WordPress.org

Make WordPress Core

Ticket #18749: 18749.diff

File 18749.diff, 1.6 KB (added by duck_, 3 years ago)
  • wp-admin/includes/user.php

     
    99/** 
    1010 * Creates a new user from the "Users" form using $_POST information. 
    1111 * 
    12  * It seems that the first half is for backwards compatibility, but only 
    13  * has the ability to alter the user's role. WordPress core seems to 
    14  * use this function only in the second way, running edit_user() with 
    15  * no id so as to create a new user. 
    16  * 
    1712 * @since 2.0 
    1813 * 
    19  * @param int $user_id Optional. User ID. 
    2014 * @return null|WP_Error|int Null when adding user, WP_Error or User ID integer when no parameters. 
    2115 */ 
    2216function add_user() { 
    23         if ( func_num_args() ) { // The hackiest hack that ever did hack 
    24                 global $wp_roles; 
    25                 $user_id = (int) func_get_arg( 0 ); 
    26  
    27                 if ( isset( $_POST['role'] ) ) { 
    28                         $new_role = sanitize_text_field( $_POST['role'] ); 
    29                         // Don't let anyone with 'edit_users' (admins) edit their own role to something without it. 
    30                         if ( $user_id != get_current_user_id() || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) { 
    31                                 // If the new role isn't editable by the logged-in user die with error 
    32                                 $editable_roles = get_editable_roles(); 
    33                                 if ( empty( $editable_roles[$new_role] ) ) 
    34                                         wp_die(__('You can’t give users that role.')); 
    35  
    36                                 $user = new WP_User( $user_id ); 
    37                                 $user->set_role( $new_role ); 
    38                         } 
    39                 } 
    40         } else { 
    41                 add_action( 'user_register', 'add_user' ); // See above 
    42                 return edit_user(); 
    43         } 
     17        return edit_user(); 
    4418} 
    4519 
    4620/**