Ticket #15558: 15558.2.diff
| File 15558.2.diff, 12.2 KB (added by , 15 years ago) |
|---|
-
wp-admin/includes/class-wp-users-list-table.php
7 7 * @since 3.1.0 8 8 */ 9 9 class WP_Users_List_Table extends WP_List_Table { 10 11 var $site_id; 12 var $is_site_users; 13 14 function WP_Users_List_Table() { 15 $screen = get_current_screen(); 16 $this->is_site_users = ( 'site-users-network' == $screen->id ) ? true : false; 10 17 18 if ( $this->is_site_users ) 19 $this->site_id = isset( $_REQUEST['id'] ) ? intval( $_REQUEST['id'] ) : 0; 20 21 parent::WP_List_Table( array( 22 'singular' => 'user', 23 'plural' => 'users' 24 ) ); 25 } 26 11 27 function check_permissions() { 12 28 if ( !current_user_can('list_users') ) 13 29 wp_die(__('Cheatin’ uh?')); … … 30 46 'role' => $role, 31 47 'search' => $usersearch 32 48 ); 49 50 if ( $this->is_site_users ) 51 $args['blog_id'] = $this->site_id; 33 52 34 53 if ( isset( $_REQUEST['orderby'] ) ) 35 54 $args['orderby'] = $_REQUEST['orderby']; … … 55 74 function get_views() { 56 75 global $wp_roles, $role; 57 76 58 $users_of_blog = count_users(); 77 if ( $this->is_site_users ) { 78 $url = 'site-users.php?id=' . $this->site_id; 79 switch_to_blog( $this->site_id ); 80 $users_of_blog = count_users(); 81 restore_current_blog(); 82 } else { 83 $url = 'users.php'; 84 $users_of_blog = count_users(); 85 } 59 86 $total_users = $users_of_blog['total_users']; 60 87 $avail_roles =& $users_of_blog['avail_roles']; 61 88 unset($users_of_blog); … … 63 90 $current_role = false; 64 91 $class = empty($role) ? ' class="current"' : ''; 65 92 $role_links = array(); 66 $role_links['all'] = "<a href=' users.php'$class>" . sprintf( _nx( 'All <span class="count">(%s)</span>', 'All <span class="count">(%s)</span>', $total_users, 'users' ), number_format_i18n( $total_users ) ) . '</a>';93 $role_links['all'] = "<a href='$url'$class>" . sprintf( _nx( 'All <span class="count">(%s)</span>', 'All <span class="count">(%s)</span>', $total_users, 'users' ), number_format_i18n( $total_users ) ) . '</a>'; 67 94 foreach ( $wp_roles->get_names() as $this_role => $name ) { 68 95 if ( !isset($avail_roles[$this_role]) ) 69 96 continue; … … 78 105 $name = translate_user_role( $name ); 79 106 /* translators: User role name with count */ 80 107 $name = sprintf( __('%1$s <span class="count">(%2$s)</span>'), $name, $avail_roles[$this_role] ); 81 $role_links[$this_role] = "<a href=' users.php?role=$this_role'$class>$name</a>";108 $role_links[$this_role] = "<a href='" . add_query_arg( 'role', $this_role, $url ) . "'$class>$name</a>"; 82 109 } 83 110 84 111 return $role_links; … … 171 198 $user_object = new WP_User( (int) $user_object ); 172 199 $user_object = sanitize_user_object( $user_object, 'display' ); 173 200 $email = $user_object->user_email; 201 202 if ( $this->is_site_users ) 203 $url = "site-users.php?id={$this->site_id}&"; 204 else 205 $url = 'users.php?'; 174 206 175 207 $checkbox = ''; 176 208 // Check if the user for this row is editable … … 197 229 if ( !is_multisite() && get_current_user_id() != $user_object->ID && current_user_can( 'delete_user', $user_object->ID ) ) 198 230 $actions['delete'] = "<a class='submitdelete' href='" . wp_nonce_url( "users.php?action=delete&user=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Delete' ) . "</a>"; 199 231 if ( is_multisite() && get_current_user_id() != $user_object->ID && current_user_can( 'remove_user', $user_object->ID ) ) 200 $actions['remove'] = "<a class='submitdelete' href='" . wp_nonce_url( "users.php?action=remove&user=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Remove' ) . "</a>";232 $actions['remove'] = "<a class='submitdelete' href='" . wp_nonce_url( $url."action=remove&user=$user_object->ID", 'bulk-users' ) . "'>" . __( 'Remove' ) . "</a>"; 201 233 $actions = apply_filters( 'user_row_actions', $actions, $user_object ); 202 234 $edit .= $this->row_actions( $actions ); 203 235 -
wp-admin/network/site-users.php
