Ticket #2624: 2624.diff
| File 2624.diff, 18.3 KB (added by , 20 years ago) |
|---|
-
wp-admin/users.php
79 79 } 80 80 81 81 if ( !current_user_can('edit_users') ) 82 $error ['edit_users'] = __('You can’t delete users.');82 $error = new WP_Error('edit_users', __('You can’t delete users.')); 83 83 84 84 $userids = $_POST['users']; 85 85 … … 133 133 case 'adduser': 134 134 check_admin_referer(); 135 135 136 $errors = add_user(); 137 138 if(count($errors) == 0) { 136 $user_id = add_user(); 137 if ( is_wp_error( $user_id ) ) 138 $errors = $user_id; 139 else { 139 140 header('Location: users.php?update=add'); 140 141 die(); 141 142 } 142 143 143 144 default: 144 145 146 $list_js = true; 147 $users_js = true; 148 145 149 include ('admin-header.php'); 146 150 147 151 $userids = $wpdb->get_col("SELECT ID FROM $wpdb->users;"); … … 187 191 break; 188 192 } 189 193 endif; 190 if ( is set($errors) ) : ?>194 if ( is_wp_error( $errors ) ) : ?> 191 195 <div class="error"> 192 196 <ul> 193 197 <?php 194 foreach($errors as $error) echo "<li>$error</li>"; 198 foreach( $errors->get_error_codes() as $code) 199 foreach( $errors->get_error_messages($code) as $message ) 200 echo "<li>$message</li>"; 195 201 ?> 196 202 </ul> 197 203 </div> … … 209 215 ?> 210 216 211 217 <tr> 212 <th colspan="8" align="left"> 213 <h3><?php echo $wp_roles->role_names[$role]; ?></h3> 214 </th></tr> 215 218 <th colspan="8" align="left"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th> 219 </tr> 216 220 <tr> 217 <th><?php _e('ID') ?></th>218 <th><?php _e('Username') ?></th>219 <th><?php _e('Name') ?></th>220 <th><?php _e('E-mail') ?></th>221 <th><?php _e('Website') ?></th>222 <th><?php _e('Posts') ?></th>223 <th> </th>221 <th><?php _e('ID') ?></th> 222 <th><?php _e('Username') ?></th> 223 <th><?php _e('Name') ?></th> 224 <th><?php _e('E-mail') ?></th> 225 <th><?php _e('Website') ?></th> 226 <th><?php _e('Posts') ?></th> 227 <th> </th> 224 228 </tr> 225 < ?php229 <tbody id="role-<?php echo $role; ?>"><?php 226 230 $style = ''; 227 231 foreach ($roleclass as $user_object) { 228 $email = $user_object->user_email; 229 $url = $user_object->user_url; 230 $short_url = str_replace('http://', '', $url); 231 $short_url = str_replace('www.', '', $short_url); 232 if ('/' == substr($short_url, -1)) 233 $short_url = substr($short_url, 0, -1); 234 if (strlen($short_url) > 35) 235 $short_url = substr($short_url, 0, 32).'...'; 236 $style = ('class="alternate"' == $style) ? '' : 'class="alternate"'; 237 $numposts = get_usernumposts($user_object->ID); 238 if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_object->ID' title='" . __('View posts') . "'>$numposts</a>"; 239 echo " 240 <tr $style> 241 <td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td> 242 <td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td> 243 <td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td> 244 <td><a href='mailto:$email' title='" . sprintf(__('e-mail: %s'), $email) . "'>$email</a></td> 245 <td><a href='$url' title='website: $url'>$short_url</a></td>"; 246 echo "<td align='right'>$numposts</td>"; 247 echo '<td>'; 248 if (current_user_can('edit_users')) 249 echo "<a href='user-edit.php?user_id=$user_object->ID' class='edit'>".__('Edit')."</a>"; 250 echo '</td>'; 251 echo '</tr>'; 232 $style = (' class="alternate"' == $style) ? '' : ' class="alternate"'; 233 echo "\n\t" . user_row( $user_object, $style ); 252 234 } 253 235 254 236 ?> 255 237 256 238 </tbody> 257 239 <?php 258 240 } 259 241 ?> … … 261 243 262 244 263 245 <h2><?php _e('Update Users'); ?