Changeset 12753

Timestamp:

01/18/2010 10:21:36 PM (15 years ago)

Author:

ryan

Message:

Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644.

Location:

trunk

Files:

• wp-admin/admin.php (modified) (1 diff)
• wp-admin/includes/schema.php (modified) (2 diffs)
• wp-admin/includes/update.php (modified) (11 diffs)
• wp-admin/includes/upgrade.php (modified) (4 diffs)
• wp-admin/menu.php (modified) (3 diffs)
• wp-admin/options-general.php (modified) (2 diffs)
• wp-admin/options.php (modified) (1 diff)
• wp-admin/plugins.php (modified) (3 diffs)
• wp-admin/themes.php (modified) (6 diffs)
• wp-admin/upgrade.php (modified) (1 diff)
• wp-admin/users.php (modified) (6 diffs)
• wp-includes/capabilities.php (modified) (2 diffs)
• wp-includes/post.php (modified) (1 diff)
• wp-includes/version.php (modified) (1 diff)
• wp-includes/wp-db.php (modified) (4 diffs)

trunk/wp-admin/admin.php

@@ -199 +199 @@
 
     define('WP_IMPORTING', true);
-    if ( is_multisite() ) {
+
+    if ( is_multisite() )
         kses_init_filters();  // Always filter imported data with kses.
-    }
 
     call_user_func($wp_importers[$importer][2]);

trunk/wp-admin/includes/schema.php

@@ -370 +370 @@
     populate_roles_270();
     populate_roles_280();
+    populate_roles_300();
 }
 
@@ -591 +592 @@
 }
 
+/**
+ * Create and modify WordPress roles for WordPress 2.8.
+ *
+ * @since 2.8.0
+ */
+function populate_roles_300() {
+    $role =& get_role( 'administrator' );
+
+    if ( !empty( $role ) ) {
+        $role->add_cap( 'update_core' );
+        $role->add_cap( 'remove_user' );
+        $role->add_cap( 'remove_users' );
+    }
+}
+
 ?>

trunk/wp-admin/includes/update.php

@@ -83 +83 @@
 
 function core_update_footer( $msg = '' ) {
-    if ( is_multisite() && !is_super_admin() )
-        return false;
-
-    if ( !current_user_can('manage_options') )
+    if ( is_multisite() && !current_user_can('update_core') )
+        return false;
+
+    if ( !current_user_can('update_core') )
         return sprintf( __( 'Version %s' ), $GLOBALS['wp_version'] );
 
@@ -105 +105 @@
 
     case 'upgrade' :
-        if ( current_user_can('manage_options') ) {
-            return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
-            break;
-        }
+        return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
+    break;
 
     case 'latest' :
@@ -119 +117 @@
 
 function update_nag() {
-    if ( is_multisite() && !is_super_admin() )
+    if ( is_multisite() && !current_user_can('update_core') )
         return false;
 
@@ -132 +130 @@
         return false;
 
-    if ( current_user_can('manage_options') )
+    if ( current_user_can('update_core') )
         $msg = sprintf( __('WordPress %1$s is available! <a href="%2$s">Please update now</a>.'), $cur->current, 'update-core.php' );
     else
@@ -143 +141 @@
 // Called directly from dashboard
 function update_right_now_message() {
-    if ( is_multisite() && !is_super_admin() )
+    if ( is_multisite() && !current_user_can('update_core') )
         return false;
 
@@ -149 +147 @@
 
     $msg = sprintf( __('You are using <span class="b">WordPress %s</span>.'), $GLOBALS['wp_version'] );
-    if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('manage_options') )
+    if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('update_core') )
         $msg .= " <a href='update-core.php' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
 
