Ticket #16001: 16001.4.diff
| File 16001.4.diff, 17.8 KB (added by , 11 years ago) |
|---|
-
src/wp-admin/includes/class-wp-ms-users-list-table.php
58 58 59 59 $mode = empty( $_REQUEST['mode'] ) ? 'list' : $_REQUEST['mode']; 60 60 61 // Query the user IDs for this page 62 $wp_user_search = new WP_User_Query( $args ); 63 61 if ( 'pending' === $role ) { 62 $wp_user_search = new WP_Pending_User_Query( $args ); // Query for pending users 63 } else { 64 $wp_user_search = new WP_User_Query( $args ); // Query the user IDs for this page 65 } 64 66 $this->items = $wp_user_search->get_results(); 65 67 66 68 $this->set_pagination_args( array( … … 70 72 } 71 73 72 74 function get_bulk_actions() { 75 global $role; 76 73 77 $actions = array(); 74 if ( current_user_can( 'delete_users' ) )75 $actions['delete'] = __( 'Delete' );76 $actions['spam'] = _x( 'Mark as Spam', 'user' );77 $actions['notspam'] = _x( 'Not Spam', 'user' );78 78 79 if ( $role == 'pending' ) { 80 if ( current_user_can( 'delete_users' ) ) { 81 $actions['deletesignup'] = __( 'Delete' ); 82 } 83 $actions['activate'] = _x( 'Activate', 'user' ); 84 $actions['resend'] = __( 'Resend Email', 'user' ); 85 } else { 86 if ( current_user_can( 'delete_users' ) ) { 87 $actions['delete'] = __( 'Delete' ); 88 } 89 $actions['spam'] = _x( 'Mark as Spam', 'user' ); 90 $actions['notspam'] = _x( 'Not Spam', 'user' ); 91 } 92 79 93 return $actions; 80 94 } 81 95 … … 89 103 $total_users = get_user_count(); 90 104 $super_admins = get_super_admins(); 91 105 $total_admins = count( $super_admins ); 106 $total_pendings = get_pending_user_count(); 92 107 93 $current_role = false; 94 $class = $role != 'super' ? ' class="current"' : ''; 108 $class = in_array( $role, array( 'super', 'pending' ) ) ? '' : ' class="current"'; 95 109 $role_links = array(); 96 $role_links['all'] = "<a href='" . network_admin_url( 'users.php') . "'$class>" . sprintf( _nx( 'All <span class="count">(%s)</span>', 'All <span class="count">(%s)</span>', $total_users, 'users' ), number_format_i18n( $total_users ) ) . '</a>';110 $role_links['all'] = "<a href='" . network_admin_url( 'users.php' ) . "'$class>" . sprintf( _nx( 'All <span class="count">(%s)</span>', 'All <span class="count">(%s)</span>', $total_users, 'users' ), number_format_i18n( $total_users ) ) . '</a>'; 97 111 $class = $role == 'super' ? ' class="current"' : ''; 98 $role_links['super'] = "<a href='" . network_admin_url('users.php?role=super') . "'$class>" . sprintf( _n( 'Super Admin <span class="count">(%s)</span>', 'Super Admins <span class="count">(%s)</span>', $total_admins ), number_format_i18n( $total_admins ) ) . '</a>'; 112 $role_links['super'] = "<a href='" . network_admin_url( 'users.php?role=super' ) . "'$class>" . sprintf( _n( 'Super Admin <span class="count">(%s)</span>', 'Super Admins <span class="count">(%s)</span>', $total_admins ), number_format_i18n( $total_admins ) ) . '</a>'; 113 $class = $role == 'pending' ? ' class="current"' : ''; 114 $role_links['pending'] = "<a href='" . network_admin_url( 'users.php?role=pending' ) . "'$class>" . sprintf( _n( 'Pending Confirmation <span class="count">(%s)</span>', 'Pending Confirmation <span class="count">(%s)</span>', $total_pendings ), number_format_i18n( $total_pendings ) ) . '</a>'; 99 115 100 116 return $role_links; 101 117 } … … 150 166 151 167 $status_list = array( 'spam' => 'site-spammed', 'deleted' => 'site-deleted' ); 152 168 153 foreach ( $status_list as $status => $col ) { 154 if ( $user->$status ) 155 $alt .