Make WordPress Core


Ignore:
Timestamp:
06/08/2006 06:36:05 PM (18 years ago)
Author:
ryan
Message:

User management improvements from Mark Jaquith and David House. #2793

File:
1 edited

Legend:

Unmodified
Added
Removed
  • trunk/wp-admin/users.php

    r3846 r3857  
    44
    55$title = __('Users');
    6 $parent_file = 'profile.php';
     6if ( current_user_can('edit_users') )
     7    $parent_file = 'users.php';
     8else
     9    $parent_file = 'profile.php';
    710
    811$action = $_REQUEST['action'];
    912$update = '';
    1013
     14if ( empty($_POST) ) {
     15    $referer = '<input type="hidden" name="wp_http_referer" value="'. wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
     16} elseif ( isset($_POST['wp_http_referer']) ) {
     17    $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), urlencode(stripslashes($_POST['wp_http_referer'])));
     18    $referer = '<input type="hidden" name="wp_http_referer" value="' . wp_specialchars($redirect) . '" />';
     19} else {
     20    $redirect = 'users.php';
     21}
     22
    1123switch ($action) {
    1224
     
    1527
    1628    if (empty($_POST['users'])) {
    17         header('Location: users.php');
     29        header('Location: ' . $redirect);
    1830    }
    1931
     
    2133        die(__('You can&#8217;t edit users.'));
    2234
    23     $userids = $_POST['users'];
     35    $userids = $_POST['users'];
    2436    $update = 'promote';
    25     foreach($userids as $id) {
    26         if ( ! current_user_can('edit_user', $id) )
    27             die(__('You can&#8217;t edit that user.'));
     37    foreach($userids as $id) {
     38        if ( ! current_user_can('edit_user', $id) )
     39            die(__('You can&#8217;t edit that user.'));
    2840        // The new role of the current user must also have edit_users caps
    2941        if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) {
     
    3244        }
    3345
    34         $user = new WP_User($id);
    35         $user->set_role($_POST['new_role']);
    36     }
    37 
    38     header('Location: users.php?update=' . $update);
     46        $user = new WP_User($id);
     47        $user->set_role($_POST['new_role']);
     48    }
     49
     50    header('Location: ' . add_query_arg('update', $update, $redirect));
    3951
    4052break;
     
    4557
    4658    if ( empty($_POST['users']) ) {
    47         header('Location: users.php');
     59        header('Location: ' . $redirect);
    4860    }
    4961
     
    5264
    5365    $userids = $_POST['users'];
    54 
    5566    $update = 'del';
    56     foreach ($userids as $id) {
    57         if ( ! current_user_can('delete_user', $id) )
    58             die(__('You can&#8217;t delete that user.'));
    59  
     67    $delete_count = 0;
     68
     69    foreach ( (array) $userids as $id) {
     70        if ( ! current_user_can('delete_user', $id) )
     71            die(__('You can&#8217;t delete that user.'));
     72
    6073        if($id == $current_user->id) {
    6174            $update = 'err_admin_del';
    6275            continue;
    6376        }
    64         switch($_POST['delete_option']) {
     77        switch($_POST['delete_option']) {
    6578        case 'delete':
    6679            wp_delete_user($id);
     
    7083            break;
    7184        }
    72     }
    73 
    74     header('Location: users.php?update=' . $update);
     85        ++$delete_count;
     86    }
     87
     88    $redirect = add_query_arg('delete_count', $delete_count, $redirect);
     89
     90    header('Location: ' . add_query_arg('update', $update, $redirect));
    7591
    7692break;
     
    8096    check_admin_referer('bulk-users');
    8197
    82     if (empty($_POST['users'])) {
    83         header('Location: users.php');
    84     }
     98    if ( empty($_POST['users']) )
     99        header('Location: ' . $redirect);
    85100
    86101    if ( !current_user_can('delete_users') )
    87         $error = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
     102        $errors = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
    88103
    89104    $userids = $_POST['users'];
     
    93108<form action="" method="post" name="updateusers" id="updateusers">
    94109<?php wp_nonce_field('delete-users') ?>
     110<?php echo $referer; ?>
    95111<div class="wrap">
    96112<h2><?php _e('Delete Users'); ?></h2>
     
