Ticket #1645: users.php.2.patch
File users.php.2.patch, 3.5 KB (added by , 19 years ago) |
---|
-
users.php
20 20 die(__('You can’t edit users.')); 21 21 22 22 $userids = $_POST['users']; 23 $update = 'promote'; 23 24 foreach($userids as $id) { 25 // The new role of the current user must also have edit_users caps 26 if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) { 27 $update = 'err_admin_role'; 28 continue; 29 } 30 24 31 $user = new WP_User($id); 25 32 $user->set_role($_POST['new_role']); 26 33 } 27 28 header('Location: users.php?update=promote');29 34 35 header('Location: users.php?update=' . $update); 36 30 37 break; 31 38 32 39 case 'dodelete': … … 42 49 43 50 $userids = $_POST['users']; 44 51 52 $update = 'del'; 45 53 foreach($userids as $id) { 54 if($id == $current_user->id) { 55 $update = 'err_admin_del'; 56 continue; 57 } 46 58 switch($_POST['delete_option']) { 47 59 case 'delete': 48 60 wp_delete_user($id); … … 53 65 } 54 66 } 55 67 56 header('Location: users.php?update= del');68 header('Location: users.php?update=' . $update); 57 69 58 70 break; 59 71 … … 78 90 <p><?php _e('You have specified these users for deletion:'); ?></p> 79 91 <ul> 80 92 <?php 93 $go_delete = false; 81 94 foreach($userids as $id) { 82 95 $user = new WP_User($id); 83 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />"; 84 echo "{$id}: {$user->data->user_login}</li>\n"; 96 if($id == $current_user->id) { 97 echo "<li>" . sprintf('ID #%1s: %2s <strong>The current user will not be deleted.</strong>', $id, $user->data->user_login) . "</li>\n"; 98 } 99 else { 100 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf('ID #%1s: %2s', $id, $user->data->user_login) . "</li>\n"; 101 $go_delete = true; 102 } 85 103 } 86 104 $all_logins = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY user_login"); 87 105 $user_dropdown = '<select name="reassign_user">'; 88 106 foreach($all_logins as $login) { 89 if( !in_array($login->ID, $userids)) {107 if($login->ID == $current_user->id || !in_array($login->ID, $userids)) { 90 108 $user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>"; 91 109 } 92 110 } 93 111 $user_dropdown .= '</select>'; 94 112 ?> 95 113 </ul> 114 <?php if($go_delete) : ?> 96 115 <p><?php _e('What should be done with posts and links owned by this user?'); ?></p> 97 116 <ul style="list-style:none;"> 98 117 <li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" /> … … 102 121 </ul> 103 122 <input type="hidden" name="action" value="dodelete" /> 104 123 <p class="submit"><input type="submit" name="submit" value="<?php _e('Confirm Deletion'); ?>" /></p> 124 <?php else : ?> 125 <p><?php _e('There are no valid users selected for deletion.'); ?></p> 126 <?php endif; ?> 105 127 </div> 106 128 </form> 107 129 <?php … … 151 173 <div id="message" class="updated fade"><p><?php _e('Changed roles.'); ?></p></div> 152 174 <?php 153 175 break; 176 case 'err_admin_role': 177 ?> 178 <div id="message" class="error"><p><?php _e('The current user\'s role must have user editing capabilities.'); ?></p></div> 179 <div id="message" class="updated fade"><p><?php _e('Other user roles have been changed.'); ?></p></div> 180 <?php 181 break; 182 case 'err_admin_del': 183 ?> 184 <div id="message" class="error"><p><?php _e('You can\'t delete the current user.'); ?></p></div> 185 <div id="message" class="updated fade"><p><?php _e('Other users have been deleted.'); ?></p></div> 186 <?php 187 break; 154 188 } 155 189 endif; 156 190 if ( isset($errors) ) : ?>