= " $col"; 169 if ( 'pending' === $role ) { 170 $user->ID = $user->user_login; 171 $user->user_registered = $user->registered; 172 } else { 173 foreach ( $status_list as $status => $col ) { 174 if ( $user->$status ) { 175 $alt .= " $col"; 176 } 177 } 156 178 } 157 179 158 180 ?> … … 181 203 182 204 case 'username': 183 205 $avatar = get_avatar( $user->user_email, 32 ); 184 $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) ); 206 if ( get_current_user_id() == $user->ID ) { 207 $edit_link = esc_url( self_admin_url( 'profile.php' ) ); 208 } else { 209 $edit_link = esc_url( add_query_arg( 'wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), get_edit_user_link( $user->ID ) ) ); 210 } 211 $activate_link = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'activatesignup' ) . '&action=activatesignup&user_login=' . $user->user_login ) ) ); 212 $resend_link = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'resendsignup' ) . '&action=resendsignup&user_login=' . $user->user_login ) ) ); 185 213 186 214 echo "<td $attributes>"; ?> 187 <?php echo $avatar; ?><strong><a href="<?php echo $edit_link; ?>" class="edit"><?php echo $user->user_login; ?></a><?php 215 <?php echo $avatar; ?><strong><?php 216 217 if ( $role == 'pending' ): 218 echo stripslashes( $user->user_login ); 219 else: ?> 220 <a href="<?php echo $edit_link; ?>" class="edit"><?php echo stripslashes( $user->user_login ); ?></a> 221 <?php endif; 222 188 223 if ( in_array( $user->user_login, $super_admins ) ) 189 224 echo ' - ' . __( 'Super Admin' ); 190 225 ?></strong> … … 191 226 <br/> 192 227 <?php 193 228 $actions = array(); 194 $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; 195 229 if ( 'pending' === $role ) { 230 $actions['activate'] = '<a href="' . $activate_link . '">' . __( 'Activate' ) . '</a>'; 231 $actions['resend'] = '<a href="' . $resend_link . '">' . __( 'Resend Email' ) . '</a>'; 232 } else { 233 $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; 234 } 196 235 if ( current_user_can( 'delete_user', $user->ID ) && ! in_array( $user->user_login, $super_admins ) ) { 197 $actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'deleteuser' ) . '&action=deleteuser&id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>'; 236 if ( 'pending' === $role ) { 237 $actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'edit.php', 'deletesignup' ) . '&action=deletesignup&user_login=' . $user->user_login ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>'; 238 } else { 239 $actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'users.php', 'deleteuser' ) . '&action=deleteuser&id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>'; 240 } 198 241 } 199 242 200 243 /** -
src/wp-admin/network/users.php
16 16 if ( ! current_user_can( 'manage_network_users' ) ) 17 17 wp_die( __( 'You do not have permission to access this page.' ) ); 18 18 19 function confirm_delete_signups( $signups ) { 20 if ( ! is_array( $signups ) ) 21 return false; 22 ?> 23 <h2><?php esc_html_e( 'Users' ); ?></h2> 24 <p><?php _e( 'Transfer or delete posts before deleting users.' ); ?></p> 25 <form action="users.php?action=dodeletesignup" method="post"> 26 <input type="hidden" name="dodeletesignup" /> 27 <?php wp_nonce_field( 'ms-signups-delete' ); ?> 28 <ul> 29 <?php foreach ( $signups as $delete_signup ): ?