X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/f9001779751f83dc8a10e478bfecb4d8dd5f964c..refs/tags/wordpress-4.6.1:/wp-admin/includes/ms.php diff --git a/wp-admin/includes/ms.php b/wp-admin/includes/ms.php index 84585264..c88123a1 100644 --- a/wp-admin/includes/ms.php +++ b/wp-admin/includes/ms.php @@ -25,44 +25,56 @@ function check_upload_size( $file ) { if ( defined( 'WP_IMPORTING' ) ) return $file; - $space_allowed = 1048576 * get_space_allowed(); - $space_used = get_dirsize( BLOGUPLOADDIR ); - $space_left = $space_allowed - $space_used; + $space_left = get_upload_space_available(); + $file_size = filesize( $file['tmp_name'] ); - if ( $space_left < $file_size ) - $file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ($file_size - $space_left) /1024 ) ); - if ( $file_size > ( 1024 * get_site_option( 'fileupload_maxk', 1500 ) ) ) - $file['error'] = sprintf(__('This file is too big. Files must be less than %1$s KB in size.'), get_site_option( 'fileupload_maxk', 1500 ) ); + if ( $space_left < $file_size ) { + $file['error'] = sprintf( __( 'Not enough space to upload. %1$s KB needed.' ), number_format( ( $file_size - $space_left ) / KB_IN_BYTES ) ); + } + + if ( $file_size > ( KB_IN_BYTES * get_site_option( 'fileupload_maxk', 1500 ) ) ) { + $file['error'] = sprintf( __( 'This file is too big. Files must be less than %1$s KB in size.' ), get_site_option( 'fileupload_maxk', 1500 ) ); + } + if ( upload_is_user_over_quota( false ) ) { $file['error'] = __( 'You have used your space quota. Please delete files before uploading.' ); } - if ( $file['error'] != '0' && !isset($_POST['html-upload']) ) + + if ( $file['error'] != '0' && ! isset( $_POST['html-upload'] ) && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) { wp_die( $file['error'] . ' ' . __( 'Back' ) . '' ); + } return $file; } -add_filter( 'wp_handle_upload_prefilter', 'check_upload_size' ); /** - * Delete a blog + * Delete a site. * * @since 3.0.0 * - * @param int $blog_id Blog ID - * @param bool $drop True if blog's table should be dropped. Default is false. - * @return void + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $blog_id Site ID. + * @param bool $drop True if site's database tables should be dropped. Default is false. */ function wpmu_delete_blog( $blog_id, $drop = false ) { global $wpdb; $switch = false; - if ( $blog_id != $wpdb->blogid ) { + if ( get_current_blog_id() != $blog_id ) { $switch = true; switch_to_blog( $blog_id ); } - $blog_prefix = $wpdb->get_blog_prefix( $blog_id ); - + $blog = get_blog_details( $blog_id ); + /** + * Fires before a site is deleted. + * + * @since MU + * + * @param int $blog_id The site ID. + * @param bool $drop True if site's table should be dropped. Default is false. + */ do_action( 'delete_blog', $blog_id, $drop ); $users = get_users( array( 'blog_id' => $blog_id, 'fields' => 'ids' ) ); @@ -70,32 +82,67 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { // Remove users from this blog. if ( ! empty( $users ) ) { foreach ( $users as $user_id ) { - remove_user_from_blog( $user_id, $blog_id) ; + remove_user_from_blog( $user_id, $blog_id ); } } update_blog_status( $blog_id, 'deleted', 1 ); - if ( $drop ) { - if ( substr( $blog_prefix, -1 ) == '_' ) - $blog_prefix = substr( $blog_prefix, 0, -1 ) . '\_'; + $current_site = get_current_site(); + + // If a full blog object is not available, do not destroy anything. + if ( $drop && ! $blog ) { + $drop = false; + } + + // Don't destroy the initial, main, or root blog. + if ( $drop && ( 1 == $blog_id || is_main_site( $blog_id ) || ( $blog->path == $current_site->path && $blog->domain == $current_site->domain ) ) ) { + $drop = false; + } - $drop_tables = $wpdb->get_results( "SHOW TABLES LIKE '{$blog_prefix}%'", ARRAY_A ); - $drop_tables = apply_filters( 'wpmu_drop_tables', $drop_tables ); + $upload_path = trim( get_option( 'upload_path' ) ); - reset( $drop_tables ); - foreach ( (array) $drop_tables as $drop_table) { - $wpdb->query( "DROP TABLE IF EXISTS ". current( $drop_table ) ."" ); + // If ms_files_rewriting is enabled and upload_path is empty, wp_upload_dir is not reliable. + if ( $drop && get_site_option( 'ms_files_rewriting' ) && empty( $upload_path ) ) { + $drop = false; + } + + if ( $drop ) { + $uploads = wp_get_upload_dir(); + + $tables = $wpdb->tables( 'blog' ); + /** + * Filters the tables to drop when the site is deleted. + * + * @since MU + * + * @param array $tables The site tables to be dropped. + * @param int $blog_id The ID of the site to drop tables for. + */ + $drop_tables = apply_filters( 'wpmu_drop_tables', $tables, $blog_id ); + + foreach ( (array) $drop_tables as $table ) { + $wpdb->query( "DROP TABLE IF EXISTS `$table`" ); } - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->blogs WHERE blog_id = %d", $blog_id ) ); - $dir = apply_filters( 'wpmu_delete_blog_upload_dir', WP_CONTENT_DIR . "/blogs.dir/{$blog_id}/files/", $blog_id ); + + $wpdb->delete( $wpdb->blogs, array( 'blog_id' => $blog_id ) ); + + /** + * Filters the upload base directory to delete when the site is deleted. + * + * @since MU + * + * @param string $uploads['basedir'] Uploads path without subdirectory. @see wp_upload_dir() + * @param int $blog_id The site ID. + */ + $dir = apply_filters( 'wpmu_delete_blog_upload_dir', $uploads['basedir'], $blog_id ); $dir = rtrim( $dir, DIRECTORY_SEPARATOR ); $top_dir = $dir; $stack = array($dir); $index = 0; while ( $index < count( $stack ) ) { - # Get indexed directory from stack + // Get indexed directory from stack $dir = $stack[$index]; $dh = @opendir( $dir ); @@ -104,42 +151,68 @@ function wpmu_delete_blog( $blog_id, $drop = false ) { if ( $file == '.' || $file == '..' ) continue; - if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) + if ( @is_dir( $dir . DIRECTORY_SEPARATOR . $file ) ) { $stack[] = $dir . DIRECTORY_SEPARATOR . $file; - else if ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) + } elseif ( @is_file( $dir . DIRECTORY_SEPARATOR . $file ) ) { @unlink( $dir . DIRECTORY_SEPARATOR . $file ); + } } + @closedir( $dh ); } $index++; } - $stack = array_reverse( $stack ); // Last added dirs are deepest - foreach( (array) $stack as $dir ) { + $stack = array_reverse( $stack ); // Last added dirs are deepest + foreach ( (array) $stack as $dir ) { if ( $dir != $top_dir) @rmdir( $dir ); } - } - $wpdb->query( "DELETE FROM {$wpdb->usermeta} WHERE meta_key = '{$blog_prefix}autosave_draft_ids'" ); - $blogs = get_site_option( 'blog_list' ); - if ( is_array( $blogs ) ) { - foreach ( $blogs as $n => $blog ) { - if ( $blog['blog_id'] == $blog_id ) - unset( $blogs[$n] ); - } - update_site_option( 'blog_list', $blogs ); + clean_blog_cache( $blog ); } - if ( $switch === true ) + if ( $switch ) restore_current_blog(); } -// @todo Merge with wp_delete_user() ? +/** + * Delete a user from the network and remove from all sites. + * + * @since 3.0.0 + * + * @todo Merge with wp_delete_user() ? + * + * @global wpdb $wpdb WordPress database abstraction object. + * + * @param int $id The user ID. + * @return bool True if the user was deleted, otherwise false. + */ function wpmu_delete_user( $id ) { global $wpdb; + if ( ! is_numeric( $id ) ) { + return false; + } + $id = (int) $id; + $user = new WP_User( $id ); + + if ( !$user->exists() ) + return false; + // Global super-administrators are protected, and cannot be deleted. + $_super_admins = get_super_admins(); + if ( in_array( $user->user_login, $_super_admins, true ) ) { + return false; + } + + /** + * Fires before a user is deleted from the network. + * + * @since MU + * + * @param int $id ID of the user about to be deleted from the network. + */ do_action( 'wpmu_delete_user', $id ); $blogs = get_blogs_of_user( $id ); @@ -166,48 +239,29 @@ function wpmu_delete_user( $id ) { } } - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->users WHERE ID = %d", $id ) ); - $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + $meta = $wpdb->get_col( $wpdb->prepare( "SELECT umeta_id FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); + foreach ( $meta as $mid ) + delete_metadata_by_mid( 'user', $mid ); + + $wpdb->delete( $wpdb->users, array( 'ID' => $id ) ); - clean_user_cache( $id ); + clean_user_cache( $user ); - // allow for commit transaction + /** This action is documented in wp-admin/includes/user.php */ do_action( 'deleted_user', $id ); return true; } -function