Changeset 2702
- Timestamp:
- 07/09/2005 01:27:46 AM (19 years ago)
- Location:
- trunk
- Files:
-
- 1 added
- 13 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/admin-db.php
r2701 r2702 14 14 $level_key = $wpdb->prefix . 'user_level'; 15 15 if ( 1 < $user->user_level ) { 16 $editable = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value <= '$user->user_level' AND user_id != $user_id"); 17 if( is_array( $editable ) == false ) 16 $editable = get_editable_user_ids( $user_id ); 17 18 if( !$editable ) { 18 19 $other_drafts = ''; 19 else {20 } else { 20 21 $editable = join(',', $editable); 21 $other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) ");22 $other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) AND post_author != '$user_id' "); 22 23 } 23 24 } else { … … 27 28 } 28 29 30 function get_editable_authors( $user_id ) { 31 global $wpdb; 32 $user = get_userdata( $user_id ); 33 $level_key = $wpdb->prefix . 'user_level'; 34 35 if ( 7 > $user->user_level ) // TODO: ROLE SYSTEM 36 return false; 37 38 $editable = get_editable_user_ids( $user_id ); 39 40 if( !$editable ) 41 return false; 42 else { 43 $editable = join(',', $editable); 44 $authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable)" ); 45 } 46 47 return apply_filters('get_editable_authors', $authors); 48 } 49 50 function get_editable_user_ids( $user_id, $exclude_zeros = true ) { 51 global $wpdb; 52 $user = get_userdata( $user_id ); 53 $level_key = $wpdb->prefix . 'user_level'; 54 55 $query = "SELECT * FROM $wpdb->usermeta WHERE meta_key = '$level_key'"; 56 if ( $exclude_zeros ) 57 $query .= " AND meta_value != '0'"; 58 $possible = $wpdb->get_results( $query ); 59 60 if ( !$possible ) 61 return false; 62 63 $user_ids = array(); 64 foreach ( $possible as $mark ) 65 if ( intval($mark->meta_value) <= $user->user_level ) 66 $user_ids[] = $mark->user_id; 67 if ( empty( $user_ids ) ) 68 return false; 69 return $user_ids; 70 } 71 72 function get_author_user_ids() { 73 global $wpdb; 74 $level_key = $wpdb->prefix . 'user_level'; 75 76 $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'"; 77 78 return $wpdb->get_col( $query ); 79 } 80 81 function get_nonauthor_user_ids() { 82 global $wpdb; 83 $level_key = $wpdb->prefix . 'user_level'; 84 85 $query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'"; 86 87 return $wpdb->get_col( $query ); 88 } 89 29 90 ?> -
trunk/wp-admin/admin-functions.php
r2701 r2702 438 438 // Dandy new recursive multiple category stuff. 439 439 function cat_rows($parent = 0, $level = 0, $categories = 0) { 440 global $wpdb, $class, $user_level; 441 if (!$categories) 440 global $wpdb, $class, $current_user; 441 442 $user_level = $current_user->user_level; 443 444 if ( !$categories ) 442 445 $categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name"); 443 446 -
trunk/wp-admin/edit-form-advanced.php
r2651 r2702 105 105 <?php endif; ?> 106 106 107 <?php if ( $user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) :?>107 <?php if ( $authors = get_editable_authors( $current_user->ID ) ) : // TODO: ROLE SYSTEM ?> 108 108 <fieldset id="authordiv" class="dbx-box"> 109 109 <h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3> … … 111 111 <select name="post_author_override" id="post_author_override"> 112 112 <?php 113 foreach ($ users as $o) :113 foreach ($authors as $o) : 114 114 $o = get_userdata( $o->ID ); 115 115 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; -
trunk/wp-admin/edit-page-form.php
r2699 r2702 109 109 <td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post->post_name ?>" /></td> 110 110 </tr> 111 <?php if ( $user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) :?>111 <?php if ( $authors = get_editable_authors( $current_user->ID ) ) : // TODO: ROLE SYSTEM ?> 112 112 <tr> 113 113 <th scope="row" width="30%"><?php _e('Page owner'); ?>:</th> … … 115 115 <select name="post_author" id="post_author"> 116 116 <?php 117 foreach ($ users as $o) :117 foreach ($authors as $o) : 118 118 $o = get_userdata( $o->ID ); 119 119 if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"'; -
trunk/wp-admin/edit-pages.php
