Ticket #15855: 15855.4.patch
| File 15855.4.patch, 13.7 KB (added by , 15 years ago) |
|---|
-
wp-admin/includes/user.php
380 380 echo '</p></div>'; 381 381 } 382 382 383 ?> 383 /** 384 * Display a dropdown when deleting or removing a user from current site, 385 * allowing to reassign their posts and links to another user. 386 * 387 * @since 3.1.0 388 * 389 * @param array $user User object. 390 * @param array $selected_users IDs of users to delete or remove. 391 * @return null 392 */ 393 function _reassign_dropdown( $user, $selected_users ) { 394 static $counter = 0; 395 ?> 396 <li><input type="hidden" name="users[]" value="<?php echo esc_attr( $user->ID ); ?>" /><?php printf( __('ID #%1s: %2s'), $user->ID, $user->user_login ); ?></li> 397 <fieldset><p><legend><?php printf( __( "What should be done with posts and links owned by <em>%s</em>?" ), $user->user_login ); ?></legend></p> 398 <ul style="list-style:none;"> 399 <li><label><input type="radio" id="delete_option0" name="delete_option[<?php echo $user->ID; ?>]" value="delete" checked="checked" /> 400 <?php _e( 'Delete all posts and links.' ); ?></label></li> 401 <li><label><input type="radio" id="delete_option1" name="delete_option[<?php echo $user->ID; ?>]" value="reassign" /> 402 <?php echo __( 'Attribute all posts and links to:' ) . '</label>'; ?> 403 <?php wp_dropdown_users( array( 404 'exclude' => array_diff( $selected_users, array( $user->ID ) ), 405 'id' => "reassign{$counter}", 406 'name' => "reassign[{$user->ID}]" ) ); ?></li> 407 </ul></fieldset><?php 408 $counter++; 409 } 410 411 ?> 412 No newline at end of file -
wp-admin/network/site-users.php
55 55 } 56 56 $default_role = get_blog_option( $id, 'default_role' ); 57 57 58 $referer = remove_query_arg( array( 'action', 'remove_count' ), wp_get_referer() ); 59 58 60 $action = $wp_list_table->current_action(); 59 61 60 62 if ( $action ) { … … 100 102 } 101 103 break; 102 104 103 case ' remove':105 case 'doremove': 104 106 if ( !current_user_can('remove_users') ) 105 die( __('You can’t remove users.'));106 check_admin_referer( ' bulk-users' );107 107 die( __('You can’t remove users.') ); 108 check_admin_referer( 'remove-users' ); 109 108 110 $update = 'remove'; 109 111 if ( isset( $_REQUEST['users'] ) ) { 110 112 $userids = $_REQUEST['users']; 111 113 112 foreach ( $userids as $user_id ) { 114 $remove_count = 0; 115 foreach ( (array) $userids as $user_id ) { 113 116 $user_id = (int) $user_id; 114 remove_user_from_blog( $user_id, $id ); 117 switch ( $_REQUEST['delete_option'][$user_id] ) { 118 case 'delete': 119 remove_user_from_blog( $user_id, $id ); 120 break; 121 case 'reassign': 122 remove_user_from_blog( $user_id, $id, $_REQUEST['reassign'][$user_id] ); 123 break; 124 } 125 ++$remove_count; 115 126 } 116 } elseif ( isset( $_GET['user'] ) ) {117 remove_user_from_blog( $_GET['user'] );118 127 } else { 119 128 $update = 'err_remove'; 120 129 } 130 $referer = add_query_arg( array( 'remove_count' => $remove_count, 'id' => $id ), $referer ); 121 131 break; 122 132 133 case 'remove': 134 if ( !current_user_can('remove_users') ) 135 die( __('You can’t remove users.') ); 136 check_admin_referer( 'bulk-users' ); 137 138 if ( empty($_REQUEST['users']) ) 139 $userids = array( intval($_REQUEST['user']) ); 140 else 141 $userids = $_REQUEST['users']; 142 143 require_once( '../admin-header.php' ); 144 ?> 145 <form action="" method="post" name="updateusers" id="updateusers"> 146 <input type="hidden" name="id" value="<?php echo esc_attr( $_REQUEST['id'] ); ?>" /> 147 <?php wp_nonce_field('remove-users') ?> 148 149 <div class="wrap"> 150 <?php screen_icon('users'); ?> 151 <h2><?php _e('Remove Users from Site'); ?></h2> 152 <p><?php _e('You have specified these users for removal:'); ?></p> 153 <ul> 154 <?php 155 $go_remove = false; 156 foreach ( $userids as $id ) { 157 $id = (int) $id; 158 $user = new WP_User($id); 159 if ( $id == $current_user->id && ! is_super_admin() ) { 160 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login ) . "</li>\n"; 161 } elseif ( ! current_user_can('remove_user', $id) ) { 162 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 163 } else { 164 _reassign_dropdown( $user, $userids ); 165 $go_remove = true; 166 } 167 } 168 ?> 169 </ul> 170 <?php if ( $go_remove ) : ?> 171 <input type="hidden" name="action" value="doremove" /> 172 <?php submit_button( __('Confirm Removal'), 'secondary' ); ?