Index: wp-admin/network/users.php
===================================================================
--- wp-admin/network/users.php	(revision 21789)
+++ wp-admin/network/users.php	(working copy)
@@ -139,27 +139,25 @@
 							break;
 
 							case 'spam':
+							case 'notspam':
+								if ( ! current_user_can( 'edit_users' ) )
+									wp_die( __( 'You do not have permission to access this page.' ) );								
+								
 								$user = get_userdata( $val );
+								if ( empty( $user ) || empty( $user->ID ) )
+									wp_die( __( 'Warning! User cannot be modified. The user does not exist.' ) );
+								
 								if ( is_super_admin( $user->ID ) )
 									wp_die( sprintf( __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), esc_html( $user->user_login ) ) );
 
-								$userfunction = 'all_spam';
-								$blogs = get_blogs_of_user( $val, true );
-								foreach ( (array) $blogs as $key => $details ) {
-									if ( $details->userblog_id != $current_site->blog_id ) // main blog not a spam !
-										update_blog_status( $details->userblog_id, 'spam', '1' );
+								if ( 'spam' == $doaction ) {
+									$userfunction = 'all_spam';
+									update_user_status( $user->ID, 'spam', '1' );									
+								} else {
+									$userfunction = 'all_notspam';
+									update_user_status( $user->ID, 'spam', '0' );									
 								}
-								update_user_status( $val, 'spam', '1' );
 							break;
-
-							case 'notspam':
-								$userfunction = 'all_notspam';
-								$blogs = get_blogs_of_user( $val, true );
-								foreach ( (array) $blogs as $key => $details )
-									update_blog_status( $details->userblog_id, 'spam', '0' );
-
-								update_user_status( $val, 'spam', '0' );
-							break;
 						}
 					}
 				}