diff --git wp-admin/includes/class-wp-ms-users-list-table.php wp-admin/includes/class-wp-ms-users-list-table.php
index 36d55e1..f255553 100644
|
|
class WP_MS_Users_List_Table extends WP_List_Table { |
188 | 188 | $actions = array(); |
189 | 189 | $actions['edit'] = '<a href="' . $edit_link . '">' . __( 'Edit' ) . '</a>'; |
190 | 190 | |
191 | | if ( current_user_can( 'delete_user', $user->ID) && ! in_array( $user->user_login, $super_admins ) ) { |
| 191 | if ( current_user_can( 'delete_user', $user->ID) && $user->user_email != get_site_option( 'admin_email' ) && $user->ID != get_current_user_id() && count( $super_admins ) > 1 ) { |
192 | 192 | $actions['delete'] = '<a href="' . $delete = esc_url( network_admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'edit.php', 'deleteuser' ) . '&action=deleteuser&id=' . $user->ID ) ) ) . '" class="delete">' . __( 'Delete' ) . '</a>'; |
193 | 193 | } |
194 | 194 | |
diff --git wp-admin/includes/ms.php wp-admin/includes/ms.php
index 8458526..a5a04ba 100644
|
|
function wpmu_delete_user( $id ) { |
140 | 140 | |
141 | 141 | $id = (int) $id; |
142 | 142 | |
| 143 | if ( is_super_admin( $id ) ) |
| 144 | if ( ! revoke_super_admin( $id ) ) |
| 145 | return false; |
| 146 | |
143 | 147 | do_action( 'wpmu_delete_user', $id ); |
144 | 148 | |
145 | 149 | $blogs = get_blogs_of_user( $id ); |
… |
… |
function wpmu_delete_user( $id ) { |
165 | 169 | restore_current_blog(); |
166 | 170 | } |
167 | 171 | } |
168 | | |
| 172 | |
169 | 173 | $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->users WHERE ID = %d", $id ) ); |
170 | 174 | $wpdb->query( $wpdb->prepare( "DELETE FROM $wpdb->usermeta WHERE user_id = %d", $id ) ); |
171 | 175 | |
diff --git wp-admin/network/edit.php wp-admin/network/edit.php
index 2d3f952..7b412fd 100644
|
|
function confirm_delete_users( $users ) { |
22 | 22 | $current_user = wp_get_current_user(); |
23 | 23 | if ( !is_array( $users ) ) |
24 | 24 | return false; |
25 | | |
26 | 25 | screen_icon(); |
27 | 26 | ?> |
28 | 27 | <h2><?php esc_html_e( 'Users' ); ?></h2> |
| 28 | <?php ob_start(); ?> |
29 | 29 | <p><?php _e( 'Transfer or delete posts and links before deleting users.' ); ?></p> |
30 | 30 | <form action="edit.php?action=dodelete" method="post"> |
31 | 31 | <input type="hidden" name="dodelete" /> |
32 | 32 | <?php |
33 | 33 | wp_nonce_field( 'ms-users-delete' ); |
34 | 34 | $site_admins = get_super_admins(); |
| 35 | $site_admin_count = count( $site_admins ); |
35 | 36 | $admin_out = "<option value='$current_user->ID'>$current_user->user_login</option>"; |
36 | 37 | |
37 | 38 | foreach ( ( $allusers = (array) $_POST['allusers'] ) as $key => $val ) { |
… |
… |
function confirm_delete_users( $users ) { |
41 | 42 | if ( ! current_user_can( 'delete_user', $delete_user->ID ) ) |
42 | 43 | wp_die( sprintf( __( 'Warning! User %s cannot be deleted.' ), $delete_user->user_login ) ); |
43 | 44 | |
44 | | if ( in_array( $delete_user->user_login, $site_admins ) ) |
45 | | wp_die( sprintf( __( 'Warning! User cannot be deleted. The user %s is a network admnistrator.' ), $delete_user->user_login ) ); |
| 45 | if ( in_array( $delete_user->user_login, $site_admins ) ) { |
| 46 | $site_admin_count --; |
| 47 | |
| 48 | if ( $site_admin_count < 1 ) { |
| 49 | ob_end_clean(); // don't even output the form |
| 50 | wp_die( __( 'You cannot delete all super admins.' ) ); |
| 51 | } |
| 52 | } |
46 | 53 | |
47 | 54 | echo "<input type='hidden' name='user[]' value='{$val}'/>\n"; |
48 | 55 | $blogs = get_blogs_of_user( $val, true ); |
… |
… |
function confirm_delete_users( $users ) { |
85 | 92 | ?> |
86 | 93 | </form> |
87 | 94 | <?php |
| 95 | echo ob_get_clean(); |
88 | 96 | return true; |
89 | 97 | } |
90 | 98 | |
… |
… |
switch ( $_GET['action'] ) { |
356 | 364 | |
357 | 365 | check_admin_referer( 'deleteuser' ); |
358 | 366 | |
359 | | if ( $id != '0' && $id != '1' ) { |
| 367 | $user = get_userdata( $id ); |
| 368 | |
| 369 | if ( ! is_super_admin( $id ) || ( $user->user_email != get_site_option( 'admin_email' ) && get_current_user_id() != $id && count( get_super_admins() ) > 1 ) ) { |
360 | 370 | $_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle with arrays |
361 | 371 | $title = __( 'Users' ); |
362 | 372 | $parent_file = 'users.php'; |