> 173 <?php else : ?> 174 <p><?php _e('There are no valid users selected for removal.'); ?></p> 175 <?php endif; ?> 176 </div> 177 </form><?php 178 require_once( '../admin-footer.php' ); 179 exit(); 180 break; 181 123 182 case 'promote': 124 183 check_admin_referer( 'bulk-users' ); 125 184 $editable_roles = get_editable_roles(); … … 146 205 } 147 206 148 207 restore_current_blog(); 149 wp_redirect( add_query_arg( 'update', $update, wp_get_referer()) );208 wp_redirect( add_query_arg( 'update', $update, $referer ) ); 150 209 exit(); 151 210 } 152 211 … … 199 258 echo '<div id="message" class="error"><p>' . __( 'Select a user to change role.' ) . '</p></div>'; 200 259 break; 201 260 case 'remove': 202 echo '<div id="message" class="updated"><p>' . __( 'User removed from this site.' ) . '</p></div>'; 261 $remove_count = isset($_GET['remove_count']) ? (int) $_GET['remove_count'] : 0; 262 echo '<div id="message" class="updated"><p>' . sprintf( _n( 'User removed from this site.', '%s users removed from this site.', $remove_count ), $remove_count ) . '</p></div>'; 203 263 break; 204 264 case 'err_remove': 205 265 echo '<div id="message" class="error"><p>' . __( 'Select a user to remove.' ) . '</p></div>'; -
wp-admin/users.php
33 33 if ( empty($_REQUEST) ) { 34 34 $referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; 35 35 } elseif ( isset($_REQUEST['wp_http_referer']) ) { 36 $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count' ), stripslashes($_REQUEST['wp_http_referer']));36 $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count', 'remove_count'), stripslashes($_REQUEST['wp_http_referer'])); 37 37 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr($redirect) . '" />'; 38 38 } else { 39 39 $redirect = 'users.php'; … … 95 95 } 96 96 97 97 if ( ! current_user_can( 'delete_users' ) ) 98 wp_die( __('You can’t delete users.'));98 wp_die( __('You can’t delete users.') ); 99 99 100 100 $userids = $_REQUEST['users']; 101 101 $update = 'del'; 102 102 $delete_count = 0; 103 103 104 foreach ( (array) $userids as $id ) {104 foreach ( (array) $userids as $id ) { 105 105 $id = (int) $id; 106 106 107 107 if ( ! current_user_can( 'delete_user', $id ) ) … … 111 111 $update = 'err_admin_del'; 112 112 continue; 113 113 } 114 switch ( $_REQUEST['delete_option'] ) { 114 115 switch ( $_REQUEST['delete_option'][$id] ) { 115 116 case 'delete': 116 if ( current_user_can('delete_user', $id) ) 117 wp_delete_user($id); 117 wp_delete_user($id); 118 118 break; 119 119 case 'reassign': 120 if ( current_user_can('delete_user', $id) ) 121 wp_delete_user($id, $_REQUEST['reassign_user']); 120 wp_delete_user($id, $_REQUEST['reassign'][$id]); 122 121 break; 123 122 } 124 123 ++$delete_count; 125 124 } 126 125 127 $redirect = add_query_arg( array( 'delete_count' => $delete_count, 'update' => $update), $redirect);126 $redirect = add_query_arg( array( 'delete_count' => $delete_count, 'update' => $update ), $redirect ); 128 127 wp_redirect($redirect); 129 128 exit(); 130 129 … … 145 144 $errors = new WP_Error( 'edit_users', __( 'You can’t delete users.' ) ); 146 145 147 146 if ( empty($_REQUEST['users']) ) 148 $userids = array( intval($_REQUEST['user']));147 $userids = array( intval($_REQUEST['user']) ); 149 148 else 150 149 $userids = $_REQUEST['users']; 151 150 … … 166 165 $id = (int) $id; 167 166 $user = new WP_User($id); 168 167 if ( $id == $current_user->ID ) { 169 echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n"; 168 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login ) . "</li>\n"; 169 } elseif ( ! current_user_can('delete_user', $id) ) { 170 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 170 171 } else { 171 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . esc_attr($id) . "\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";172 _reassign_dropdown( $user, $userids ); 172 173 $go_delete = true; 173 174 } 174 175 } 175 176 ?> 176 177 </ul> 177 178 <?php if ( $go_delete ) : ?> 178 <fieldset><p><legend><?php _e('What should be done with posts and links owned by this user?'); ?></legend></p>179 <ul style="list-style:none;">180 <li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />181 <?php _e('Delete all posts and links.'); ?></label></li>182 <li><input type="radio" id="delete_option1" name="delete_option" value="reassign" />183 <?php echo '<label for="delete_option1">'.