wpmu_get_blog_allowedthemes( $blog_id = 0 ) { - $themes = get_themes(); - - if ( $blog_id != 0 ) - switch_to_blog( $blog_id ); - - $blog_allowed_themes = get_option( 'allowedthemes' ); - if ( !is_array( $blog_allowed_themes ) || empty( $blog_allowed_themes ) ) { // convert old allowed_themes to new allowedthemes - $blog_allowed_themes = get_option( 'allowed_themes' ); - - if ( is_array( $blog_allowed_themes ) ) { - foreach( (array) $themes as $key => $theme ) { - $theme_key = esc_html( $theme['Stylesheet'] ); - if ( isset( $blog_allowed_themes[$key] ) == true ) { - $blog_allowedthemes[$theme_key] = 1; - } - } - $blog_allowed_themes = $blog_allowedthemes; - add_option( 'allowedthemes', $blog_allowed_themes ); - delete_option( 'allowed_themes' ); - } - } - - if ( $blog_id != 0 ) - restore_current_blog(); - - return $blog_allowed_themes; -} - +/** + * Sends an email when a site administrator email address is changed. + * + * @since 3.0.0 + * + * @param string $old_value The old email address. Not currently used. + * @param string $value The new email address. + */ function update_option_new_admin_email( $old_value, $value ) { - $email = get_option( 'admin_email' ); if ( $value == get_option( 'admin_email' ) || !is_email( $value ) ) return; @@ -218,10 +272,12 @@ function update_option_new_admin_email( $old_value, $value ) { ); update_option( 'adminhash', $new_admin_email ); - $content = apply_filters( 'new_admin_email_content', __( "Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the administration email address on your site changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -232,49 +288,76 @@ This email has been sent to ###EMAIL### Regards, All at ###SITENAME### -###SITEURL### "), $new_admin_email ); +###SITEURL###' ); + + /** + * Filters the email text sent when the site admin email is changed. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The new email. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since MU + * + * @param string $email_text Text in the email. + * @param string $new_admin_email New admin email that the current administration email was changed to. + */ + $content = apply_filters( 'new_admin_email_content', $email_text, $new_admin_email ); - $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'options.php?adminhash='.$hash ) ), $content ); + $current_user = wp_get_current_user(); + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); + $content = str_replace( '###ADMIN_URL###', esc_url( self_admin_url( 'options.php?adminhash='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $value, $content ); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $value, sprintf( __( '[%s] New Admin Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); } -add_action( 'update_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); -add_action( 'add_option_new_admin_email', 'update_option_new_admin_email', 10, 2 ); +/** + * Sends an email when an email address change is requested. + * + * @since 3.0.0 + * + * @global WP_Error $errors WP_Error object. + * @global wpdb $wpdb WordPress database object. + */ function send_confirmation_on_profile_email() { global $errors, $wpdb; $current_user = wp_get_current_user(); if ( ! is_object($errors) ) $errors = new WP_Error(); - if ( $current_user->id != $_POST['user_id'] ) + if ( $current_user->ID != $_POST['user_id'] ) return false; if ( $current_user->user_email != $_POST['email'] ) { if ( !is_email( $_POST['email'] ) ) { - $errors->add( 'user_email', __( "ERROR: The e-mail address isn't correct." ), array( 'form-field' => 'email' ) ); + $errors->add( 'user_email', __( "ERROR: The email address isn’t correct." ), array( 'form-field' => 'email' ) ); return; } if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_email FROM {$wpdb->users} WHERE user_email=%s", $_POST['email'] ) ) ) { - $errors->add( 'user_email', __( "ERROR: The e-mail address is already used." ), array( 'form-field' => 'email' ) ); - delete_option( $current_user->ID . '_new_email' ); + $errors->add( 'user_email', __( "ERROR: The email address is already used." ), array( 'form-field' => 'email' ) ); + delete_user_meta( $current_user->ID, '_new_email' ); return; } $hash = md5( $_POST['email'] . time() . mt_rand() ); $new_user_email = array( - 'hash' => $hash, - 'newemail' => $_POST['email'] - ); - update_option( $current_user->ID . '_new_email', $new_user_email ); + 'hash' => $hash, + 'newemail' => $_POST['email'] + ); + update_user_meta( $current_user->ID, '_new_email', $new_user_email ); - $content = apply_filters( 'new_user_email_content', __( "Dear user, + /* translators: Do not translate USERNAME, ADMIN_URL, EMAIL, SITENAME, SITEURL: those are placeholders. */ + $email_text = __( 'Howdy ###USERNAME###, You recently requested to have the email address on your account changed. + If this is correct, please click on the following link to change it: ###ADMIN_URL### @@ -285,187 +368,226 @@ This email has been sent to ###EMAIL### Regards, All at ###SITENAME### -###SITEURL###" ), $new_user_email ); - +###SITEURL###' ); + + /** + * Filters the email text sent when a user changes emails. + * + * The following strings have a special meaning and will get replaced dynamically: + * ###USERNAME### The current user's username. + * ###ADMIN_URL### The link to click on to confirm the email change. + * ###EMAIL### The new email. + * ###SITENAME### The name of the site. + * ###SITEURL### The URL to the site. + * + * @since MU + * + * @param string $email_text Text in the email. + * @param string $new_user_email New user email that the current user has changed to. + */ + $content = apply_filters( 'new_user_email_content', $email_text, $new_user_email ); + + $content = str_replace( '###USERNAME###', $current_user->user_login, $content ); $content = str_replace( '###ADMIN_URL###', esc_url( admin_url( 'profile.php?newuseremail='.$hash ) ), $content ); $content = str_replace( '###EMAIL###', $_POST['email'], $content); $content = str_replace( '###SITENAME###', get_site_option( 'site_name' ), $content ); $content = str_replace( '###SITEURL###', network_home_url(), $content ); - wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), get_option( 'blogname' ) ), $content ); + wp_mail( $_POST['email'], sprintf( __( '[%s] New Email Address' ), wp_specialchars_decode( get_option( 'blogname' ) ) ), $content ); $_POST['email'] = $current_user->user_email; } } -add_action( 'personal_options_update', 'send_confirmation_on_profile_email' ); - -function new_user_email_admin_notice() { - if ( strpos( $_SERVER['PHP_SELF'], 'profile.php' ) && isset( $_GET['updated'] ) && $email = get_option( get_current_user_id() . '_new_email' ) ) - echo "
' . sprintf( __( 'Your email address has not been updated yet. Please check your inbox at %s for a confirmation email.' ), '' . esc_html( $email['newemail'] ) . '
' ) . '
' . sprintf( __( 'You attempted to access the "%1$s" dashboard, but you do not currently have privileges on this site. If you believe you should be able to access the "%1$s" dashboard, please contact your network administrator.' ), $blog_name ) . '
'; + $output .= '' . __( 'If you reached this screen by accident and meant to visit one of your own sites, here are some shortcuts to help you find your way.' ) . '
'; + + $output .= '{$blog->blogname} | "; + $output .= '' . __( 'Visit Dashboard' ) . ' | ' . + '' . __( 'View Site' ) . ' | '; + $output .= '
/* That's all, stop editing! Happy blogging. */
please add this code:" );
- $msg .= "$out
";
- echo "%1$s
file is deprecated. Please remove it and update your server rewrite rules to use %2$s
instead.' ), 'wp-content/blogs.php', 'wp-includes/ms-files.php' ) . '';
-}
-add_action( 'network_admin_notices', 'ms_deprecated_blogs_file' );
-
/**
- * Grants super admin privileges.
+ * Whether or not we can edit this network from this page.
*
- * @since 3.0.0
- * @param int $user_id
+ * By default editing of network is restricted to the Network Admin for that `$site_id`
+ * this allows for this to be overridden.
+ *
+ * @since 3.1.0
+ *
+ * @global wpdb $wpdb WordPress database abstraction object.
+ *
+ * @param int $site_id The network/site ID to check.
+ * @return bool True if network can be edited, otherwise false.
*/
-function grant_super_admin( $user_id ) {
- global $super_admins;
-
- // If global super_admins override is defined, there is nothing to do here.