> 30 <li><input type="hidden" name="user[]" value="<?php echo esc_attr( $delete_signup ) ?>"/><?php echo $delete_signup ?></li> 31 <?php endforeach; ?> 32 </ul> 33 <?php submit_button( __( 'Confirm Deletion' ), 'delete' ); ?> 34 </form> 35 <?php 36 return true; 37 } 38 19 39 function confirm_delete_users( $users ) { 20 40 $current_user = wp_get_current_user(); 21 if ( ! is_array( $users ) )41 if ( ! is_array( $users ) ) 22 42 return false; 23 43 ?> 24 44 <h2><?php esc_html_e( 'Users' ); ?></h2> … … 90 110 91 111 switch ( $_GET['action'] ) { 92 112 case 'deleteuser': 93 if ( ! current_user_can( 'manage_network_users' ) )94 wp_die( __( 'You do not have permission to access this page.' ) );95 96 113 check_admin_referer( 'deleteuser' ); 97 114 98 115 $id = intval( $_GET['id'] ); … … 112 129 break; 113 130 114 131 case 'allusers': 115 if ( !current_user_can( 'manage_network_users' ) )116 wp_die( __( 'You do not have permission to access this page.' ) );117 118 132 if ( ( isset( $_POST['action']) || isset($_POST['action2'] ) ) && isset( $_POST['allusers'] ) ) { 119 133 check_admin_referer( 'bulk-users-network' ); 120 134 … … 122 136 $userfunction = ''; 123 137 124 138 foreach ( (array) $_POST['allusers'] as $key => $val ) { 125 if ( ! empty( $val ) ) {139 if ( ! empty( $val ) ) { 126 140 switch ( $doaction ) { 127 141 case 'delete': 128 142 if ( ! current_user_can( 'delete_users' ) ) … … 159 173 160 174 update_user_status( $val, 'spam', '0' ); 161 175 break; 176 177 case 'activate': 178 $userfunction = 'all_activate'; 179 wp_activate_by_user_login( $val ); 180 break; 181 182 case 'resend': 183 $userfunction = 'all_resend'; 184 wp_resend_by_user_login( $val ); 185 break; 186 187 case 'deletesignup': 188 if ( ! current_user_can( 'delete_users' ) ) { 189 wp_die( __( 'You do not have permission to access this page.' ) ); 190 } 191 $title = __( 'Users' ); 192 $parent_file = 'users.php'; 193 require_once( '../admin-header.php' ); 194 echo '<div class="wrap">'; 195 confirm_delete_signups( $_POST['allusers'] ); 196 echo '</div>'; 197 require_once( '../admin-footer.php' ); 198 exit(); 199 break; 162 200 } 163 201 } 164 202 } … … 176 214 177 215 case 'dodelete': 178 216 check_admin_referer( 'ms-users-delete' ); 179 if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' )) )217 if ( ! current_user_can( 'delete_users' ) ) 180 218 wp_die( __( 'You do not have permission to access this page.' ) ); 181 219 182 220 if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) { … … 209 247 wp_redirect( add_query_arg( array( 'updated' => 'true', 'action' => $deletefunction ), network_admin_url( 'users.php' ) ) ); 210 248 exit(); 211 249 break; 250 251 case 'activatesignup': 252 check_admin_referer( 'activatesignup' ); 253 254 wp_activate_by_user_login( $_GET['user_login'] ); 255 256 wp_redirect( add_query_arg( array( 'role' => 'pending', 'updated' => 'true', 'action' => 'activate' ), network_admin_url( 'users.php' ) ) ); 257 exit(); 258 break; 259 260 case 'resendsignup': 261 check_admin_referer( 'resendsignup' ); 262 263 wp_resend_by_user_login( $_GET['user_login'] ); 264 265 wp_redirect( add_query_arg( array( 'role' => 'pending', 'updated' => 'true', 'action' => 'resend' ), network_admin_url( 'users.php' ) ) ); 266 exit(); 267 break; 268 269 case 'deletesignup': 270 check_admin_referer( 'deletesignup' ); 271 272 if ( ! empty( $_GET['user_login'] ) ) { 