r2264 r2702 12 12 13 13 <?php 14 /* 14 15 if (isset($user_ID) && ('' != intval($user_ID))) { 15 16 $posts = $wpdb->get_results(" … … 19 20 AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID) 20 21 "); 21 } else { 22 } else { */ 22 23 $posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'"); 23 } 24 // } FIXME 24 25 25 26 if ($posts) { -
trunk/wp-admin/post.php
r2701 r2702 355 355 <div class="wrap"> 356 356 <?php _e('<h3>WordPress bookmarklet</h3> 357 <p> You can drag the following link to your links bar or add it to your bookmarks and when you "Press it" it will open up a popup window with information and a link to the site you’re currently browsing so you can make a quick post about it. Try it out:</p>') ?>357 <p>Right click on the following link and choose "Add to favorites" to create a posting shortcut.</p>') ?> 358 358 <p> 359 359 -
trunk/wp-admin/upgrade-functions.php
r2699 r2702 253 253 endif; 254 254 endforeach; 255 $old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname' );255 $old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname', 'user_level' ); 256 256 $wpdb->hide_errors(); 257 257 foreach ( $old_user_fields as $old ) -
trunk/wp-admin/upgrade-schema.php
r2701 r2702 131 131 user_url varchar(100) NOT NULL default '', 132 132 user_registered datetime NOT NULL default '0000-00-00 00:00:00', 133 user_level int(2) unsigned NOT NULL default '0',134 133 user_activation_key varchar(60) NOT NULL default '', 135 134 user_status int(11) NOT NULL default '0', -
trunk/wp-admin/user-edit.php
r2644 r2702 173 173 </th> 174 174 <td> <select name="display_name"> 175 <option value="<?php echo $ profiledata->display_name; ?>"><?php echo $profiledata->display_name; ?></option>176 <option value="<?php echo $ profiledata->nickname ?>"><?php echo $profiledata->nickname ?></option>177 <option value="<?php echo $ profiledata->user_login ?>"><?php echo $profiledata->user_login ?></option>178 <?php if ( !empty( $ profiledata->first_name ) ) : ?>179 <option value="<?php echo $ profiledata->first_name ?>"><?php echo $profiledata->first_name ?></option>175 <option value="<?php echo $edituser->display_name; ?>"><?php echo $edituser->display_name; ?></option> 176 <option value="<?php echo $edituser->nickname ?>"><?php echo $edituser->nickname ?></option> 177 <option value="<?php echo $edituser->user_login ?>"><?php echo $edituser->user_login ?></option> 178 <?php if ( !empty( $edituser->first_name ) ) : ?> 179 <option value="<?php echo $edituser->first_name ?>"><?php echo $edituser->first_name ?></option> 180 180 <?php endif; ?> 181 <?php if ( !empty( $ profiledata->last_name ) ) : ?>182 <option value="<?php echo $ profiledata->last_name ?>"><?php echo $profiledata->last_name ?></option>181 <?php if ( !empty( $edituser->last_name ) ) : ?> 182 <option value="<?php echo $edituser->last_name ?>"><?php echo $edituser->last_name ?></option> 183 183 <?php endif; ?> 184 <?php if ( !empty( $ profiledata->first_name ) && !empty( $profiledata->last_name ) ) : ?>185 <option value="<?php echo $ profiledata->first_name." ".$profiledata->last_name ?>"><?php echo $profiledata->first_name." ".$profiledata->last_name ?></option>186 <option value="<?php echo $ profiledata->last_name." ".$profiledata->first_name ?>"><?php echo $profiledata->last_name." ".$profiledata->first_name ?></option>184 <?php if ( !empty( $edituser->first_name ) && !empty( $edituser->last_name ) ) : ?> 185 <option value="<?php echo $edituser->first_name." ".$edituser->last_name ?>"><?php echo $edituser->first_name." ".$edituser->last_name ?></option> 186 <option value="<?php echo $edituser->last_name." ".$edituser->first_name ?>"><?php echo $edituser->last_name." ".$edituser->first_name ?></option> 187 187 <?php endif; ?> 188 188 </select> -
trunk/wp-admin/users.php
