Changeset 19686
- Timestamp:
- 01/05/2012 08:38:40 PM (13 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/user.php
r18812 r19686 10 10 * Creates a new user from the "Users" form using $_POST information. 11 11 * 12 * It seems that the first half is for backwards compatibility, but only13 * has the ability to alter the user's role. WordPress core seems to14 * use this function only in the second way, running edit_user() with15 * no id so as to create a new user.16 *17 12 * @since 2.0 18 13 * 19 * @param int $user_id Optional. User ID.20 14 * @return null|WP_Error|int Null when adding user, WP_Error or User ID integer when no parameters. 21 15 */ 22 16 function add_user() { 23 if ( func_num_args() ) { // The hackiest hack that ever did hack 24 global $wp_roles; 25 $user_id = (int) func_get_arg( 0 ); 26 27 if ( isset( $_POST['role'] ) ) { 28 $new_role = sanitize_text_field( $_POST['role'] ); 29 // Don't let anyone with 'edit_users' (admins) edit their own role to something without it. 30 if ( $user_id != get_current_user_id() || $wp_roles->role_objects[$new_role]->has_cap( 'edit_users' ) ) { 31 // If the new role isn't editable by the logged-in user die with error 32 $editable_roles = get_editable_roles(); 33 if ( empty( $editable_roles[$new_role] ) ) 34 wp_die(__('You can’t give users that role.')); 35 36 $user = new WP_User( $user_id ); 37 $user->set_role( $new_role ); 38 } 39 } 40 } else { 41 add_action( 'user_register', 'add_user' ); // See above 42 return edit_user(); 43 } 17 return edit_user(); 44 18 } 45 19
Note: See TracChangeset
for help on using the changeset viewer.