    99115<?php
    100116    $go_delete = false;
    101     foreach ($userids as $id) {
    102         $user = new WP_User($id);
    103         if ($id == $current_user->id) {
     117    foreach ( (array) $userids as $id ) {
     118        $user = new WP_User($id);
     119        if ( $id == $current_user->id ) {
    104120            echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n";
    105121        } else {
     
    107123            $go_delete = true;
    108124        }
    109     }
    110     $all_logins = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY user_login");
    111     $user_dropdown = '<select name="reassign_user">';
    112     foreach ($all_logins as $login) {
    113         if ( $login->ID == $current_user->id || !in_array($login->ID, $userids) ) {
    114             $user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>";
    115         }
    116     }
    117     $user_dropdown .= '</select>';
    118     ?>
    119     </ul>
    120 <?php if($go_delete) : ?>
    121     <p><?php _e('What should be done with posts and links owned by this user?'); ?></p>
     125    }
     126    $all_logins = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY user_login");
     127    $user_dropdown = '<select name="reassign_user">';
     128    foreach ( (array) $all_logins as $login )
     129        if ( $login->ID == $current_user->id || !in_array($login->ID, $userids) )
     130            $user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>";
     131    $user_dropdown .= '</select>';
     132    ?>
     133    </ul>
     134<?php if ( $go_delete ) : ?>
     135    <p><?php _e('What should be done with posts and links owned by this user?'); ?></p>
    122136    <ul style="list-style:none;">
    123137        <li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />
     
    144158
    145159    $user_id = add_user();
     160    $update = 'add';
    146161    if ( is_wp_error( $user_id ) )
    147         $errors = $user_id;
     162        $add_user_errors = $user_id;
    148163    else {
    149         header('Location: users.php?update=add');
     164        $new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_POST['user_login']), true));
     165        $redirect = add_query_arg('usersearch', $new_user_login, $redirect);
     166        header('Location: ' . add_query_arg('update', $update, $redirect) . '#user-' . $user_id);
    150167        die();
    151168    }
    152169
    153170default:
    154     wp_enqueue_script( 'admin-users' );
    155 
    156     include ('admin-header.php');
    157 
    158     $userids = $wpdb->get_col("SELECT ID FROM $wpdb->users;");
    159 
    160     foreach($userids as $userid) {
     171    wp_enqueue_script('admin-users');
     172
     173    include('admin-header.php');
     174
     175    /* Paging and Search by Mark Jaquith, June 6th, 2006 */
     176
     177    $users_per_page = 50;
     178
     179    $page = (int) $_GET['userspage'];
     180    if ( !$page )
     181        $page = 1;
     182
     183    $starton = ($page - 1) * $users_per_page;
     184
     185    $limit = 'LIMIT ' . $starton . ',' .  $users_per_page;
     186
     187    $search_term = $_GET['usersearch'];
     188    if ( $search_term ) {
     189        $searches = array();
     190        $search_sql = 'AND (';
     191        foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
     192            $searches[] = $col . " LIKE '%$search_term%'";
     193        $search_sql .= implode(' OR ', $searches);
     194        $search_sql .= ')';
     195        $search_term = stripslashes($search_term); // done with DB, from now on we want slashes gone
     196    }
     197
     198    if ( !$_GET['update'] && !$search_term && !$_GET['userspage'] && $wpdb->get_var("SELECT COUNT(ID) FROM $wpdb->users") > $users_per_page )
     199        $too_many_users = sprintf(__('Because this blog has more than %s users, they cannot all be shown on one page.  Use the paging or search functionality in order to find the user you want to edit.'), $users_per_page);
     200
     201    $from_where = "FROM $wpdb->users WHERE 1=1 $search_sql";
     202    $userids = $wpdb->get_col('SELECT ID ' . $from_where . $limit);
     203
     204    if ( $userids )
     205        $total_users_for_this_query = $wpdb->get_var('SELECT COUNT(ID) ' . $from_where); // no limit
     206    else
     207        $errors = new WP_Error('no_matching_users_found', __('No matching users were found!'));
     208
     209    // Now for the paging
     210    if ( $total_users_for_this_query > $users_per_page ) { // have to page the results
     211        $prev_page = ( $page > 1) ? true : false;
     212        $next_page = ( ($page * $users_per_page) < $total_users_for_this_query ) ? true : false;
     213        $paging_text = '';
     214        if ( $prev_page )
     215            $paging_text .= '<p class="alignleft"><a href="' . add_query_arg(array('usersearch' => $search_term, 'userspage' => $page - 1), 'users.php?') . '">&laquo; Previous Page</a></p>';
     216        if ( $next_page )
     217            $paging_text .= '<p class="alignright"><a href="' . add_query_arg(array('usersearch' => $search_term, 'userspage' => $page + 1), 'users.php?') . '">Next Page &raquo;</a></p>';
     218        if ( $prev_page || $next_page )
     219            $paging_text .= '<br style="clear:both" />';
     220    }
     221
     222    // Clean up, we're done with these variables
     223    unset($prev_page, $next_page, $limit, $searches, $search_sql, $col);
     224
     225    // Make the user objects
     226    foreach ( (array) $userids as $userid ) {
    161227        $tmp_user = new WP_User($userid);
    162228        $roles = $tmp_user->roles;
     
