admin_url( 'ms-delete-site.php?h=' . $hash ) ); - $content = apply_filters( 'delete_site_email_content', __( "Dear User, + $content = __( "Howdy ###USERNAME###, + You recently clicked the 'Delete Site' link on your site and filled in a form on that page. + If you really want to delete your site, click the link below. You will not be asked to confirm again so only click this link if you are absolutely certain: ###URL_DELETE### @@ -52,12 +57,21 @@ are gone forever.) Thanks for using the site, Webmaster -###SITE_NAME###" ) ); - +###SITE_NAME###" ); + /** + * Filter the email content sent when a site in a Multisite network is deleted. + * + * @since 3.0.0 + * + * @param string $content The email content that will be sent to the user who deleted a site in a Multisite network. + */ + $content = apply_filters( 'delete_site_email_content', $content ); + + $content = str_replace( '###USERNAME###', $user->user_login, $content ); $content = str_replace( '###URL_DELETE###', $url_delete, $content ); $content = str_replace( '###SITE_NAME###', $current_site->site_name, $content ); - wp_mail( get_option( 'admin_email' ), "[ " . get_option( 'blogname' ) . " ] ".__( 'Delete My Site' ), $content ); + wp_mail( get_option( 'admin_email' ), "[ " . wp_specialchars_decode( get_option( 'blogname' ) ) . " ] ".__( 'Delete My Site' ), $content ); ?>

@@ -68,13 +82,13 @@ Webmaster

+ -

+

- '; -include( './admin-footer.php' ); -?> +include( ABSPATH . 'wp-admin/admin-footer.php' );