X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/ff81ee6e8304a1982a3ec4f5b134764a29d502cf..54fb5972b908f9c2b16cd82cee580bcf61565873:/wp-admin/users.php diff --git a/wp-admin/users.php b/wp-admin/users.php index ab555323..76a00cd4 100644 --- a/wp-admin/users.php +++ b/wp-admin/users.php @@ -11,10 +11,10 @@ $update = ''; switch ($action) { case 'promote': - check_admin_referer(); + check_admin_referer('bulk-users'); if (empty($_POST['users'])) { - header('Location: users.php'); + wp_redirect('users.php'); } if ( !current_user_can('edit_users') ) @@ -33,16 +33,16 @@ case 'promote': $user->set_role($_POST['new_role']); } - header('Location: users.php?update=' . $update); + wp_redirect('users.php?update=' . $update); break; case 'dodelete': - check_admin_referer(); + check_admin_referer('delete-users'); if ( empty($_POST['users']) ) { - header('Location: users.php'); + wp_redirect('users.php'); } if ( !current_user_can('edit_users') ) @@ -66,17 +66,16 @@ case 'dodelete': } } - header('Location: users.php?update=' . $update); + wp_redirect('users.php?update=' . $update); break; case 'delete': - check_admin_referer(); + check_admin_referer('bulk-users'); - if (empty($_POST['users'])) { - header('Location: users.php'); - } + if ( empty($_POST['users']) ) + wp_redirect('users.php'); if ( !current_user_can('edit_users') ) $error['edit_users'] = __('You can’t delete users.'); @@ -86,6 +85,7 @@ case 'delete': include ('admin-header.php'); ?>