@@ -170 +168 @@
 
 function wp_plugin_update_rows() {
+    if ( !current_user_can('update_plugins' ) )
+        return;
+
     $plugins = get_site_transient( 'update_plugins' );
     if ( isset($plugins->response) && is_array($plugins->response) ) {
@@ -206 +207 @@
 
 function wp_update_plugin($plugin, $feedback = '') {
-    if ( is_multisite() && !is_super_admin() )
-        return false;
-
-
     if ( !empty($feedback) )
         add_filter('update_feedback', $feedback);
@@ -235 +232 @@
 
 function wp_update_theme($theme, $feedback = '') {
-
     if ( !empty($feedback) )
         add_filter('update_feedback', $feedback);
@@ -246 +242 @@
 
 function wp_update_core($current, $feedback = '') {
-
     if ( !empty($feedback) )
         add_filter('update_feedback', $feedback);
@@ -261 +256 @@
         return false;
 
-    if ( current_user_can('manage_options') )
+    if ( current_user_can('update_core') )
         $msg = sprintf( __('An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.'), 'update-core.php' );
     else

trunk/wp-admin/includes/upgrade.php

@@ -260 +260 @@
  */
 function wp_upgrade() {
-    global $wp_current_db_version, $wp_db_version;
+    global $wp_current_db_version, $wp_db_version, $wpdb;
 
     $wp_current_db_version = __get_option('db_version');
@@ -277 +277 @@
     upgrade_all();
     wp_cache_flush();
+
+    if ( is_multisite() ) {
+        if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
+            $wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
+        } else {
+            $wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
+        }
+    }
 }
 endif;
@@ -352 +360 @@
     if ( $wp_current_db_version < 11958 )
         upgrade_290();
+
+    if ( $wp_current_db_version < 12751 )
+        upgrade_300();
 
     maybe_disable_automattic_widgets();
@@ -1007 +1018 @@
 }
 
+/**
+ * Execute changes made in WordPress 3.0.
+ *
+ * @since 3.0
+ */
+function upgrade_300() {
+    populate_roles_300();
+}
 
 // The functions we use to actually do stuff

trunk/wp-admin/menu.php

@@ -31 +31 @@
     $menu[1] = array( '', 'read', 'separator0', '', 'wp-menu-separator' );
     $menu[2] = array(__('Site Admin'), '10', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div');
-    $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'delete_users', 'ms-admin.php' );
-    $submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'delete_users', 'ms-sites.php' );
-    $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'delete_users', 'ms-users.php' );
-    $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'delete_users', 'ms-themes.php' );
-    $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'delete_users', 'ms-options.php' );
-    $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'delete_users', 'ms-upgrade-site.php' );
+    $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'super_admin', 'ms-admin.php' );
+    $submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'super_admin', 'ms-sites.php' );
+    $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'super_admin', 'ms-users.php' );
+    $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'super_admin', 'ms-themes.php' );
+    $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'super_admin', 'ms-options.php' );
+    $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'super_admin', 'ms-upgrade-site.php' );
 }
 
@@ -106 +106 @@
     if ( !is_multisite() )
         $submenu['themes.php'][10] = array(__('Editor'), 'edit_themes', 'theme-editor.php');
-    if ( is_super_admin() )
-        $submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
+    $submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
 
 $update_plugins = get_site_transient( 'update_plugins' );
@@ -118 +117 @@
     $menu[65] = array( sprintf( __('Plugins %s'), "<span class='update-plugins count-$update_count'><span class='plugin-count'>" . number_format_i18n($update_count) . "</span></span>" ), 'activate_plugins', 'plugins.php', '', 'menu-top', 'menu-plugins', 'div' );
         $submenu['plugins.php'][5]  = array( __('Installed'), 'activate_plugins', 'plugins.php' );
-        if ( is_super_admin() ) {
-            /* translators: add new plugin */
-            $submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
-        }
+        /* translators: add new plugin */
+        $submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
         if ( !is_multisite() )
             $submenu['plugins.php'][15] = array( __('Editor'), 'edit_plugins', 'plugin-editor.php' );