r2698 r2702 1 1 <?php 2 2 require_once('admin.php'); 3 require_once( ABSPATH . WPINC . '/registration-functions.php'); 3 4 4 5 $title = __('Users'); 5 6 $parent_file = 'profile.php'; 6 7 7 $wpvarstoreset = array('action'); 8 for ($i=0; $i<count($wpvarstoreset); $i += 1) { 9 $wpvar = $wpvarstoreset[$i]; 10 if (!isset($$wpvar)) { 11 if (empty($_POST["$wpvar"])) { 12 if (empty($_GET["$wpvar"])) { 13 $$wpvar = ''; 14 } else { 15 $$wpvar = $_GET["$wpvar"]; 16 } 17 } else { 18 $$wpvar = $_POST["$wpvar"]; 19 } 20 } 21 } 8 $action = $_REQUEST['action']; 22 9 23 10 switch ($action) { … … 48 35 $user_nickname = $user_login; 49 36 50 /* checking that the username isn't already used by another user */ 51 $loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'"); 52 if ($loginthere) 37 if ( username_exists( $user_login ) ) 53 38 die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.')); 54 39 55 40 /* checking e-mail address */ 56 if (empty($ _POST["email"])) {41 if (empty($user_email)) { 57 42 die (__("<strong>ERROR</strong>: please type an e-mail address")); 58 43 return false; 59 } else if (!is_email($ _POST["email"])) {44 } else if (!is_email($user_email)) { 60 45 die (__("<strong>ERROR</strong>: the email address isn't correct")); 61 46 return false; 62 47 } 63 48 64 $user_ID = $wpdb->get_var("SELECT ID FROM $wpdb->users ORDER BY ID DESC LIMIT 1") + 1; 65 66 $user_nicename = sanitize_title($user_nickname, $user_ID); 67 $user_uri = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $user_uri) ? $user_uri : 'http://' . $user_uri; 68 $now = gmdate('Y-m-d H:i:s'); 69 $new_users_can_blog = get_settings('new_users_can_blog'); 70 71 $result = $wpdb->query("INSERT INTO $wpdb->users 72 (user_login, user_pass, user_email, user_registered, user_level, user_nicename, user_url) 73 VALUES 74 ('$user_login', MD5('$pass1'), '$user_email', '$now', '$new_users_can_blog', '$user_nicename', '$user_uri')"); 75 76 if ($result == false) 77 die (__('<strong>ERROR</strong>: Couldn’t register you!')); 78 49 $user_ID = create_user( $user_login, $pass1, $user_email, 0 ); 50 51 update_usermeta( $user_ID, 'first_name', $user_firstname); 52 update_usermeta( $user_ID, 'last_name', $user_lastname); 53 update_usermeta( $user_ID, 'first_name', $user_firstname); 54 79 55 $stars = ''; 80 56 for ($i = 0; $i < strlen($pass1); $i = $i + 1) … … 97 73 } 98 74 99 $id = $_GET['id'];75 $id = (int) $_GET['id']; 100 76 $prom = $_GET['prom']; 101 77 102 78 $user_data = get_userdata($id); 79 103 80 $usertopromote_level = $user_data->user_level; 104 81 105 if ( $user_level <= $usertopromote_level) {82 if ( $user_level <= $usertopromote_level ) 106 83 die(__('Can’t change the level of a user whose level is higher than yours.')); 107 }108 84 109 85 if ('up' == $prom) { 110 86 $new_level = $usertopromote_level + 1; 111 $sql="UPDATE $wpdb->users SET user_level=$new_level WHERE ID = $id AND $new_level < $user_level";112 87 } elseif ('down' == $prom) { 113 88 $new_level = $usertopromote_level - 1; 114 $sql="UPDATE $wpdb->users SET user_level=$new_level WHERE ID = $id AND $new_level < $user_level"; 115 } 116 $result = $wpdb->query($sql); 89 } 90 update_usermeta( $id, $wpdb->prefix . 'user_level', $new_level); 117 91 118 92 header('Location: users.php'); … … 164 138 </tr> 165 139 <?php 166 $users = $wpdb->get_results("SELECT ID FROM $wpdb->users WHERE user_level > 0 ORDER BY ID"); 140 $authors = 141 $users = get_author_user_ids(); 167 142 $style = ''; 168 143 foreach ($users as $user) { 169 $user_data = get_userdata($user ->ID);144 $user_data = get_userdata($user); 170 145 $email = $user_data->user_email; 171 146 $url = $user_data->user_url; … … 177 152 $short_url = substr($short_url, 0, 32).'...'; 178 153 $style = ('class="alternate"' == $style) ? '' : 'class="alternate"'; 179 $numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_author = $user->IDand post_status = 'publish'");154 $numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_author = '$user' and post_status = 'publish'"); 180 155 if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_data->ID' title='" . __('View posts') . "'>$numposts</a>"; 181 156 echo " … … 206 181 207 182 <?php 208 $users = $wpdb->get_results("SELECT * FROM $wpdb->users WHERE user_level = 0 ORDER BY ID");183 $users = get_nonauthor_user_ids(); 209 184 if ($users) { 210 185 ?> … … 225 200 $style = ''; 226 201 foreach ($users as $user) { 227 $user_data = get_userdata($user ->ID);202 $user_data = get_userdata($user); 228 203 $email = $user_data->user_email; 229 204 $url = $user_data->user_url; -
trunk/wp-includes/functions.php
