Ticket #15855: 15855.5.patch
File 15855.5.patch, 14.8 KB (added by , 13 years ago) |
---|
-
wp-admin/css/colors-classic.dev.css
691 691 } 692 692 693 693 table.widefat span.delete a, 694 table.widefat span.remove a, 694 695 table.widefat span.trash a, 695 696 table.widefat span.spam a, 696 697 #dashboard_recent_comments .delete a, -
wp-admin/css/colors-fresh.dev.css
684 684 } 685 685 686 686 table.widefat span.delete a, 687 table.widefat span.remove a, 687 688 table.widefat span.trash a, 688 689 table.widefat span.spam a, 689 690 #dashboard_recent_comments .delete a, -
wp-admin/includes/user.php
371 371 echo '</p></div>'; 372 372 } 373 373 374 /** 375 * Display a dropdown when deleting or removing a user from current site, 376 * allowing to reassign their posts and links to another user. 377 * 378 * @since 3.3.0 379 * 380 * @param array $user User object. 381 * @param array $selected_users IDs of users to delete or remove. 382 * @return null 383 */ 384 function _reassign_dropdown( $user, $selected_users ) { 385 static $counter = 0; 386 ?> 387 <li><input type="hidden" name="users[]" value="<?php echo esc_attr( $user->ID ); ?>" /><?php printf( __('ID #%1s: %2s'), $user->ID, $user->user_login ); ?></li> 388 <fieldset><p><legend><?php printf( __( "What should be done with posts and links owned by <em>%s</em>?" ), $user->user_login ); ?></legend></p> 389 <ul style="list-style:none;"> 390 <li><label><input type="radio" id="delete_option0" name="delete_option[<?php echo $user->ID; ?>]" value="delete" checked="checked" /> 391 <?php if ( ! is_multisite() ) _e( 'Delete all posts and links.' ); else _e( 'Leave as is.' ); ?></label></li> 392 <li><label><input type="radio" id="delete_option1" name="delete_option[<?php echo $user->ID; ?>]" value="reassign" /> 393 <?php echo __( 'Attribute all posts and links to:' ) . '</label>'; ?> 394 <?php wp_dropdown_users( array( 395 'exclude' => array_diff( $selected_users, array( $user->ID ) ), 396 'id' => "reassign{$counter}", 397 'name' => "reassign[{$user->ID}]" ) ); ?></li> 398 </ul></fieldset><?php 399 $counter++; 400 } 401 374 402 ?> -
wp-admin/network/site-users.php
53 53 } 54 54 $default_role = get_blog_option( $id, 'default_role' ); 55 55 56 $referer = remove_query_arg( array( 'action', 'remove_count' ), wp_get_referer() ); 57 56 58 $action = $wp_list_table->current_action(); 57 59 58 60 if ( $action ) { … … 98 100 } 99 101 break; 100 102 101 case ' remove':103 case 'doremove': 102 104 if ( !current_user_can('remove_users') ) 103 die(__('You can’t remove users.'));104 check_admin_referer( ' bulk-users' );105 105 wp_die( __('You can’t remove users.') ); 106 check_admin_referer( 'remove-users' ); 107 106 108 $update = 'remove'; 107 109 if ( isset( $_REQUEST['users'] ) ) { 108 110 $userids = $_REQUEST['users']; 109 111 110 foreach ( $userids as $user_id ) { 112 $remove_count = 0; 113 foreach ( (array) $userids as $user_id ) { 111 114 $user_id = (int) $user_id; 112 remove_user_from_blog( $user_id, $id ); 115 switch ( $_REQUEST['delete_option'][$user_id] ) { 116 case 'delete': 117 remove_user_from_blog( $user_id, $id ); 118 break; 119 case 'reassign': 120 remove_user_from_blog( $user_id, $id, $_REQUEST['reassign'][$user_id] ); 121 break; 122 } 123 ++$remove_count; 113 124 } 114 } elseif ( isset( $_GET['user'] ) ) {115 remove_user_from_blog( $_GET['user'] );116 125 } else { 117 126 $update = 'err_remove'; 118 127 } 128 $referer = add_query_arg( array( 'remove_count' => $remove_count, 'id' => $id ), $referer ); 119 129 break; 120 130 131 case 'remove': 132 if ( !current_user_can('remove_users') ) 133 wp_die( __('You can’t remove users.') ); 134 check_admin_referer( 'bulk-users' ); 135 136 if ( empty($_REQUEST['users']) ) 137 $userids = array( intval($_REQUEST['user']) ); 138 else 139 $userids = $_REQUEST['users']; 140 141 require_once( '../admin-header.php' ); 142 ?