trunk/wp-admin/options-general.php

@@ -293 +293 @@
 <?php do_settings_fields('general', 'default'); ?>
 <?php
-if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) )
-    while( ( $lang_file = readdir( $dh ) ) !== false )
+
+$lang_files = array();
+if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) ) {
+    while ( ( $lang_file = readdir( $dh ) ) !== false ) {
         if ( substr( $lang_file, -3 ) == '.mo' )
             $lang_files[] = $lang_file;
-$lang = get_option('WPLANG');
-
-if ( is_array($lang_files) && !empty($lang_files) ) {
-    ?>
+    }
+}
+
+if ( !empty($lang_files) ) {
+?>
     <tr valign="top">
         <th width="33%" scope="row"><?php _e('Blog language:') ?></th>
@@ -309 +312 @@
         </td>
     </tr>
-    <?php
+<?php
 } // languages
 ?>

trunk/wp-admin/options.php

@@ -119 +119 @@
   <input type="hidden" name="action" value="update" />
   <input type='hidden' name='option_page' value='options' />
-<?php if ( is_multisite() ) { ?>
-<p class="submit submit-top">
-    <input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" class="button-primary" />
-</p>
-<?php } ?>
   <table class="form-table">
 <?php

trunk/wp-admin/plugins.php

@@ -232 +232 @@
 
 $help = '<p>' . __('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.') . '</p>';
-if ( !is_multisite() || is_super_admin() ) {
+if ( current_user_can('edit_plugins') ) {
 $help .= '<p>' . sprintf(__('If something goes wrong with a plugin and you can&#8217;t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), WP_PLUGIN_DIR) . '</p>';
 $help .= '<p>' . sprintf(__('You can find additional plugins for your site by using the new <a href="%1$s">Plugin Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/plugins/">WordPress Plugin Directory</a> directly and installing manually.  To <em>manually</em> install a plugin you generally just need to upload the plugin file into your <code>%2$s</code> directory.  Once a plugin has been installed, you may activate it here.'), 'plugin-install.php', WP_PLUGIN_DIR) . '</p>';
@@ -285 +285 @@
 <div class="wrap">
 <?php screen_icon(); ?>
-<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
+<h2><?php echo esc_html( $title ); if ( current_user_can('install_plugins') ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
 
 <?php
@@ -326 +326 @@
 }
 
-if ( is_multisite() && !is_super_admin() ) {
-    $upgrade_plugins = false;
-}
+if ( !current_user_can('update_plugins') )
+    $upgrade_plugins = array();
 
 $total_all_plugins = count($all_plugins);

trunk/wp-admin/themes.php

@@ -68 +68 @@
 
 require_once('admin-header.php');
-if ( is_multisite() && is_super_admin() ) {
+if ( is_multisite() && current_user_can('edit_themes') ) {
     ?><div id="message0" class="updated fade"><p><?php _e('Administrator: new themes must be activated in the <a href="wpmu-themes.php">Themes Admin</a> page before they appear here.'); ?></p></div><?php
 }
@@ -127 +127 @@
     static $themes_update;
 
-    if ( is_multisite() && !is_super_admin() )
+    if ( !current_user_can('update_themes' ) )
         return;
 
@@ -160 +160 @@
 <div class="wrap">
 <?php screen_icon(); ?>
-<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
+<h2><?php echo esc_html( $title ); if ( !current_user_can('install_themes') ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
 
 <h3><?php _e('Current Theme'); ?></h3>
@@ -171 +171 @@
     printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h4>
 <p class="theme-description"><?php echo $ct->description; ?></p>
-<?php if ( ( !is_multisite() || is_super_admin() ) && $ct->parent_theme ) { ?>
+<?php if ( current_user_can('edit_themes') && $ct->parent_theme ) { ?>
     <p><?php printf(__('The template files are located in <code>%2$s</code>.  The stylesheet files are located in <code>%3$s</code>.  <strong>%4$s</strong> uses templates from <strong>%5$s</strong>.  Changes made to the templates will affect both themes.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ), $ct->title, $ct->parent_theme); ?></p>
 <?php } else { ?>
@@ -266 +266 @@
 <p class="description"><?php echo $description; ?></p>
 <span class='action-links'><?php echo $actions ?></span>
-    <?php if ( ( !is_multisite() || is_super_admin() ) && $parent_theme ) {
+    <?php if ( current_user_can('edit_themes') && $parent_theme ) {
     /* translators: 1: theme title, 2:  template dir, 3: stylesheet_dir, 4: theme title, 5: parent_theme */ ?>
     <p><?php printf(__('The template files are located in <code>%2$s</code>.  The stylesheet files are located in <code>%3$s</code>.  <strong>%4$s</strong> uses templates from <strong>%5$s</strong>.  Changes made to the templates will affect both themes.'), $title, str_replace( WP_CONTENT_DIR, '', $template_dir ), str_replace( WP_CONTENT_DIR, '', $stylesheet_dir ), $title, $parent_theme); ?></p>
@@ -299 +299 @@
 // List broken themes, if any.
 $broken_themes = get_broken_themes();
-if ( ( !is_multisite() || is_super_admin() ) && count( $broken_themes ) ) {
+if ( current_user_can('edit_themes') && count( $broken_themes ) ) {
 ?>
 