273 $title = __( 'Users' ); 274 $parent_file = 'users.php'; 275 require_once( '../admin-header.php' ); 276 echo '<div class="wrap">'; 277 confirm_delete_signups( array( $_GET['user_login'] ) ); 278 echo '</div>'; 279 require_once( '../admin-footer.php' ); 280 } else { 281 wp_redirect( add_query_arg( array( 'role' => 'pending' ), network_admin_url( 'users.php' ) ) ); 282 } 283 exit(); 284 break; 285 286 case 'dodeletesignup': 287 if ( ! current_user_can( 'delete_users' ) ) 288 wp_die( __( 'You do not have permission to access this page.' ) ); 289 290 check_admin_referer( 'ms-signups-delete' ); 291 292 if ( ! empty( $_POST['user'] ) ) { 293 array_walk( $_POST['user'], array( &$wpdb, 'escape_by_ref' ) ); 294 $wpdb->query( "DELETE FROM {$wpdb->signups} WHERE active != 1 AND user_login IN ('" . implode( "','", $_POST['user'] ) . "')" ); 295 } 296 297 if ( count( $_POST['user'] ) > 1 ) { 298 $delete_action = 'all_delete'; 299 } else { 300 $delete_action = 'delete'; 301 } 302 303 wp_redirect( add_query_arg( array( 'role' => 'pending', 'updated' => 'true', 'action' => $delete_action ), network_admin_url( 'users.php' ) ) ); 304 exit(); 305 break; 212 306 } 213 307 } 214 308 … … 266 360 case 'add': 267 361 _e( 'User added.' ); 268 362 break; 363 case 'activate': 364 _e( 'User activated.' ); 365 break; 366 case 'resend': 367 _e( 'Activation instruction resent to user.'); 368 break; 369 case 'all_activate': 370 _e( 'Users activated.' ); 371 break; 372 case 'all_resend': 373 _e( 'Activation instruction resent to users.'); 374 break; 269 375 } 270 376 ?> 271 377 </p></div> -
src/wp-includes/ms-functions.php
126 126 * @return int 127 127 */ 128 128 function get_user_count() { 129 return get_site_option( 'user_count' ); 129 $option = get_site_option( 'user_count' ); 130 if ( is_numeric( $option ) ) { 131 return (int) $option; 132 } 133 return 0; 130 134 } 131 135 132 136 /** 137 * The number of pending users in your installation. 138 * 139 * The count is cached and updated twice daily. This is not a live count. 140 * 141 * @since 3.9 142 * 143 * @return int 144 */ 145 function get_pending_user_count() { 146 $option = get_site_option( 'pending_user_count' ); 147 if ( is_numeric( $option ) ) { 148 return (int) $option; 149 } 150 return 0; 151 } 152 153 /** 133 154 * The number of active sites on your installation. 134 155 * 135 156 * The count is cached and updated twice daily. This is not a live count. … … 1109 1130 } 1110 1131 1111 1132 /** 1133 * Activate user automatically after looking up via user_login 1134 * 1135 * @since 3.9.0 1136 * 1137 * @uses wpmu_activate_signup() 1138 * 1139 * @global wpdb $wpdb 1140 * 1141 * @param string $user_login 1142 * @return array An array containing information about the activated user and/or blog 1143 */ 1144 function wp_activate_by_user_login( $user_login ) { 1145 global $wpdb; 1146 1147 $key = $wpdb->get_var( $wpdb->prepare( "SELECT activation_key FROM {$wpdb->signups} WHERE active != 1 AND user_login = %s", $user_login ) ); 1148 if ( $key ) { 1149 return wpmu_activate_signup( $key ); 1150 } 1151 } 1152 1153 /** 1154 * Lookup signup and, when valid, resend the signup notification 1155 * 1156 * @since 3.9.0 1157 * 1158 * @uses wpmu_signup_user_notification() 1159 * 1160 * @global wpdb $wpdb 1161 * 1162 * @param string $user_login 1163 * @return bool 1164 */ 1165 function wp_resend_by_user_login( $user_login ) { 1166 global $wpdb; 1167 1168 $user = $wpdb->get_row( $wpdb->prepare( "SELECT * FROM {$wpdb->signups} WHERE active !