    165231    }
    166232
    167     ?>
    168 
    169     <?php
    170     if (isset($_GET['update'])) :
     233    if ( isset($_GET['update']) ) :
    171234        switch($_GET['update']) {
    172235        case 'del':
    173         ?>
    174             <div id="message" class="updated fade"><p><?php _e('User deleted.'); ?></p></div>
     236        case 'del_many':
     237        ?>
     238            <?php $delete_count = (int) $_GET['delete_count']; ?>
     239            <div id="message" class="updated fade"><p><?php printf(__('%1$s %2$s deleted.'), $delete_count, __ngettext('user', 'users', $delete_count) ); ?></p></div>
    175240        <?php
    176241            break;
     
    198263            break;
    199264        }
    200     endif;
    201     if ( is_wp_error( $errors ) ) : ?>
     265    endif; ?>
     266
     267<?php if ( is_wp_error( $errors ) ) : ?>
    202268    <div class="error">
    203269        <ul>
    204270        <?php
    205271            foreach ( $errors->get_error_messages() as $message )
    206                  echo "<li>$message</li>";
     272                echo "<li>$message</li>";
    207273        ?>
    208274        </ul>
    209275    </div>
    210     <?php
    211     endif;
    212     ?>
     276<?php endif; ?>
     277
     278<?php if ( $too_many_users ) : ?>
     279    <div id="message" class="updated">
     280        <p><?php echo $too_many_users; ?></p>
     281    </div>
     282<?php endif; ?>
     283
     284<div class="wrap">
     285    <h2><?php _e('Search For Users'); ?></h2>
     286    <form action="" method="get" name="search" id="search">
     287        <p><input type="text" name="usersearch" id="usersearch" value="<?php echo wp_specialchars($search_term); ?>" /> <input type="submit" value="Search &raquo;" /></p>
     288    </form>
     289    <?php if ( $search_term ) : ?>
     290        <p><a href="users.php"><?php _e('&laquo; Back to All Users'); ?></a></p>
     291    <?php endif; ?>
     292</div>
     293
     294<?php if ( $userids ) : ?>
    213295
    214296<form action="" method="post" name="updateusers" id="updateusers">
    215297<?php wp_nonce_field('bulk-users') ?>
    216298<div class="wrap">
    217     <h2><?php _e('User List by Role'); ?></h2>
     299    <?php if ( $search_term ) : ?>
     300        <h2><?php printf(__('Users Matching "%s" by Role'), $search_term); ?></h2>
     301        <div class="user-paging-text"><?php echo $paging_text; ?></div>
     302    <?php else : ?>
     303        <h2><?php _e('User List by Role'); ?></h2>
     304        <?php if ( $paging_text ) : ?>
     305            <div class="user-paging-text"><?php echo $paging_text; ?></p></div>
     306        <?php endif; ?>
     307    <?php endif; ?>
     308    <h3><?php printf(__('Results %1$s - %2$s of %3$s shown below'), $starton + 1, min($starton + $users_per_page, $total_users_for_this_query), $total_users_for_this_query); ?></h3>
    218309<table class="widefat">
    219310<?php
     