1 1 <?php 2 2 /** 3 * Edit Site Users Administration Screen3 * Edit Site Themes Administration Screen 4 4 * 5 5 * @package WordPress 6 6 * @subpackage Multisite … … 13 13 if ( ! is_multisite() ) 14 14 wp_die( __( 'Multisite support is not enabled.' ) ); 15 15 16 if ( ! current_user_can('manage_sites') ) 17 wp_die(__('You do not have sufficient permissions to edit this site.')); 16 $wp_list_table = get_list_table('WP_Users_List_Table'); 17 $wp_list_table->check_permissions(); 18 $wp_list_table->prepare_items(); 18 19 20 $action = $wp_list_table->current_action(); 21 22 $s = isset($_REQUEST['s']) ? $_REQUEST['s'] : ''; 23 24 // Clean up request URI from temporary args for screen options/paging uri's to work as expected. 25 $_SERVER['REQUEST_URI'] = remove_query_arg(array('enable', 'disable', 'enable-selected', 'disable-selected'), $_SERVER['REQUEST_URI']); 26 19 27 $id = isset( $_REQUEST['id'] ) ? intval( $_REQUEST['id'] ) : 0; 20 28 21 29 if ( ! $id ) … … 38 46 $editblog_roles = $wp_roles->roles; 39 47 } 40 48 41 if ( isset($_REQUEST['action']) && 'update-site' == $_REQUEST['action'] ) { 42 check_admin_referer( 'edit-site' ); 49 $action = $wp_list_table->current_action(); 43 50 51 if ( $action ) { 44 52 switch_to_blog( $id ); 53 54 switch ( $action ) { 55 case 'adduser': 56 if ( !empty( $_POST['newuser'] ) ) { 57 $newuser = $_POST['newuser']; 58 $userid = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM " . $wpdb->users . " WHERE user_login = %s", $newuser ) ); 59 if ( $userid ) { 60 $user = $wpdb->get_var( "SELECT user_id FROM " . $wpdb->usermeta . " WHERE user_id='$userid' AND meta_key='{$blog_prefix}capabilities'" ); 61 if ( $user == false ) 62 add_user_to_blog( $id, $userid, $_POST['new_role'] ); 63 } 64 } 65 break; 66 67 case 'remove': 68 if ( !current_user_can('remove_users') ) 69 die(__('You can’t remove users.')); 45 70 46 // user roles 47 if ( isset( $_POST['role'] ) && is_array( $_POST['role'] ) == true ) { 48 $newroles = $_POST['role']; 71 if ( isset( $_REQUEST['users'] ) ) { 72 $userids = $_REQUEST['users']; 49 73 50 reset( $newroles ); 51 foreach ( (array) $newroles as $userid => $role ) { 52 $user = new WP_User( $userid ); 53 if ( empty( $user->ID ) ) 54 continue; 55 $user->for_blog( $id ); 56 $user->set_role( $role ); 57 } 58 } 74 foreach ( $userids as $user_id ) { 75 $user_id = (int) $user_id; 76 remove_user_from_blog( $user_id, $id ); 77 } 78 } else { 79 remove_user_from_blog( $_GET['user'] ); 80 } 81 break; 59 82 60 // remove user 61 if ( isset( $_POST['blogusers'] ) && is_array( $_POST['blogusers'] ) ) { 62 reset( $_POST['blogusers'] ); 63 foreach ( (array) $_POST['blogusers'] as $key => $val ) 64 remove_user_from_blog( $key, $id ); 65 } 83 case 'promote': 84 $editable_roles = get_editable_roles(); 85 if ( empty( $editable_roles[$_REQUEST['new_role']] ) ) 86 wp_die(__('You can’t give users that role.')); 66 87 67 // change password 68 if ( isset( $_POST['user_password'] ) && is_array( $_POST['user_password'] ) ) { 69 reset( $_POST['user_password'] ); 70 $newroles = $_POST['role']; 71 foreach ( (array) $_POST['user_password'] as $userid => $pass ) { 72 unset( $_POST['role'] ); 73 $_POST['role'] = $newroles[ $userid ]; 74 if ( $pass != '' ) { 75 $cap = $wpdb->get_var( $wpdb->prepare( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = %d AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'", $userid ) ); 76 $userdata = get_userdata($userid); 77 $_POST['pass1'] = $_POST['pass2'] = $pass; 78 $_POST['email'] = $userdata->user_email; 79 $_POST['rich_editing'] = $userdata->rich_editing; 80 edit_user( $userid ); 81 if ( $cap == null ) 82 $wpdb->query( $wpdb->prepare( "DELETE FROM {$wpdb->usermeta} WHERE user_id = %d AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'", $userid ) ); 83 } 84 } 85 unset( $_POST['role'] ); 86 $_POST['role'] = $newroles; 87 } 88 $userids = $_REQUEST['users']; 89 $update = 'promote'; 90 foreach ( $userids as $user_id ) { 91 $user_id = (int) $user_id; 88 92 89 // add user 90 if ( !empty( $_POST['newuser'] ) ) { 91 $newuser = $_POST['newuser']; 92 $userid = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM " . $wpdb->users . " WHERE user_login = %s", $newuser ) ); 93 if ( $userid ) { 94 $user = $wpdb->get_var( "SELECT user_id