Context Navigation

ms.php

Timestamp:

07/09/2015 04:15:30 PM (11 years ago)

Author:

jeremyfelt

Message:

Do not allow deletion of a super admin user through wpmu_delete_user().

In step with the UI provided by wp-admin/network/users.php, super admin privileges must be removed before a user can be deleted through the API.

Props @johnjamesjacoby, @jeremyfelt.
Fixes #32935.

File:

-                      r33081
+                      r33143
     if ( !$user->exists() )
         return false;
+    // Global super-administrators are protected, and cannot be deleted.
+    $_super_admins = get_super_admins();
+    if ( in_array( $user->user_login, $_super_admins, true ) ) {
+        return false;
+    }
     /**
      * Fires before a user is deleted from the network.

Note: See TracChangeset for help on using the changeset viewer.