wpmu_delete_blog() can wipe out an entire network

[nacin]

Steps to reproduce:

1. Create a network.

2. Create a second blog.

3. Via BLOG_ID_CURRENT_SITE, set the second blog to be the main blog.

4. Delete the original blog at the / path.

wpmu_delete_blog() will wipe out all blogs LIKE blog\_prefix%, which nukes the entire network.

Solution: iterate over and drop $wpdb->tables('blog') only.

Also, wpmu_delete_blog(), for blog ID 1, should automatically kick force to false. Otherwise things go haywire.

19009.2.diff​ keeps the wpmu_drop_tables filter. As commented above, it kicks $force to false if $blog_id == 1.

Also, cruft like autosave_draft_ids and the blog_list site_option is canned.

Passes unit tests.

I think we should also prevent $force when $current_site->path == $blog->path && $current_site->domain == $blog->domain. When this site disappears, the network admin will likely not work, and startup might fail.

Ideally we need to make this more explicit, such as denying the ability to delete these blogs in the UI (at the cap level, perhaps). Perhaps a better API distinction needs to be made with is_main_site(), the root domain/path, and blog_id 1, which can all be different.

19009.3.diff​ avoids destroying the initial, main, or root blogs -- three different concepts that are often all the same blog.

In [19038]:

Make wpmu_delete_blog() slightly less crappy. Prevents the entire network from being dropped in a particularly rare edge case. Removes some zombie code. fixes #19009.