> 143 <form action="" method="post" name="updateusers" id="updateusers"> 144 <input type="hidden" name="id" value="<?php echo esc_attr( $_REQUEST['id'] ); ?>" /> 145 <?php wp_nonce_field('remove-users') ?> 146 147 <div class="wrap"> 148 <?php screen_icon('users'); ?> 149 <h2><?php _e('Remove Users from Site'); ?></h2> 150 <p><?php _e('You have specified these users for removal:'); ?></p> 151 <ul> 152 <?php 153 $go_remove = false; 154 foreach ( $userids as $id ) { 155 $id = (int) $id; 156 $user = new WP_User($id); 157 if ( $id == $current_user->ID && ! is_super_admin() ) { 158 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login ) . "</li>\n"; 159 } elseif ( ! current_user_can('remove_user', $id) ) { 160 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 161 } else { 162 _reassign_dropdown( $user, $userids ); 163 $go_remove = true; 164 } 165 } 166 ?> 167 </ul> 168 <?php if ( $go_remove ) : ?> 169 <input type="hidden" name="action" value="doremove" /> 170 <?php submit_button( __('Confirm Removal'), 'secondary' ); ?> 171 <?php else : ?> 172 <p><?php _e('There are no valid users selected for removal.'); ?></p> 173 <?php endif; ?> 174 </div> 175 </form><?php 176 require_once( '../admin-footer.php' ); 177 exit(); 178 break; 179 121 180 case 'promote': 122 181 check_admin_referer( 'bulk-users' ); 123 182 $editable_roles = get_editable_roles(); … … 144 203 } 145 204 146 205 restore_current_blog(); 147 wp_redirect( add_query_arg( 'update', $update, wp_get_referer()) );206 wp_redirect( add_query_arg( 'update', $update, $referer ) ); 148 207 exit(); 149 208 } 150 209 … … 200 259 echo '<div id="message" class="error"><p>' . __( 'Select a user to change role.' ) . '</p></div>'; 201 260 break; 202 261 case 'remove': 203 echo '<div id="message" class="updated"><p>' . __( 'User removed from this site.' ) . '</p></div>'; 262 $remove_count = isset($_GET['remove_count']) ? (int) $_GET['remove_count'] : 0; 263 echo '<div id="message" class="updated"><p>' . sprintf( _n( 'User removed from this site.', '%s users removed from this site.', $remove_count ), $remove_count ) . '</p></div>'; 204 264 break; 205 265 case 'err_remove': 206 266 echo '<div id="message" class="error"><p>' . __( 'Select a user to remove.' ) . '</p></div>'; -
wp-admin/users.php
33 33 if ( empty($_REQUEST) ) { 34 34 $referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr(stripslashes($_SERVER['REQUEST_URI'])) . '" />'; 35 35 } elseif ( isset($_REQUEST['wp_http_referer']) ) { 36 $redirect = remove_query_arg( array('wp_http_referer', 'updated', 'delete_count'), stripslashes($_REQUEST['wp_http_referer']));36 $redirect = remove_query_arg( array('wp_http_referer', 'updated', 'delete_count', 'remove_count'), stripslashes($_REQUEST['wp_http_referer']) ); 37 37 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr($redirect) . '" />'; 38 38 } else { 39 39 $redirect = 'users.php'; … … 98 98 } 99 99 100 100 if ( ! current_user_can( 'delete_users' ) ) 101 wp_die( __('You can’t delete users.'));101 wp_die( __('You can’t delete users.') ); 102 102 103 103 $userids = $_REQUEST['users']; 104 104 $update = 'del'; 105 105 $delete_count = 0; 106 106 107 foreach ( (array) $userids as $id ) {107 foreach ( (array) $userids as $id ) { 108 108 $id = (int) $id; 109 109 110 110 if ( ! current_user_can( 'delete_user', $id ) ) … … 114 114 $update = 'err_admin_del'; 115 115 continue; 116 116 } 117 switch ( $_REQUEST['delete_option'] ) { 117 118 switch ( $_REQUEST['delete_option'][$id] ) { 118 119 case 'delete': 119 if ( current_user_can('delete_user', $id) ) 120 wp_delete_user($id); 120 wp_delete_user( $id ); 121 121 break; 122 122 case 'reassign': 123 if ( current_user_can('delete_user', $id) ) 124 wp_delete_user($id, $_REQUEST['reassign_user']); 123 wp_delete_user( $id, $_REQUEST['reassign'][$id] ); 125 124 break; 126 125 } 127 126 ++$delete_count; 128 127 } 129 128 130 $redirect = add_query_arg( array( 'delete_count' => $delete_count, 'update' => $update), $redirect);129 $redirect = add_query_arg( array( 'delete_count' => $delete_count, 'update' => $update ), $redirect ); 131 130 wp_redirect($redirect); 132 131 exit(); 133 132 … … 148 147 $errors = new WP_Error( 'edit_users', __( 'You can’t delete users.' ) ); 149 148 150 149 if ( empty($_REQUEST['users']) ) 151 $userids = array( intval($_REQUEST['user']));150 $userids = array( intval($_REQUEST['user']) ); 152 151 else 153 152 $userids = (array) $_REQUEST['users']; 154 153 … … 169 168 $id = (int) $id; 170 169 $user = new WP_User($id); 171 170 if ( $id == $current_user->ID ) { 172 echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n"; 171 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login ) . "</li>\n"; 172 } elseif ( ! current_user_can('delete_user', $id) ) { 173 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 173 174 } else { 174 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . esc_attr($id) . "\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";175 _reassign_dropdown( $user, $userids ); 175 176 $go_delete++; 176 177 } 177 178 } 178 179 ?> 179 180 </ul> 180 181 <?php if ( $go_delete ) : ?> 181 <fieldset><p><legend><?php echo _n( 'What should be done with posts and links owned by this user?', 'What should be done with posts and links owned by these users?', $go_delete ); ?></legend></p>182 <ul style="list-style:none;">183 <li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />184 <?php _e('Delete all posts and links.'); ?></label></li>185 <li><input type="radio" id="delete_option1" name="delete_option" value="reassign" />186 <?php echo '<label for="delete_option1">'.__('Attribute all posts and links to:').'</label>';187 wp_dropdown_users( array( 'name' => 'reassign_user', 'exclude' => array_diff( $userids, array($current_user->ID) ) ) ); ?></li>188 </ul></fieldset>189 182 <input type="hidden" name="action" value="dodelete" /> 190 183 <?php submit_button( __('Confirm Deletion'), 'secondary' ); ?> 191 184 <?php else : ?> … … 212 205 wp_die( __( 'You can’t remove users.' ) ); 213 206 214 207 $userids = $_REQUEST['users']; 208 $update = 'remove'; 209 $remove_count = 0; 215 210 216 $update = 'remove'; 217 foreach ( $userids as $id ) { 211 foreach ( (array) $userids as $id ) { 218 212 $id = (int) $id; 219 if ( $id == $current_user->ID && !is_super_admin() ) { 220 $update = 'err_admin_remove'; 213 214 if ( ! current_user_can( 'remove_user', $id ) ) { 215 wp_die( __( 'You can’t remove that user.' ) ); 221 216 continue; 222 217 } 223 if ( !current_user_can('remove_user', $id) ) { 218 219 if ( $id == $current_user->id && !is_super_admin() ) { 224 220 $update = 'err_admin_remove'; 225 221 