FROM " . $wpdb->usermeta . " WHERE user_id='$userid' AND meta_key='{$blog_prefix}capabilities'" ); 95 if ( $user == false ) 96 add_user_to_blog( $id, $userid, $_POST['new_role'] ); 97 } 98 } 93 // If the user doesn't already belong to the blog, bail. 94 if ( !is_user_member_of_blog( $user_id ) ) 95 wp_die(__('Cheatin’ uh?')); 99 96 97 $user = new WP_User( $user_id ); 98 $user->set_role( $_REQUEST['new_role'] ); 99 } 100 break; 101 } 102 100 103 restore_current_blog(); 101 wp_redirect( add_query_arg( array( 'update' => 'updated', 'id' => $id ), 'site-users.php') );104 wp_redirect( wp_get_referer() ); // @todo add_query_arg for update message 102 105 } 103 106 104 if ( isset($_GET['update']) ) { 105 $messages = array(); 106 if ( 'updated' == $_GET['update'] ) 107 $messages[] = __('Site users updated.'); 108 } 107 add_screen_option( 'per_page', array( 'label' => _x( 'Users', 'users per page (screen options)' ) ) ); 109 108 110 109 $title = sprintf( __('Edit Site: %s'), get_blogaddress_by_id($id)); 111 110 $parent_file = 'sites.php'; … … 128 127 } 129 128 ?> 130 129 </h3> 131 <?php 132 if ( ! empty( $messages ) ) { 133 foreach ( $messages as $msg ) 134 echo '<div id="message" class="updated"><p>' . $msg . '</p></div>'; 135 } ?> 130 <form class="search-form" action="" method="get"> 131 <p class="search-box"> 132 <label class="screen-reader-text" for="user-search-input"><?php _e( 'Search Users' ); ?>:</label> 133 <input type="text" id="user-search-input" name="s" value="<?php echo esc_attr($usersearch); ?>" /> 134 <?php submit_button( __( 'Search Users' ), 'button', 'submit', false ); ?> 135 </p> 136 </form> 137 138 <?php $wp_list_table->views(); ?> 139 136 140 <form method="post" action="site-users.php?action=update-site"> 137 141 <?php wp_nonce_field( 'edit-site' ); ?> 138 142 <input type="hidden" name="id" value="<?php echo esc_attr( $id ) ?>" /> 139 <?php140 $blogusers = get_users( array( 'blog_id' => $id, 'number' => 20 ) );141 143 142 if ( is_array( $blogusers ) ) { 143 echo '<table class="form-table">'; 144 echo "<tr><th>" . __( 'User' ) . "</th><th>" . __( 'Role' ) . "</th><th>" . __( 'Password' ) . "</th><th>" . __( 'Remove' ) . "</th></tr>"; 145 $user_count = 0; 144 <?php $wp_list_table->display(); ?> 146 145 147 foreach ( $blogusers as $user_id => $user_object ) {148 $user_count++;149 $existing_role = reset( $user_object->roles );150 151 echo '<tr><td><a href="user-edit.php?user_id=' . $user_id . '">' . $user_object->user_login . '</a></td>';152 if ( $user_id != $current_user->data->ID ) {153 ?>154 <td>155 <select name="role[<?php echo $user_id ?>]" id="new_role_1"><?php156 foreach ( $editblog_roles as $role => $role_assoc ){157 $name = translate_user_role( $role_assoc['name'] );158 echo '<option ' . selected( $role, $existing_role, false ) . ' value="' . esc_attr( $role ) . '">' . esc_html( $name ) . '</option>';159 }160 ?>161 </select>162 </td>163 <td>164 <input type="text" name="user_password[<?php echo esc_attr( $user_id ) ?>]" />165 </td>166 <?php167 echo '<td><input title="' . __( 'Click to remove user' ) . '" type="checkbox" name="blogusers[' . esc_attr( $user_id ) . ']" /></td>';168 } else {169 echo "<td><strong>" . __ ( 'N/A' ) . "</strong></td><td><strong>" . __ ( 'N/A' ) . "</strong></td><td><strong>" . __( 'N/A' ) . "</strong></td>";170 }171 echo '</tr>';172 }173 echo "</table>";174 submit_button();175 if ( 20 == $user_count )176 echo '<p>' . sprintf( __('First 20 users shown. <a href="%s">Manage all users</a>.'), get_admin_url($id, 'users.php') ) . '</p>';177 } else {178 _e('This site has no users.');179 }180 ?>181 146 </form> 182 147 183 148 <h3 id="add-new-user"><?php _e('Add Existing User') ?></h3> 184 149 <p class="description"><?php _e( 'Enter the username of an existing user.' ) ?></p> 185 <form action="site-users.php?action= update-site" id="adduser" method="post">150 <form action="site-users.php?action=adduser" id="adduser" method="post"> 186 151 <?php wp_nonce_field( 'edit-site' ); ?> 187 152 <input type="hidden" name="id" value="<?php echo esc_attr( $id ) ?>" /> 188 153 <table class="form-table">