></h2> 264 <?php265 $role_select = '<select name="new_role">';266 foreach($wp_roles->role_names as $role => $name) {267 $role_select .= "<option value=\"{$role}\">{$name}</option>";268 }269 $role_select .= '</select>';270 ?>271 246 <ul style="list-style:none;"> 272 247 <li><input type="radio" name="action" id="action0" value="delete" /> <label for="action0"><?php _e('Delete checked users.'); ?></label></li> 273 <li><input type="radio" name="action" id="action1" value="promote" /> <?php echo '<label for="action1">'.__('Set the Role of checked users to:')."</label> $role_select"; ?></li> 248 <li> 249 <input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label> 250 <select name="new_role"><?php wp_dropdown_roles(); ?></select> 251 </li> 274 252 </ul> 275 253 <p class="submit"><input type="submit" value="<?php _e('Update »'); ?>" /></p> 276 254 </div> … … 313 291 <input name="pass2" type="password" id="pass2" /></td> 314 292 </tr> 315 293 <?php endif; ?> 294 <tr> 295 <th scope="row"><?php _e('Role'); ?></th> 296 <td><select name="role" id="role"><?php wp_dropdown_roles( get_settings('default_role') ); ?></select></td> 297 </tr> 316 298 </table> 317 299 <p class="submit"> 318 <input name="adduser" type="submit" id="adduser " value="<?php _e('Add User »') ?>" />300 <input name="adduser" type="submit" id="addusersub" value="<?php _e('Add User »') ?>" /> 319 301 </p> 320 302 </form> 303 <div id="ajax-response"></div> 321 304 </div> 322 305 <?php 323 306 -
wp-admin/admin-ajax.php
209 209 header('Content-type: text/xml'); 210 210 die($r); 211 211 break; 212 case 'add-user' : 213 if ( !current_user_can('edit_users') ) 214 die('-1'); 215 require_once( ABSPATH . WPINC . '/registration-functions.php'); 216 $user_id = add_user(); 217 if ( is_wp_error( $user_id ) ) { 218 foreach( $user_id->get_error_codes() as $code) 219 foreach( $user_id->get_error_messages($code) as $message ) 220 echo "$message<br />"; 221 exit; 222 } elseif ( !$user_id ) { 223 die('0'); 224 } 225 $r = "<?xml version='1.0' standalone='yes'?><ajaxresponse><user><id>$user_id</id><newitem><![CDATA[<table><tbody>"; 226 $r .= user_row( $user_id ); 227 $r .= "</tbody></table>]]></newitem></user></ajaxresponse>"; 228 header('Content-type: text/xml'); 229 die($r); 230 break; 212 231 default : 213 232 die('0'); 214 233 break; -
wp-admin/profile-update.php
9 9 10 10 $errors = edit_user($user_ID); 11 11 12 if ( count($errors) != 0) {13 foreach ($errors as $id => $error) {14 echo $error . '<br/>';15 }12 if ( is_wp_error( $errors ) ) { 13 foreach( $errors->get_error_codes() as $code) 14 foreach( $errors->get_error_messages($code) as $message ) 15 echo "$message<br />"; 16 16 exit; 17 17 } 18 18 … … 30 30 wp_redirect( $to ); 31 31 exit; 32 32 33 ?> 34 No newline at end of file 33 ?> -
wp-admin/admin.php
40 40 } 41 41 } 42 42 43 $xfn_js = $sack_js = $list_js = $cat_js = $ dbx_js = $pmeta_js = $editing = false;43 $xfn_js = $sack_js = $list_js = $cat_js = $users_js = $dbx_js = $pmeta_js = $editing = false; 44 44 45 45 require(ABSPATH . '/wp-admin/menu.php'); 46 46 -
wp-admin/admin-functions.php