continue; 226 222 } 227 remove_user_from_blog($id, $blog_id); 223 224 switch ( $_REQUEST['delete_option'][$id] ) { 225 case 'delete': 226 remove_user_from_blog( $id, $blog_id ); 227 break; 228 case 'reassign': 229 remove_user_from_blog( $id, $blog_id, $_REQUEST['reassign'][$id] ); 230 break; 231 } 232 ++$remove_count; 228 233 } 229 234 230 $redirect = add_query_arg( array( 'update' => $update), $redirect);235 $redirect = add_query_arg( array( 'remove_count' => $remove_count, 'update' => $update ), $redirect ); 231 236 wp_redirect($redirect); 232 237 exit; 233 238 … … 245 250 exit(); 246 251 } 247 252 248 if ( !current_user_can( 'remove_users') )249 $error = new WP_Error( 'edit_users', __('You can’t remove users.'));253 if ( !current_user_can( 'remove_users' ) ) 254 $error = new WP_Error( 'edit_users', __('You can’t remove users.') ); 250 255 251 256 if ( empty($_REQUEST['users']) ) 252 $userids = array( intval($_REQUEST['user']));257 $userids = array( intval($_REQUEST['user']) ); 253 258 else 254 259 $userids = $_REQUEST['users']; 255 260 … … 269 274 foreach ( $userids as $id ) { 270 275 $id = (int) $id; 271 276 $user = new WP_User($id); 272 if ( $id == $current_user->ID && ! is_super_admin() ) {273 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login) . "</li>\n";274 } elseif ( ! current_user_can('remove_user', $id) ) {275 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login) . "</li>\n";277 if ( $id == $current_user->ID && ! is_super_admin() ) { 278 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login ) . "</li>\n"; 279 } elseif ( ! current_user_can('remove_user', $id) ) { 280 echo "<li>" . sprintf( __('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login ) . "</li>\n"; 276 281 } else { 277 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";282 _reassign_dropdown( $user, $userids ); 278 283 $go_remove = true; 279 284 } 280 285 } … … 294 299 default: 295 300 296 301 if ( !empty($_GET['_wp_http_referer']) ) { 297 wp_redirect( remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI'])));302 wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), stripslashes( $_SERVER['REQUEST_URI'] ) ) ); 298 303 exit; 299 304 } 300 305 … … 312 317 case 'del': 313 318 case 'del_many': 314 319 $delete_count = isset($_GET['delete_count']) ? (int) $_GET['delete_count'] : 0; 315 $messages[] = '<div id="message" class="updated"><p>' . sprintf( _n('%s user deleted', '%s users deleted', $delete_count), $delete_count) . '</p></div>';320 $messages[] = '<div id="message" class="updated"><p>' . sprintf( _n('%s user deleted', '%s users deleted', $delete_count), $delete_count ) . '</p></div>'; 316 321 break; 317 322 case 'add': 318 323 $messages[] = '<div id="message" class="updated"><p>' . __('New user created.') . '</p></div>'; … … 329 334 $messages[] = '<div id="message" class="updated"><p>' . __('Other users have been deleted.') . '</p></div>'; 330 335 break; 331 336 case 'remove': 332 $messages[] = '<div id="message" class="updated fade"><p>' . __('User removed from this site.') . '</p></div>'; 337 $remove_count = isset($_GET['remove_count']) ? (int) $_GET['remove_count'] : 0; 338 $messages[] = '<div id="message" class="updated fade"><p>' . sprintf( _n('User removed from this site.', '%s users removed from this site.', $remove_count), $remove_count ) . '</p></div>'; 333 339 break; 334 340 case 'err_admin_remove': 335 341 $messages[] = '<div id="message" class="error"><p>' . __("You can't remove the current user.") . '</p></div>';