    223314
    224315<tr>
    225     <th colspan="8" align="left"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th>
     316    <th colspan="7" align="left"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th>
    226317</tr>
    227 <thead>
    228 <tr>
     318<tr class="thead">
    229319    <th style="text-align: left"><?php _e('ID') ?></th>
    230320    <th style="text-align: left"><?php _e('Username') ?></th>
     
    232322    <th style="text-align: left"><?php _e('E-mail') ?></th>
    233323    <th style="text-align: left"><?php _e('Website') ?></th>
    234     <th><?php _e('Posts') ?></th>
    235     <th>&nbsp;</th>
     324    <th colspan="2"><?php _e('Actions') ?></th>
    236325</tr>
    237326</thead>
    238327<tbody id="role-<?php echo $role; ?>"><?php
    239328$style = '';
    240 foreach ($roleclass as $user_object) {
    241     $style = (' class="alternate"' == $style) ? '' : ' class="alternate"';
    242     echo "\n\t" . user_row( $user_object, $style );
    243 }
    244 
    245 ?>
    246 
    247 </tbody>
    248 <?php
     329foreach ( (array) $roleclass as $user_object ) {
     330    $style = ( ' class="alternate"' == $style ) ? '' : ' class="alternate"';
     331    echo "\n\t" . user_row($user_object, $style);
    249332}
    250333?>
     334
     335</tbody>
     336<?php } ?>
    251337</table>
    252338
     339<?php if ( $paging_text ) : ?>
     340    <div class="user-paging-text"><?php echo $paging_text; ?></div>
     341<?php endif; ?>
    253342
    254343    <h2><?php _e('Update Users'); ?></h2>
    255   <ul style="list-style:none;">
    256     <li><input type="radio" name="action" id="action0" value="delete" /> <label for="action0"><?php _e('Delete checked users.'); ?></label></li>
    257     <li>
    258         <input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label>
    259         <select name="new_role"><?php wp_dropdown_roles(); ?></select>
    260     </li>
    261   </ul>
    262     <p class="submit"><input type="submit" value="<?php _e('Update &raquo;'); ?>" /></p>
     344    <ul style="list-style:none;">
     345        <li><input type="radio" name="action" id="action0" value="delete" /> <label for="action0"><?php _e('Delete checked users.'); ?></label></li>
     346        <li>
     347            <input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label>
     348            <select name="new_role"><?php wp_dropdown_roles(); ?></select>
     349        </li>
     350    </ul>
     351    <p class="submit">
     352        <?php echo $referer; ?>
     353        <input type="submit" value="<?php _e('Update &raquo;'); ?>" />
     354    </p>
    263355</div>
    264356</form>
    265357
     358<?php endif; // if users were returned ?>
     359
     360<?php
     361    if ( is_wp_error($add_user_errors) ) {
     362        foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) {
     363            $var = 'new_' . $var;
     364            $$var = wp_specialchars(stripslashes($_POST[$formpost]));
     365        }
     366        unset($name);
     367    }
     368?>
     369
    266370<div class="wrap">
    267 <h2><?php _e('Add New User') ?></h2>
     371<h2 id="add-new-user"><?php _e('Add New User') ?></h2>
    268372<?php echo '<p>'.sprintf(__('Users can <a href="%1$s">register themselves</a> or you can manually create users here.'), get_settings('siteurl').'/wp-register.php').'</p>'; ?>
    269 <form action="" method="post" name="adduser" id="adduser">
    270   <?php wp_nonce_field('add-user') ?>
    271   <table class="editform" width="100%" cellspacing="2" cellpadding="5">
    272     <tr>
    273       <th scope="row" width="33%"><?php _e('Nickname') ?>
    274       <input name="action" type="hidden" id="action" value="adduser" /></th>
    275       <td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" /></td>
    276     </tr>
    277     <tr>
    278       <th scope="row"><?php _e('First Name') ?> </th>
    279       <td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
    280     </tr>
    281     <tr>
    282       <th scope="row"><?php _e('Last Name') ?> </th>
