Make WordPress Core

Changeset 19686


Ignore:
Timestamp:
01/05/2012 08:38:40 PM (13 years ago)
Author:
duck_
Message:

Remove "the hackiest hack that ever did hack" from add_user(). wp_insert_user()/edit_user() can deal with adding new users of any defined role. Fixes #18749.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/includes/user.php

    r18812 r19686  
    1010 * Creates a new user from the "Users" form using $_POST information.
    1111 *
    12  * It seems that the first half is for backwards compatibility, but only
    13  * has the ability to alter the user's role. WordPress core seems to
    14  * use this function only in the second way, running edit_user() with
    15  * no id so as to create a new user.
    16  *
    1712 * @since 2.0
    1813 *
    19  * @param int $user_id Optional. User ID.
    2014 * @return null|WP_Error|int Null when adding user, WP_Error or User ID integer when no parameters.
    2115 */
    2216function add_user() {
    23     if ( func_num_args() ) { // The hackiest hack that ever did hack
    24         global $wp_roles;
    25         $user_id = (int) func_get_arg( 0 );
    26 
    27         if ( isset( $_POST['role'] ) ) {
    28             $new_role = sanitize_text_field( $_POST['role'] );
    29             // Don't let anyone with 'edit_users' (admins) edit their own role to something without it.
    30             if ( $user_id != get_current_user_id() || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) {
    31                 // If the new role isn't editable by the logged-in user die with error
    32                 $editable_roles = get_editable_roles();
    33                 if ( empty( $editable_roles[$new_role] ) )
    34                     wp_die(__('You can’t give users that role.'));
    35 
    36                 $user = new WP_User( $user_id );
    37                 $user->set_role( $new_role );
    38             }
    39         }
    40     } else {
    41         add_action( 'user_register', 'add_user' ); // See above
    42         return edit_user();
    43     }
     17    return edit_user();
    4418}
    4519
Note: See TracChangeset for help on using the changeset viewer.