361 361 return $category; 362 362 } 363 363 364 function wp_dropdown_roles( $default = false ) { 365 global $wp_roles; 366 $r = ''; 367 foreach($wp_roles->role_names as $role => $name) 368 if ( $default == $role ) // Make default first in list 369 $p = "\n\t<option selected='selected' value='$role'>$name</option>"; 370 else 371 $r .= "\n\t<option value='$role'>$name</option>"; 372 echo $p . $r; 373 } 374 375 364 376 // Creates a new user from the "Users" form using $_POST information. 365 377 366 378 function add_user() { 367 return edit_user(); 379 if ( func_num_args() ) { // The hackiest hack that ever did hack 380 global $current_user, $wp_roles; 381 $user_id = func_get_arg(0); 382 if (isset ($_POST['role'])) { 383 if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users')) { 384 $user = new WP_User($user_id); 385 $user->set_role($_POST['role']); 386 } 387 } 388 } else { 389 add_action('user_register', 'add_user'); // See above 390 return edit_user(); 391 } 368 392 } 369 393 370 394 function edit_user($user_id = 0) { 371 395 global $current_user, $wp_roles, $wpdb; 372 373 396 if ($user_id != 0) { 374 397 $update = true; 375 398 $user->ID = $user_id; … … 417 440 if (isset ($_POST['yim'])) 418 441 $user->yim = wp_specialchars(trim($_POST['yim'])); 419 442 420 $errors = array();443 $errors = new WP_Error(); 421 444 422 445 /* checking that username has been typed */ 423 446 if ($user->user_login == '') 424 $errors ['user_login'] = __('<strong>ERROR</strong>: Please enter a username.');447 $errors->add('user_login', __('<strong>ERROR</strong>: Please enter a username.')); 425 448 426 449 /* checking the password has been typed twice */ 427 450 do_action('check_passwords', array ($user->user_login, & $pass1, & $pass2)); 428 451 429 452 if (!$update) { 430 453 if ($pass1 == '' || $pass2 == '') 431 $errors ['pass'] = __('<strong>ERROR</strong>: Please enter your password twice.');454 $errors->add('pass', __('<strong>ERROR</strong>: Please enter your password twice.')); 432 455 } else { 433 456 if ((empty ($pass1) && !empty ($pass2)) || (empty ($pass2) && !empty ($pass1))) 434 $errors ['pass'] = __("<strong>ERROR</strong>: you typed your new password only once.");457 $errors->add('pass', __("<strong>ERROR</strong>: you typed your new password only once.")); 435 458 } 436 459 437 460 /* Check for "\" in password */ 438 461 if( strpos( " ".$pass1, "\\" ) ) 439 $errors ['pass'] = __('<strong>ERROR</strong>: Passwords may not contain the character "\\".');462 $errors->add('pass', __('<strong>ERROR</strong>: Passwords may not contain the character "\\".')); 440 463 441 464 /* checking the password has been typed twice the same */ 442 465 if ($pass1 != $pass2) 443 $errors ['pass'] = __('<strong>ERROR</strong>: Please type the same password in the two password fields.');466 $errors->add('pass', __('<strong>ERROR</strong>: Please type the same password in the two password fields.')); 444 467 445 468 if (!empty ($pass1)) 446 469 $user->user_pass = $pass1; 447 470 448 471 if ( !validate_username($user->user_login) ) 449 $errors ['user_login'] = __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.');472 $errors->add('user_login', __('<strong>ERROR</strong>: This username is invalid. Please enter a valid username.')); 450 473 451 474 if (!$update && username_exists($user->user_login)) 452 $errors ['user_login'] = __('<strong>ERROR</strong>: This username is already registered, please choose another one.');475 $errors->add('user_login', __('<strong>ERROR</strong>: This username is already registered, please choose another one.')); 453 476 454 477 /* checking e-mail address */ 455 478 if (empty ($user->user_email)) { 456 $errors ['user_email'] = __("<strong>ERROR</strong>: please type an e-mail address");479 $errors->add('user_email', __("<strong>ERROR</strong>: please type an e-mail address")); 457 480 } else 458 481 if (!is_email($user->user_email)) { 459 $errors ['user_email'] = __("<strong>ERROR</strong>: the email address isn't correct");482 $errors->add('user_email', __("<strong>ERROR</strong>: the email address isn't correct")); 460 483 } 461 484 462 if ( count($errors) != 0)485 if ( $errors->get_error_codes() ) 463 486 return $errors; 464 487 465 488 if ($update) { … … 468 491 $user_id = wp_insert_user(get_object_vars($user)); 469 492 wp_new_user_notification($user_id); 470 493 } 471 472 return $errors; 494 return $user_id; 473 495 } 474 496 475 497 … … 692 714 } 693 715 } 694 716 717 function user_row( $user_object, $style = '' ) { 718 if ( !(is_object($user_object) && is_a($user_object, 'WP_User')) ) 719 $user_object = new WP_User( (int) $user_object ); 720 $email = $user_object->user_email; 721 $url = $user_object->user_url; 722 $short_url = str_replace('http://', '', $url); 723 $short_url = str_replace('www.', '', $short_url); 724 if ('/' == substr($short_url, -1)) 725 $short_url = substr($short_url, 0, -1); 726 if (strlen($short_url) > 35) 727 $short_url = substr($short_url, 0, 32).'...'; 728 $numposts = get_usernumposts($user_object->ID); 729 if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_object->ID' title='" . __('View posts') . "'>$numposts</a>"; 730 $r = "<tr id='user-$user_object->ID'$style> 731 <td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td> 732 <td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td> 733 <td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td> 734 <td><a href='mailto:$email' title='" . sprintf(__('e-mail: %s'), $email) . "'>$email</a></td> 735 <td><a href='$url' title='website: $url'>$short_url</a></td>"; 736 $r .= "\n\t\t<td align='right'>$numposts</td>"; 737 $r .= "\n\t\t<td>"; 738 if (current_user_can('edit_users')) 739 $r .= "<a href='user-edit.php?user_id=$user_object->ID' class='edit'>".__('Edit')."</a>"; 740 $r .= "</td>\n\t</tr>"; 741 return $r; 742 } 743 695 744 function wp_dropdown_cats($currentcat = 0, $currentparent = 0, $parent = 0, $level = 0, $categories = 0) { 696 745 global $wpdb, $bgcolor; 697 746 if (!$categories) { -
wp-admin/options-general.php
54 54 <tr valign="top"> 55 55 <th scope="row"><?php _e('New User Default Role:') ?></th> 56 56 <td><label for="default_role"> 57 <select name="default_role" id="default_role"><?php 58 foreach($wp_roles->role_names as $role => $name) { 59 $selected = (get_settings('default_role') == $role) ? 'selected="selected"' : ''; 60 echo "<option {$selected} value=\"{$role}\">{$name}</option>"; 61 } 62 ?></select></label> 57 <select name="default_role" id="default_role"><?php wp_dropdown_roles( get_settings('default_role') ); ?></select></label> 63 58 </td> 64 59 </tr> 65 60 </table> … … 112 107 113 108 </div> 114 109 115 <?php include('./admin-footer.php') ?> 116 No newline at end of file 110 <?php include('./admin-footer.php') ?> -
wp-admin/admin-header.php
40 40 <?php if ( 'categories.php' == $pagenow && 'edit' != $action ) { ?> 41 41 <script type="text/javascript" src="categories.js"></script> 42 42 <?php } ?> 43 <?php if ( $users_js ) { ?> 44 <script type="text/javascript" src="users.js"></script> 45 <?php } ?> 43 46 <?php if ( $dbx_js ) { ?> 44 47 <script type="text/javascript" src="../wp-includes/js/dbx.js"></script> 45 48 <script type="text/javascript"> -
wp-admin/list-manipulation-js.php
