Changeset 42343 for trunk/src/wp-admin/users.php
- Timestamp:
- 11/30/2017 11:09:33 PM (7 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/users.php
r42228 r42343 19 19 } 20 20 21 $wp_list_table = _get_list_table( 'WP_Users_List_Table');22 $pagenum = $wp_list_table->get_pagenum();23 $title = __('Users');24 $parent_file = 'users.php';21 $wp_list_table = _get_list_table( 'WP_Users_List_Table' ); 22 $pagenum = $wp_list_table->get_pagenum(); 23 $title = __( 'Users' ); 24 $parent_file = 'users.php'; 25 25 26 26 add_screen_option( 'per_page' ); 27 27 28 28 // contextual help - choose Help on the top right of admin panel to preview this. 29 get_current_screen()->add_help_tab( array( 30 'id' => 'overview', 31 'title' => __('Overview'), 32 'content' => '<p>' . __('This screen lists all the existing users for your site. Each user has one of five defined roles as set by the site admin: Site Administrator, Editor, Author, Contributor, or Subscriber. Users with roles other than Administrator will see fewer options in the dashboard navigation when they are logged in, based on their role.') . '</p>' . 33 '<p>' . __('To add a new user for your site, click the Add New button at the top of the screen or Add New in the Users menu section.') . '</p>' 34 ) ) ; 35 36 get_current_screen()->add_help_tab( array( 37 'id' => 'screen-content', 38 'title' => __('Screen Content'), 39 'content' => '<p>' . __('You can customize the display of this screen in a number of ways:') . '</p>' . 40 '<ul>' . 41 '<li>' . __('You can hide/display columns based on your needs and decide how many users to list per screen using the Screen Options tab.') . '</li>' . 42 '<li>' . __( 'You can filter the list of users by User Role using the text links above the users list to show All, Administrator, Editor, Author, Contributor, or Subscriber. The default view is to show all users. Unused User Roles are not listed.' ) . '</li>' . 43 '<li>' . __('You can view all posts made by a user by clicking on the number under the Posts column.') . '</li>' . 44 '</ul>' 45 ) ); 46 47 $help = '<p>' . __('Hovering over a row in the users list will display action links that allow you to manage users. You can perform the following actions:') . '</p>' . 29 get_current_screen()->add_help_tab( 30 array( 31 'id' => 'overview', 32 'title' => __( 'Overview' ), 33 'content' => '<p>' . __( 'This screen lists all the existing users for your site. Each user has one of five defined roles as set by the site admin: Site Administrator, Editor, Author, Contributor, or Subscriber. Users with roles other than Administrator will see fewer options in the dashboard navigation when they are logged in, based on their role.' ) . '</p>' . 34 '<p>' . __( 'To add a new user for your site, click the Add New button at the top of the screen or Add New in the Users menu section.' ) . '</p>', 35 ) 36 ); 37 38 get_current_screen()->add_help_tab( 39 array( 40 'id' => 'screen-content', 41 'title' => __( 'Screen Content' ), 42 'content' => '<p>' . __( 'You can customize the display of this screen in a number of ways:' ) . '</p>' . 43 '<ul>' . 44 '<li>' . __( 'You can hide/display columns based on your needs and decide how many users to list per screen using the Screen Options tab.' ) . '</li>' . 45 '<li>' . __( 'You can filter the list of users by User Role using the text links above the users list to show All, Administrator, Editor, Author, Contributor, or Subscriber. The default view is to show all users. Unused User Roles are not listed.' ) . '</li>' . 46 '<li>' . __( 'You can view all posts made by a user by clicking on the number under the Posts column.' ) . '</li>' . 47 '</ul>', 48 ) 49 ); 50 51 $help = '<p>' . __( 'Hovering over a row in the users list will display action links that allow you to manage users. You can perform the following actions:' ) . '</p>' . 48 52 '<ul>' . 49 '<li>' . __( '<strong>Edit</strong> takes you to the editable profile screen for that user. You can also reach that screen by clicking on the username.') . '</li>';50 51 if ( is_multisite() ) 53 '<li>' . __( '<strong>Edit</strong> takes you to the editable profile screen for that user. You can also reach that screen by clicking on the username.' ) . '</li>'; 54 55 if ( is_multisite() ) { 52 56 $help .