Changeset 17277 for trunk/wp-admin/users.php
- Timestamp:
- 01/13/2011 12:50:35 AM (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/users.php
r17275 r17277 43 43 $update = ''; 44 44 45 if ( $doaction = $wp_list_table->current_action() ) { 46 47 switch ( $doaction ) { 45 switch ( $wp_list_table->current_action() ) { 48 46 49 47 /* Bulk Dropdown menu Role changes */ … … 51 49 check_admin_referer('bulk-users'); 52 50 53 if ( empty($_REQUEST['users']) ) 54 break; 51 if ( empty($_REQUEST['users']) ) { 52 wp_redirect($redirect); 53 exit(); 54 } 55 55 56 56 $editable_roles = get_editable_roles(); … … 66 66 wp_die(__('You can’t edit that user.')); 67 67 // The new role of the current user must also have promote_users caps 68 if ( $id == $current_user->ID && ! current_user_can('promote_users') ) {68 if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('promote_users') ) { 69 69 $update = 'err_admin_role'; 70 70 continue; … … 79 79 } 80 80 81 $redirect = add_query_arg( 'update', $update, $redirect ); 81 wp_redirect(add_query_arg('update', $update, $redirect)); 82 exit(); 82 83 83 84 break; … … 89 90 check_admin_referer('delete-users'); 90 91 91 if ( empty($_REQUEST['users']) ) 92 break; 92 if ( empty($_REQUEST['users']) ) { 93 wp_redirect($redirect); 94 exit(); 95 } 93 96 94 97 if ( ! current_user_can( 'delete_users' ) ) … … 123 126 124 127 $redirect = add_query_arg( array('delete_count' => $delete_count, 'update' => $update), $redirect); 128 wp_redirect($redirect); 129 exit(); 125 130 126 131 break; … … 132 137 check_admin_referer('bulk-users'); 133 138 134 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) 135 break; 139 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) { 140 wp_redirect($redirect); 141 exit(); 142 } 136 143 137 144 if ( ! current_user_can( 'delete_users' ) ) … … 142 149 else 143 150 $userids = $_REQUEST['users']; 144 145 $redirect = false;146 151 147 152 include ('admin-header.php'); … … 187 192 </form> 188 193 <?php 189 include('./admin-footer.php');190 194 191 195 break; … … 194 198 check_admin_referer('remove-users'); 195 199 196 if ( empty($_REQUEST['users']) ) 197 break; 200 if ( empty($_REQUEST['users']) ) { 201 wp_redirect($redirect); 202 exit; 203 } 198 204 199 205 if ( !current_user_can('remove_users') ) … … 217 223 218 224 $redirect = add_query_arg( array('update' => $update), $redirect); 225 wp_redirect($redirect); 226 exit; 219 227 220 228 break; … … 224 232 check_admin_referer('bulk-users'); 225 233 226 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) 227 break; 234 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) { 235 wp_redirect($redirect); 236 exit(); 237 } 228 238 229 239 if ( !current_user_can('remove_users') ) … … 234 244 else 235 245 $userids = $_REQUEST['users']; 236 237 $redirect = false;238 246 239 247 include ('admin-header.php'); … … 272 280 </form> 273 281 <?php 274 include('./admin-footer.php');275 282 276 283 break; … … 278 285 default: 279 286 280 } // end of the $doaction switch 281 282 if ( $redirect ) 283 wp_redirect( $redirect ); 284 exit(); 285 286 } // end of the $doaction if 287 elseif ( !empty($_GET['_wp_http_referer']) ) { 287 if ( !empty($_GET['_wp_http_referer']) ) { 288 288 wp_redirect(remove_query_arg(array('_wp_http_referer', '_wpnonce'), stripslashes($_SERVER['REQUEST_URI']))); 289 289 exit; 290 }290 } 291 291 292 292 $wp_list_table->prepare_items(); … … 379 379 </div> 380 380 <?php 381 break; 382 383 } // end of the $doaction switch 381 384 382 385 include('./admin-footer.php');
Note: See TracChangeset
for help on using the changeset viewer.