=1 AND user_login = %s", $user_login ) ); 1169 1170 if ( $user ) { 1171 return wpmu_signup_user_notification( $user->user_login, $user->user_email, $user->activation_key, $user->meta ); 1172 } 1173 } 1174 1175 /** 1112 1176 * Create a site. 1113 1177 * 1114 1178 * This function runs when a user self-registers a new site as well … … 2268 2332 2269 2333 $count = $wpdb->get_var( "SELECT COUNT(ID) as c FROM $wpdb->users WHERE spam = '0' AND deleted = '0'" ); 2270 2334 update_site_option( 'user_count', $count ); 2335 2336 $count = $wpdb->get_var( "SELECT COUNT(user_login) AS c FROM $wpdb->signups WHERE active != 1" ); 2337 update_site_option( 'pending_user_count', $count ); 2271 2338 } 2272 2339 2273 2340 /** -
src/wp-includes/user.php
780 780 } 781 781 782 782 /** 783 * WordPress Pending User Query class. 784 * 785 * @since 3.9.0 786 */ 787 class WP_Pending_User_Query extends WP_User_Query { 788 789 public function prepare_query() { 790 global $wpdb; 791 792 $qv =& $this->query_vars; 793 $this->query_fields = "{$wpdb->signups}.*"; 794 795 $this->query_from = "FROM {$wpdb->signups}"; 796 $this->query_where = "WHERE 1=1 AND active != 1"; 797 798 // sorting 799 if ( in_array( $qv['orderby'], array( 'nicename', 'email' ) ) ) { 800 $orderby = 'user_' . $qv['orderby']; 801 } elseif ( in_array( $qv['orderby'], array( 'user_email', 'registered' ) ) ) { 802 $orderby = $qv['orderby']; 803 } else { 804 $orderby = 'user_login'; 805 } 806 807 $qv['order'] = strtoupper( $qv['order'] ); 808 $order = 'ASC' == $qv['order'] ? 'ASC' : 'DESC'; 809 $this->query_orderby = "ORDER BY $orderby $order"; 810 811 // limit 812 if ( $qv['number'] ) { 813 if ( $qv['offset'] ) { 814 $this->query_limit = $wpdb->prepare( "LIMIT %d, %d", $qv['offset'], $qv['number'] ); 815 } else { 816 $this->query_limit = $wpdb->prepare( "LIMIT %d", $qv['number'] ); 817 } 818 } 819 820 $search = trim( $qv['search'] ); 821 if ( $search ) { 822 $leading_wild = ( ltrim( $search, '*' ) != $search ); 823 $trailing_wild = ( rtrim( $search, '*' ) != $search ); 824 825 $wild = false; 826 if ( $leading_wild && $trailing_wild ) { 827 $wild = 'both'; 828 } elseif ( $leading_wild ) { 829 $wild = 'leading'; 830 } elseif ( $trailing_wild ) { 831 $wild = 'trailing'; 832 } 833 834 if ( $wild ) { 835 $search = trim($search, '*'); 836 } 837 838 if ( false !== strpos( $search, '@') ) { 839 $search_columns = array( 'user_email' ); 840 } else { 841 $search_columns = array( 'user_login' ); 842 } 843 $this->query_where .= $this->get_search_sql( $search, $search_columns, $wild ); 844 } 845 846 $blog_id = absint( $qv['blog_id'] ); 847 848 do_action_ref_array( 'pre_user_query', array( $this ) ); 849 } 850 851 /** 852 * Execute the query, with the current variables 853 * 854 * @since 3.6.0 855 */ 856 public function query() { 857 global $wpdb; 858 859 $this->results = $wpdb->get_results( "SELECT $this->query_fields $this->query_from $this->query_where $this->query_orderby $this->query_limit" ); 860 861 if ( ! $this->results ) 862 return; 863 864 if ( $this->query_vars['count_total'] ) { 865 $this->total_users = $wpdb->get_var( "SELECT COUNT(*) $this->query_from $this->query_where" ); 866 } 867 } 868 } 869 870 /** 783 871 * Retrieve list of users matching criteria. 784 872 * 785 873 * @since 3.1.0