Changeset 12722 for trunk/wp-admin/user-edit.php

Timestamp:

01/14/2010 02:02:19 AM (16 years ago)

Author:

wpmuguru

Message:

merge wp-admin user, plugins, themes, upgrade , See #11644

Location:

trunk/wp-admin

Files:

• . (modified) (1 prop)
• user-edit.php (modified) (2 diffs)

trunk/wp-admin/user-edit.php

@@ -61 +61 @@
 }
 
+
+// Only allow site admins to edit every user. 
+if ( is_multisite() && !defined( "EDIT_ANY_USER" ) && !is_super_admin() && $user_id != $current_user->ID ) 
+    wp_die( __( 'You do not have permission to edit this user.' ) ); 
+    
 switch ($action) {
 case 'switchposts':
@@ -82 +87 @@
     do_action('edit_user_profile_update', $user_id);
 
-$errors = edit_user($user_id);
+if ( !is_multisite() ) {
+    $errors = edit_user($user_id);
+} else {
+    // WPMU must delete the user from the current blog if WP added him after editing.
+    $delete_role = false;
+    $blog_prefix = $wpdb->get_blog_prefix();
+    if( $user_id != $current_user->ID ) {
+        $cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
+        if( null == $cap && $_POST[ 'role' ] == '' ) {
+            $_POST[ 'role' ] = 'contributor';
+            $delete_role = true;
+        }
+    }
+    if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) )
+        $errors = edit_user($user_id);
+    if( $delete_role ) // stops users being added to current blog when they are edited
+        update_usermeta( $user_id, $blog_prefix . 'capabilities' , '' );
+}
 
 if ( !is_wp_error( $errors ) ) {