X-Git-Url: https://scripts.mit.edu/gitweb/autoinstallsdev/wordpress.git/blobdiff_plain/cc7b1505cd9fafd87c3672f669e13e98b0c544f7..99a64b9fd0d5ebb21c33c3a0b5865e9c412b430c:/wp-admin/user-edit.php
diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php
index ac6d4d6e..6334ed81 100644
--- a/wp-admin/user-edit.php
+++ b/wp-admin/user-edit.php
@@ -1,207 +1,427 @@
ID ) );
+
+if ( ! $user_id && IS_PROFILE_PAGE )
+ $user_id = $current_user->ID;
+elseif ( ! $user_id && ! IS_PROFILE_PAGE )
+ wp_die(__( 'Invalid user ID.' ) );
+elseif ( ! get_userdata( $user_id ) )
+ wp_die( __('Invalid user ID.') );
+
+wp_enqueue_script('user-profile');
+
+$title = IS_PROFILE_PAGE ? __('Profile') : __('Edit User');
+if ( current_user_can('edit_users') && !IS_PROFILE_PAGE )
+ $submenu_file = 'users.php';
+else
+ $submenu_file = 'profile.php';
-check_admin_referer();
+if ( current_user_can('edit_users') && !is_user_admin() )
+ $parent_file = 'users.php';
+else
+ $parent_file = 'profile.php';
+
+// contextual help - choose Help on the top right of admin panel to preview this.
+add_contextual_help($current_screen,
+ '
' . __('Your profile contains information about you (your “account”) as well as some personal options related to using WordPress.') . '
' .
+ '' . __('You can change your password, turn on keyboard shortcuts, change the color scheme of your WordPress administration screens, and turn off the WYSIWYG (Visual) editor, among other things.') . '
' .
+ '' . __('Your username cannot be changed, but you can use other fields to enter your real name or a nickname, and change which name to display on your posts.') . '
' .
+ '' . __('Required fields are indicated; the rest are optional. Profile information will only be displayed if your theme is set up to do so.') . '
' .
+ '' . __('Remember to click the Update Profile button when you are finished.') . '
' .
+ '' . __('For more information:') . '
' .
+ '' . __('Documentation on User Profiles ') . '
' .
+ '' . __('Support Forums ') . '
'
+);
+
+
+$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
+
+$user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' );
+
+/**
+ * Optional SSL preference that can be turned on by hooking to the 'personal_options' action.
+ *
+ * @since 2.7.0
+ *
+ * @param object $user User data object
+ */
+function use_ssl_preference($user) {
+?>
+
+
+ use_ssl); ?> />
+
+ID && ! apply_filters( 'enable_edit_any_user_configuration', true ) )
+ wp_die( __( 'You do not have permission to edit this user.' ) );
+
+// Execute confirmed email change. See send_confirmation_on_profile_email().
+if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
+ $new_email = get_option( $current_user->ID . '_new_email' );
+ if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
+ $user->ID = $current_user->ID;
+ $user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) );
+ if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
+ $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
+ wp_update_user( get_object_vars( $user ) );
+ delete_option( $current_user->ID . '_new_email' );
+ wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
+ die();
+ }
+} elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' == $_GET['dismiss'] ) {
+ delete_option( $current_user->ID . '_new_email' );
+ wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) );
+ die();
+}
+switch ($action) {
case 'update':
check_admin_referer('update-user_' . $user_id);
-$errors = array();
+if ( !current_user_can('edit_user', $user_id) )
+ wp_die(__('You do not have permission to edit this user.'));
-if (!current_user_can('edit_users'))
- $errors['head'] = __('You do not have permission to edit this user.');
+if ( IS_PROFILE_PAGE )
+ do_action('personal_options_update', $user_id);
else
+ do_action('edit_user_profile_update', $user_id);
+
+if ( !is_multisite() ) {
$errors = edit_user($user_id);
+} else {
+ $user = get_userdata( $user_id );
+
+ // Update the email address in signups, if present.
+ if ( $user->user_login && isset( $_POST[ 'email' ] ) && is_email( $_POST[ 'email' ] ) && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login ) ) )
+ $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST[ 'email' ], $user_login ) );
+
+ // WPMU must delete the user from the current blog if WP added him after editing.
+ $delete_role = false;
+ $blog_prefix = $wpdb->get_blog_prefix();
+ if ( $user_id != $current_user->ID ) {
+ $cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
+ if ( !is_network_admin() && null == $cap && $_POST[ 'role' ] == '' ) {
+ $_POST[ 'role' ] = 'contributor';
+ $delete_role = true;
+ }
+ }
+ if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) )
+ $errors = edit_user($user_id);
+ if ( $delete_role ) // stops users being added to current blog when they are edited
+ delete_user_meta( $user_id, $blog_prefix . 'capabilities' );
-if(count($errors) == 0) {
- wp_redirect("user-edit.php?user_id=$user_id&updated=true");
+ if ( is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) && empty( $_POST['super_admin'] ) == is_super_admin( $user_id ) )
+ empty( $_POST['super_admin'] ) ? revoke_super_admin( $user_id ) : grant_super_admin( $user_id );
+}
+
+if ( !is_wp_error( $errors ) ) {
+ $redirect = (IS_PROFILE_PAGE ? "profile.php?" : "user-edit.php?user_id=$user_id&"). "updated=true";
+ if ( $wp_http_referer )
+ $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
+ wp_redirect($redirect);
exit;
}
default:
-include ('admin-header.php');
+$profileuser = get_user_to_edit($user_id);
-$profileuser = new WP_User($user_id);
+if ( !current_user_can('edit_user', $user_id) )
+ wp_die(__('You do not have permission to edit this user.'));
-if (!current_user_can('edit_users')) $errors['head'] = __('You do not have permission to edit this user.');
+include (ABSPATH . 'wp-admin/admin-header.php');
?>
+ID ) && current_user_can( 'manage_network_options' ) ) { ?>
+
+
-
+
-
-
+
+
\n
", $errors->get_error_messages() ); ?>
-