r2699 r2702 1226 1226 function update_user_cache() { 1227 1227 global $cache_userdata, $wpdb; 1228 $query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE user_level > 0"); 1228 $level_key = $wpdb->prefix . 'user_level'; 1229 $user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'"); 1230 $user_ids = join(',', $user_ids); 1231 $query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)"); 1229 1232 if ( $users = $wpdb->get_results( $query ) ) : 1230 1233 foreach ($users as $user) : 1231 1234 $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'"); 1232 if ( is_array($metavalues) ) 1233 foreach ( $metavalues as $meta ) 1234 $user->{$meta->meta_key} = $meta->meta_value; 1235 foreach ( $metavalues as $meta ) { 1236 $user->{$meta->meta_key} = $meta->meta_value; 1237 // We need to set user_level from meta, not row 1238 if ( $wpdb->prefix . 'user_level' == $meta->meta_key ) 1239 $user->user_level = $meta->meta_value; 1240 } 1235 1241 1236 1242 $cache_userdata[$user->ID] = $user; … … 1956 1962 function update_usermeta( $user_id, $meta_key, $meta_value ) { 1957 1963 global $wpdb; 1958 $user_id = (int) $user_id; 1964 if ( !is_numeric( $user_id ) ) 1965 return false; 1959 1966 $meta_key = preg_replace('|a-z0-9_|i', '', $meta_key); 1960 1967 $cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'"); -
trunk/wp-includes/pluggable-functions.php
r2688 r2702 7 7 if ( !function_exists('get_currentuserinfo') ) : 8 8 function get_currentuserinfo() { 9 global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity ;9 global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user; 10 10 11 11 if ( !isset($_COOKIE['wordpressuser_' . COOKIEHASH])) … … 18 18 $user_email = $userdata->user_email; 19 19 $user_url = $userdata->user_url; 20 21 20 $user_pass_md5 = md5($userdata->user_pass); 22 23 21 $user_identity = $userdata->display_name; 22 $current_user = $userdata; 24 23 } 25 24 endif; … … 40 39 $metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'"); 41 40 42 foreach ( $metavalues as $meta ) 41 foreach ( $metavalues as $meta ) { 43 42 $user->{$meta->meta_key} = $meta->meta_value; 43 // We need to set user_level from meta, not row 44 if ( $wpdb->prefix . 'user_level' == $meta->meta_key ) 45 $user->user_level = $meta->meta_value; 46 } 44 47 45 48 $cache_userdata[$user_id] = $user; -
trunk/wp-register.php
r2636 r2702 1 1 <?php 2 2 require('./wp-config.php'); 3 require_once( ABSPATH . WPINC . '/registration-functions.php'); 3 4 4 $wpvarstoreset = array('action'); 5 for ($i=0; $i<count($wpvarstoreset); $i += 1) { 6 $wpvar = $wpvarstoreset[$i]; 7 if (!isset($$wpvar)) { 8 if (empty($_POST["$wpvar"])) { 9 if (empty($_GET["$wpvar"])) { 10 $$wpvar = ''; 11 } else { 12 $$wpvar = $_GET["$wpvar"]; 13 } 14 } else { 15 $$wpvar = $_POST["$wpvar"]; 16 } 17 } 18 } 19 5 $action = $_REQUEST['action']; 20 6 if ( !get_settings('users_can_register') ) 21 7 $action = 'disabled'; … … 23 9 header( 'Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset') ); 24 10 25 switch( $action) {11 switch( $action ) { 26 12 27 13 case 'register': … … 40 26 } 41 27 42 if ( $result = $wpdb->get_row("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'") )28 if ( username_exists( $user_login ) ) 43 29 die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.')); 44 30 45 $user_login = $wpdb->escape( sanitize_user($user_login) ) );46 $user_nicename = sanitize_title($user_nickname);47 $now = gmdate('Y-m-d H:i:s');48 31 $user_level = get_settings('new_users_can_blog'); 49 32 $password = substr( md5( uniqid( microtime() ) ), 0, 7); 50 33 51 $result = $wpdb->query("INSERT INTO $wpdb->users 52 (user_login, user_pass, user_email, user_registered, user_level, user_nicename) 53 VALUES 54 ('$user_login', MD5('$password'), '$user_email', '$now', '$user_level', '$user_nicename')"); 34 $user_id = create_user( $user_login, $password, $user_email, $user_level ); 55 35 56 do_action('user_register', $ wpdb->insert_id);36 do_action('user_register', $user_id); 57 37 58 if ( $result == false) {38 if ( !$user_id ) { 59 39 die (sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email'))); 60 40 }
Note: See TracChangeset
for help on using the changeset viewer.