trunk/wp-admin/upgrade.php

@@ -86 +86 @@
             $backto = esc_url_raw( $backto );
             $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
-        if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
-            $wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
-        } else {
-            $wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
-        }
 ?>
 <h2><?php _e( 'Upgrade Complete' ); ?></h2>

trunk/wp-admin/users.php

@@ -15 +15 @@
 if ( !current_user_can('edit_users') )
     wp_die(__('Cheatin’ uh?'));
+
+$del_cap_type = 'remove';
+if ( !is_multisite() && current_user_can('delete_users') )
+    $del_cap_type = 'delete';
 
 $title = __('Users');
@@ -44 +48 @@
     check_admin_referer('bulk-users');
 
-    if (empty($_REQUEST['users'])) {
+    if ( empty($_REQUEST['users']) ) {
         wp_redirect($redirect);
         exit();
@@ -50 +54 @@
 
     $editable_roles = get_editable_roles();
-    if (!$editable_roles[$_REQUEST['new_role']])
+    if ( !$editable_roles[$_REQUEST['new_role']] )
         wp_die(__('You can’t give users that role.'));
 
     $userids = $_REQUEST['users'];
     $update = 'promote';
-    foreach($userids as $id) {
+    foreach ( $userids as $id ) {
         if ( ! current_user_can('edit_user', $id) )
             wp_die(__('You can’t edit that user.'));
         // The new role of the current user must also have edit_users caps
-        if($id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users')) {
+        if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users') ) {
             $update = 'err_admin_role';
             continue;
@@ -82 +86 @@
     }
 
-    if ( !current_user_can('delete_users') )
+    if ( !current_user_can($del_cap_type . '_users') )
         wp_die(__('You can’t delete users.'));
 
@@ -90 +94 @@
 
     foreach ( (array) $userids as $id) {
-        if ( ! current_user_can('delete_user', $id) )
+        if ( ! current_user_can($del_cap_type . '_user', $id) )
             wp_die(__('You can’t delete that user.'));
 
-        if ($id == $current_user->ID) {
+        if ( $id == $current_user->ID ) {
             $update = 'err_admin_del';
             continue;
         }
-        switch($_REQUEST['delete_option']) {
+        switch ( $_REQUEST['delete_option'] ) {
         case 'delete':
-            if ( !is_multisite() ) {
+            if ( !is_multisite() && current_user_can('delete_user', $id) )
                 wp_delete_user($id);
-            } else {
+            else
                 remove_user_from_blog($id, $blog_id); // WPMU only remove user from blog
-            }
             break;
         case 'reassign':
-            if ( !is_multisite() ) {
+            if ( !is_multisite() && current_user_can('delete_user', $id) )
                 wp_delete_user($id, $_REQUEST['reassign_user']);
-            } else {
+            else
                 remove_user_from_blog($id, $blog_id, $_REQUEST['reassign_user']);
-            }
             break;
         }
@@ -131 +133 @@
     }
 
-    if ( !current_user_can('delete_users') )
+    if ( !current_user_can($del_cap_type . '_users') )
         $errors = new WP_Error('edit_users', __('You can’t delete users.'));
 

trunk/wp-includes/capabilities.php

@@ -717 +717 @@
             $cap = $this->translate_level_to_cap( $cap );
         }
+
+        // Multisite super admin has all caps by definition.
+        if ( is_multisite() && is_super_admin() )
+            return true;
 