    283       <td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
    284     </tr>
    285     <tr>
    286       <th scope="row"><?php _e('E-mail') ?></th>
    287       <td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
    288     </tr>
    289     <tr>
    290       <th scope="row"><?php _e('Website') ?></th>
    291       <td><input name="url" type="text" id="url" value="<?php echo $new_user_uri; ?>" /></td>
    292     </tr>
    293 <?php
    294 $show_password_fields = apply_filters('show_password_fields', true);
    295 if ( $show_password_fields ) :
    296 ?>
    297     <tr>
    298       <th scope="row"><?php _e('Password (twice)') ?> </th>
    299       <td><input name="pass1" type="password" id="pass1" />
    300       <br />
    301       <input name="pass2" type="password" id="pass2" /></td>
    302     </tr>
    303 <?php endif; ?>
    304     <tr>
    305       <th scope="row"><?php _e('Role'); ?></th>
    306       <td><select name="role" id="role"><?php wp_dropdown_roles( get_settings('default_role') ); ?></select></td>
    307     </tr>
    308   </table>
    309   <p class="submit">
    310     <input name="adduser" type="submit" id="addusersub" value="<?php _e('Add User &raquo;') ?>" />
    311   </p>
    312   </form>
     373<form action="#add-new-user" method="post" name="adduser" id="adduser">
     374<?php wp_nonce_field('add-user') ?>
     375<table class="editform" width="100%" cellspacing="2" cellpadding="5">
     376    <tr>
     377        <th scope="row" width="33%"><?php _e('Nickname') ?><input name="action" type="hidden" id="action" value="adduser" /></th>
     378        <td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" /></td>
     379    </tr>
     380    <tr>
     381        <th scope="row"><?php _e('First Name') ?> </th>
     382        <td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
     383    </tr>
     384    <tr>
     385        <th scope="row"><?php _e('Last Name') ?> </th>
     386        <td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
     387    </tr>
     388    <tr>
     389        <th scope="row"><?php _e('E-mail') ?></th>
     390        <td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
     391    </tr>
     392    <tr>
     393        <th scope="row"><?php _e('Website') ?></th>
     394        <td><input name="url" type="text" id="url" value="<?php echo $new_user_uri; ?>" /></td>
     395    </tr>
     396
     397<?php if ( apply_filters('show_password_fields', true) ) : ?>
     398    <tr>
     399        <th scope="row"><?php _e('Password (twice)') ?> </th>
     400        <td><input name="pass1" type="password" id="pass1" />
     401        <br />
     402        <input name="pass2" type="password" id="pass2" /></td>
     403    </tr>
     404<?php endif; ?>
     405
     406    <tr>
     407        <th scope="row"><?php _e('Role'); ?></th>
     408        <td><select name="role" id="role">
     409            <?php
     410            if ( !$new_user_role )
     411                $new_user_role = get_settings('default_role');
     412            wp_dropdown_roles($new_user_role);
     413            ?>
     414            </select>
     415        </td>
     416    </tr>
     417</table>
     418<p class="submit">
     419    <?php echo $referer; ?>
     420    <input name="adduser" type="submit" id="addusersub" value="<?php _e('Add User &raquo;') ?>" />
     421</p>
     422</form>
     423
     424<?php if ( is_wp_error( $add_user_errors ) ) : ?>
     425    <div class="error">
     426        <ul>
     427        <?php
     428            foreach ( $add_user_errors->get_error_messages() as $message )
     429                echo "$message<br />";
     430        ?>
     431        </ul>
     432    </div>
     433<?php endif; ?>
    313434<div id="ajax-response"></div>
    314435</div>
    315     <?php
    316 
     436
     437<?php
    317438break;
    318 }
     439
     440} // end of the $action switch
    319441
    320442include('admin-footer.php');
Note: See TracChangeset for help on using the changeset viewer.