9 9 function WPAjax(file, responseEl){//class WPAjax extends sack 10 10 this.getResponseElement=function(r){var p=document.getElementById(r+'-p');if(!p){p=document.createElement('span');p.id=r+'ajax-response-p';document.getElementById(r).appendChild(p);}this.myResponseElement=p; } 11 11 this.parseAjaxResponse=function(){ 12 if(isNaN(this.response)){this.myResponseElement.innerHTML= "<?php _e('Error: '); ?>"+this.response;return false;}12 if(isNaN(this.response)){this.myResponseElement.innerHTML='<div class="error">'+this.response+'</div>';return false;} 13 13 this.response=parseInt(this.response,10); 14 14 if(-1==this.response){this.myResponseElement.innerHTML="<?php _e("You don't have permission to do that."); ?>";return false;} 15 15 else if(0==this.response){this.myResponseElement.innerHTML="<?php _e("Something odd happened. Try refreshing the page? Either that or what you tried to change never existed in the first place."); ?>";return false;} … … 17 17 } 18 18 this.parseAjaxResponseXML=function(){ 19 19 if(this.responseXML&&typeof this.responseXML=='object')return true; 20 if(isNaN(this.response)){this.myResponseElement.innerHTML= "<?php _e('Error: '); ?>"+this.response;return false;}20 if(isNaN(this.response)){this.myResponseElement.innerHTML='<div class="error">'+this.response+'</div>';return false;} 21 21 var r=parseInt(this.response,10); 22 22 if(-1==r){this.myResponseElement.innerHTML="<?php _e("You don't have permission to do that."); ?>";} 23 23 else if(0==r){this.myResponseElement.innerHTML="<?php _e("Invalid Entry."); ?>";} … … 153 153 this.getListItems(); 154 154 } 155 155 //No submit unless eval(code) returns true. 156 function killSubmit(code,e){if(!e){if(window.event)e=window.event;else return;}var t=e.target?e.target:e.srcElement;if(('text'==t.type&&e.keyCode==13)||('submit'==t.type&&'click'==e.type)){if(!eval(code)) ;e.returnValue=false;e.cancelBubble=true;return false;}}156 function killSubmit(code,e){if(!e){if(window.event)e=window.event;else return;}var t=e.target?e.target:e.srcElement;if(('text'==t.type&&e.keyCode==13)||('submit'==t.type&&'click'==e.type)){if(!eval(code)){e.returnValue=false;e.cancelBubble=true;return false;}}} 157 157 //Pretty func from ALA http://www.alistapart.com/articles/gettingstartedwithajax 158 158 function getNodeValue(tree,el){return tree.getElementsByTagName(el)[0].firstChild.nodeValue;} 159 159 //Generic but lame JS closure -
wp-admin/user-edit.php
34 34 35 35 check_admin_referer(); 36 36 37 $errors = array();38 39 37 if (!current_user_can('edit_users')) 40 $errors ['head'] = __('You do not have permission to edit this user.');38 $errors = new WP_Error('head', __('You do not have permission to edit this user.')); 41 39 else 42 40 $errors = edit_user($user_id); 43 41 44 if( count($errors) == 0) {42 if( !is_wp_error( $errors ) ) { 45 43 header("Location: user-edit.php?user_id=$user_id&updated=true"); 46 44 exit; 47 45 } … … 51 49 52 50 $profileuser = new WP_User($user_id); 53 51 54 if (!current_user_can('edit_users')) $errors['head'] = __('You do not have permission to edit this user.'); 52 if (!current_user_can('edit_users')) 53 if ( !is_wp_error( $errors ) ) 54 $errors = new WP_Error('head', __('You do not have permission to edit this user.')); 55 55 ?> 56 56 57 57 <?php if ( isset($_GET['updated']) ) : ?> … … 59 59 <p><strong><?php _e('User updated.') ?></strong></p> 60 60 </div> 61 61 <?php endif; ?> 62 <?php if ( count($errors) != 0) : ?>62 <?php if ( is_wp_error( $errors ) ) : ?> 63 63 <div class="error"> 64 64 <ul> 65 65 <?php 66 foreach($errors as $error) echo "<li>$error</li>"; 66 foreach( $errors->get_error_codes() as $code) 67 foreach( $errors->get_error_messages($code) as $message ) 68 echo "<li>$message</li>"; 67 69 ?> 68 70 </ul> 69 71 </div>