- if ( isset($super_admins) )
- return false;
-
- do_action( 'grant_super_admin', $user_id );
+function can_edit_network( $site_id ) {
+ global $wpdb;
- // Directly fetch site_admins instead of using get_super_admins()
- $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+ if ( $site_id == $wpdb->siteid )
+ $result = true;
+ else
+ $result = false;
- $user = new WP_User( $user_id );
- if ( ! in_array( $user->user_login, $super_admins ) ) {
- $super_admins[] = $user->user_login;
- update_site_option( 'site_admins' , $super_admins );
- do_action( 'granted_super_admin', $user_id );
- return true;
- }
- return false;
+ /**
+ * Filters whether this network can be edited from this page.
+ *
+ * @since 3.1.0
+ *
+ * @param bool $result Whether the network can be edited from this page.
+ * @param int $site_id The network/site ID to check.
+ */
+ return apply_filters( 'can_edit_network', $result, $site_id );
}
/**
- * Revokes super admin privileges.
+ * Thickbox image paths for Network Admin.
*
- * @since 3.0.0
- * @param int $user_id
+ * @since 3.1.0
+ *
+ * @access private
*/
-function revoke_super_admin( $user_id ) {
- global $super_admins;
+function _thickbox_path_admin_subfolder() {
+?>
+
+
+
- do_action( 'revoke_super_admin', $user_id );
+
+
+
+
+
- // Directly fetch site_admins instead of using get_super_admins()
- $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+
+
+/**
+ * Outputs the HTML for a network's "Edit Site" tabular interface.
+ *
+ * @since 4.6.0
+ *
+ * @param $args {
+ * Optional. Array or string of Query parameters. Default empty array.
+ *
+ * @type int $blog_id The site ID. Default is the current site.
+ * @type array $links The tabs to include with (label|url|cap) keys.
+ * @type string $selected The ID of the selected link.
+ * }
+ */
+function network_edit_site_nav( $args = array() ) {
+
+ /**
+ * Filters the links that appear on site-editing network pages.
+ *
+ * Default links: 'site-info', 'site-users', 'site-themes', and 'site-settings'.
+ *
+ * @since 4.6.0
+ *
+ * @param array $links {
+ * An array of link data representing individual network admin pages.
+ *
+ * @type array $link_slug {
+ * An array of information about the individual link to a page.
+ *
+ * $type string $label Label to use for the link.
+ * $type string $url URL, relative to `network_admin_url()` to use for the link.
+ * $type string $cap Capability required to see the link.
+ * }
+ * }
+ */
+ $links = apply_filters( 'network_edit_site_nav_links', array(
+ 'site-info' => array( 'label' => __( 'Info' ), 'url' => 'site-info.php', 'cap' => 'manage_sites' ),
+ 'site-users' => array( 'label' => __( 'Users' ), 'url' => 'site-users.php', 'cap' => 'manage_sites' ),
+ 'site-themes' => array( 'label' => __( 'Themes' ), 'url' => 'site-themes.php', 'cap' => 'manage_sites' ),
+ 'site-settings' => array( 'label' => __( 'Settings' ), 'url' => 'site-settings.php', 'cap' => 'manage_sites' )
+ ) );
+
+ // Parse arguments
+ $r = wp_parse_args( $args, array(
+ 'blog_id' => isset( $_GET['blog_id'] ) ? (int) $_GET['blog_id'] : 0,
+ 'links' => $links,
+ 'selected' => 'site-info',
+ ) );
+
+ // Setup the links array
+ $screen_links = array();
+
+ // Loop through tabs
+ foreach ( $r['links'] as $link_id => $link ) {
+
+ // Skip link if user can't access
+ if ( ! current_user_can( $link['cap'], $r['blog_id'] ) ) {
+ continue;
+ }
+
+ // Link classes
+ $classes = array( 'nav-tab' );
+
+ // Selected is set by the parent OR assumed by the $pagenow global
+ if ( $r['selected'] === $link_id || $link['url'] === $GLOBALS['pagenow'] ) {
+ $classes[] = 'nav-tab-active';
+ }
+
+ // Escape each class
+ $esc_classes = implode( ' ', $classes );
+
+ // Get the URL for this link
+ $url = add_query_arg( array( 'id' => $r['blog_id'] ), network_admin_url( $link['url'] ) );
+
+ // Add link to nav links
+ $screen_links[ $link_id ] = '' . esc_html( $link['label'] ) . '';
+ }
+
+ // All done!
+ echo '