         $args = array_slice( func_get_args(), 1 );
@@ -963 +967 @@
     case 'install_themes':
     case 'edit_themes':
+    case 'update_core':
+    case 'delete_user':
+    case 'delete_users':
         // If multisite these caps are allowed only for super admins.
         if ( is_multisite() && !is_super_admin() )

trunk/wp-includes/post.php

@@ -3252 +3252 @@
             if ( 0 === strpos($file, $uploads['basedir']) ) //Check that the upload base exists in the file location
                 $url = str_replace($uploads['basedir'], $uploads['baseurl'], $file); //replace file location with url location
-            elseif ( !is_multisite() ) {
-                                if ( false !== strpos($file, 'wp-content/uploads') )
-                                        $url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
-                                else
-                                        $url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
-                        }
+            elseif ( false !== strpos($file, 'wp-content/uploads') )
+                $url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
+            else
+                $url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
         }
     }

trunk/wp-includes/version.php

@@ -16 +16 @@
  * @global int $wp_db_version
  */
-$wp_db_version = 12329;
+$wp_db_version = 12751;
 
 /**

trunk/wp-includes/wp-db.php

@@ -371 +371 @@
             $this->show_errors();
 
-                if( is_multisite() ) {
-                        $this->charset = 'utf8';
-                        if( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' ) {
-                                $this->collate = constant( 'DB_COLLATE' );
-                        } else {
-                                $this->collate = 'utf8_general_ci';
-                        }
-                }
+        if ( is_multisite() ) {
+            $this->charset = 'utf8';
+            if ( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' )
+                $this->collate = constant( 'DB_COLLATE' );
+            else
+                $this->collate = 'utf8_general_ci';
+        }
 
         if ( defined('DB_CHARSET') )
@@ -447 +446 @@
             return new WP_Error('invalid_db_prefix', /*WP_I18N_DB_BAD_PREFIX*/'Invalid database prefix'/*/WP_I18N_DB_BAD_PREFIX*/);
 
-                if( is_multisite() ) {
-                        $old_prefix = '';
-                } else {
-                        $old_prefix = $prefix;
-                }
-        if( isset( $this->base_prefix ) )
+        if ( is_multisite() )
+            $old_prefix = '';
+        else
+            $old_prefix = $prefix;
+
+        if ( isset( $this->base_prefix ) )
             $old_prefix = $this->base_prefix;
         $this->base_prefix = $prefix;
@@ -665 +664 @@
             return false;
 
-                // If there is an error then take note of it
-                if( is_multisite() ) {
-                        $msg = "WordPress database error: [$str]\n{$this->last_query}\n";
-                        if( defined( 'ERRORLOGFILE' ) )
-                                error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
-                        if( defined( 'DIEONDBERROR' ) )
-                                die( $msg );
-                } else {
-                        $str = htmlspecialchars($str, ENT_QUOTES);
-                        $query = htmlspecialchars($this->last_query, ENT_QUOTES);
-
-                        print "<div id='error'>
-                        <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
-                        <code>$query</code></p>
-                        </div>";
-                }
+        // If there is an error then take note of it
+        if ( is_multisite() ) {
+            $msg = "WordPress database error: [$str]\n{$this->last_query}\n";
+            if ( defined( 'ERRORLOGFILE' ) )
+                error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
+            if ( defined( 'DIEONDBERROR' ) )
+                die( $msg );
+        } else {
+            $str = htmlspecialchars($str, ENT_QUOTES);
+            $query = htmlspecialchars($this->last_query, ENT_QUOTES);
+
+            print "<div id='error'>
+            <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
+            <code>$query</code></p>
+            </div>";
+        }
     }
 
@@ -740 +739 @@
     function db_connect( $query = "SELECT" ) {
         global $db_list, $global_db_list;
-        if( is_array( $db_list ) == false )
+        if ( is_array( $db_list ) == false )
             return true;
 
-        if( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
+        if ( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
             $action = 'global';
             $details = $global_db_list[ mt_rand( 0, count( $global_db_list ) -1 ) ];