__('Attribute all posts and links to:').'</label>';184 wp_dropdown_users( array( 'exclude' => array_diff( $userids, array($current_user->ID) ) ) ); ?></li>185 </ul></fieldset>186 179 <input type="hidden" name="action" value="dodelete" /> 187 180 <?php submit_button( __('Confirm Deletion'), 'secondary' ); ?> 188 181 <?php else : ?> … … 202 195 exit; 203 196 } 204 197 205 if ( ! current_user_can('remove_users'))206 die( __('You can’t remove users.'));198 if ( ! current_user_can('remove_users') ) 199 die( __('You can’t remove users.') ); 207 200 208 201 $userids = $_REQUEST['users']; 202 $update = 'remove'; 203 $remove_count = 0; 209 204 210 $update = 'remove'; 211 foreach ( $userids as $id ) { 205 foreach ( (array) $userids as $id ) { 212 206 $id = (int) $id; 213 if ( $id == $current_user->id && !is_super_admin() ) { 214 $update = 'err_admin_remove'; 207 208 if ( ! current_user_can('remove_user', $id) ) { 209 wp_die( __('You can’t remove that user.') ); 215 210 continue; 216 211 } 217 if ( !current_user_can('remove_user', $id) ) { 212 213 if ( $id == $current_user->id && !is_super_admin() ) { 218 214 $update = 'err_admin_remove'; 219 215 continue; 220 216 } 221 remove_user_from_blog($id, $blog_id); 217 218 switch ( $_REQUEST['delete_option'][$id] ) { 219 case 'delete': 220 remove_user_from_blog( $id, $blog_id ); 221 break; 222 case 'reassign': 223 remove_user_from_blog( $id, $blog_id, $_REQUEST['reassign'][$id] ); 224 break; 225 } 226 ++$remove_count; 222 227 } 223 228 224 $redirect = add_query_arg( array( 'update' => $update), $redirect);229 $redirect = add_query_arg( array( 'remove_count' => $remove_count, 'update' => $update ), $redirect ); 225 230 wp_redirect($redirect); 226 231 exit; 227 232 … … 236 241 exit(); 237 242 } 238 243 239 if ( !current_user_can( 'remove_users') )240 $error = new WP_Error( 'edit_users', __('You can’t remove users.'));244 if ( !current_user_can( 'remove_users' ) ) 245 $error = new WP_Error( 'edit_users', __('You can’t remove users.') ); 241 246 242 247 if ( empty($_REQUEST['users']) ) 243 $userids = array( intval($_REQUEST['user']));248 $userids = array( intval($_REQUEST['user']) ); 244 249 else 245 250 $userids = $_REQUEST['users']; 246 251 … … 260 265 foreach ( $userids as $id ) { 261 266 $id = (int) $id; 262 267 $user = new WP_User($id); 263 if ( $id == $current_user->id && ! is_super_admin() ) {264 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login) . "</li>\n";265 } elseif ( ! current_user_can('remove_user', $id) ) {266 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login) . "</li>\n";268 if ( $id == $current_user->id && ! is_super_admin() ) { 269 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login ) . "</li>\n"; 270 } elseif ( ! current_user_can('remove_user', $id) ) { 271 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 267 272 } else { 268 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";273 _reassign_dropdown( $user, $userids ); 269 274 $go_remove = true; 270 275 } 271 276 } … … 299 304 case 'del': 300 305 case 'del_many': 301 306 $delete_count = isset($_GET['delete_count']) ? (int) $_GET['delete_count'] : 0; 302 $messages[] = '<div id="message" class="updated"><p>' . sprintf( _n('%s user deleted', '%s users deleted', $delete_count), $delete_count) . '</p></div>';307 $messages[] = '<div id="message" class="updated"><p>' . sprintf( _n('%s user deleted', '%s users deleted', $delete_count), $delete_count ) . '</p></div>'; 303 308 break; 304 309 case 'add': 305 310 $messages[] = '<div id="message" class="updated"><p>' . __('New user created.') . '</p></div>'; … … 316 321 $messages[] = '<div id="message" class="updated"><p>' . __('Other users have been deleted.') . '</p></div>'; 317 322 break; 318 323 case 'remove': 319 $messages[] = '<div id="message" class="updated fade"><p>' . __('User removed from this site.') . '</p></div>'; 324 $remove_count = isset($_GET['remove_count']) ? (int) $_GET['remove_count'] : 0; 325 $messages[] = '<div id="message" class="updated fade"><p>' . sprintf( _n('User removed from this site.', '%s users removed from this site.', $remove_count), $remove_count ) . '</p></div>'; 320 326 break; 321 327 case 'err_admin_remove': 322 328 $messages[] = '<div id="message" class="error"><p>' . __("You can't remove the current user.") . '</p></div>';