= '<li>' . __( '<strong>Remove</strong> allows you to remove a user from your site. It does not delete their content. You can also remove multiple users at once by using Bulk Actions.' ) . '</li>'; 53 else 57 } else { 54 58 $help .= '<li>' . __( '<strong>Delete</strong> brings you to the Delete Users screen for confirmation, where you can permanently remove a user from your site and delete their content. You can also delete multiple users at once by using Bulk Actions.' ) . '</li>'; 59 } 55 60 56 61 $help .= '</ul>'; 57 62 58 get_current_screen()->add_help_tab( array( 59 'id' => 'action-links', 60 'title' => __('Available Actions'), 61 'content' => $help, 62 ) ); 63 get_current_screen()->add_help_tab( 64 array( 65 'id' => 'action-links', 66 'title' => __( 'Available Actions' ), 67 'content' => $help, 68 ) 69 ); 63 70 unset( $help ); 64 71 65 72 get_current_screen()->set_help_sidebar( 66 '<p><strong>' . __('For more information:') . '</strong></p>' .67 '<p>' . __('<a href="https://codex.wordpress.org/Users_Screen">Documentation on Managing Users</a>') . '</p>' .68 '<p>' . __('<a href="https://codex.wordpress.org/Roles_and_Capabilities">Descriptions of Roles and Capabilities</a>') . '</p>' .69 '<p>' . __('<a href="https://wordpress.org/support/">Support Forums</a>') . '</p>'73 '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . 74 '<p>' . __( '<a href="https://codex.wordpress.org/Users_Screen">Documentation on Managing Users</a>' ) . '</p>' . 75 '<p>' . __( '<a href="https://codex.wordpress.org/Roles_and_Capabilities">Descriptions of Roles and Capabilities</a>' ) . '</p>' . 76 '<p>' . __( '<a href="https://wordpress.org/support/">Support Forums</a>' ) . '</p>' 70 77 ); 71 78 72 get_current_screen()->set_screen_reader_content( array( 73 'heading_views' => __( 'Filter users list' ), 74 'heading_pagination' => __( 'Users list navigation' ), 75 'heading_list' => __( 'Users list' ), 76 ) ); 77 78 if ( empty($_REQUEST) ) { 79 $referer = '<input type="hidden" name="wp_http_referer" value="'. esc_attr( wp_unslash( $_SERVER['REQUEST_URI'] ) ) . '" />'; 80 } elseif ( isset($_REQUEST['wp_http_referer']) ) { 81 $redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), wp_unslash( $_REQUEST['wp_http_referer'] ) ); 82 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr($redirect) . '" />'; 79 get_current_screen()->set_screen_reader_content( 80 array( 81 'heading_views' => __( 'Filter users list' ), 82 'heading_pagination' => __( 'Users list navigation' ), 83 'heading_list' => __( 'Users list' ), 84 ) 85 ); 86 87 if ( empty( $_REQUEST ) ) { 88 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr( wp_unslash( $_SERVER['REQUEST_URI'] ) ) . '" />'; 89 } elseif ( isset( $_REQUEST['wp_http_referer'] ) ) { 90 $redirect = remove_query_arg( array( 'wp_http_referer', 'updated', 'delete_count' ), wp_unslash( $_REQUEST['wp_http_referer'] ) ); 91 $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr( $redirect ) . '" />'; 83 92 } else { 84 93 $redirect = 'users.php'; 85 $referer = '';94 $referer = ''; 86 95 } 87 96 … … 90 99 switch ( $wp_list_table->current_action() ) { 91 100 92 /* Bulk Dropdown menu Role changes */ 93 case 'promote': 94 check_admin_referer('bulk-users'); 95 96 if ( ! current_user_can( 'promote_users' ) ) 97 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 98 99 if ( empty($_REQUEST['users']) ) { 100 wp_redirect($redirect); 101 /* Bulk Dropdown menu Role changes */ 102 case 'promote': 103 check_admin_referer( 'bulk-users' ); 104 105 if ( ! current_user_can( 'promote_users' ) ) { 106 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 107 } 108 109 if ( empty( $_REQUEST['users'] ) ) { 110 wp_redirect( $redirect ); 111 exit(); 112 } 113 114 $editable_roles = get_editable_roles(); 115 $role = false; 116 if ( ! empty( $_REQUEST['new_role2'] ) ) { 117 $role = $_REQUEST['new_role2']; 118 } elseif ( ! empty( $_REQUEST['new_role'] ) ) { 119 $role = $_REQUEST['new_role']; 120 } 121 122 if ( ! $role || empty( $editable_roles[ $role ] ) ) { 123 wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 ); 124 } 125 126 $userids = $_REQUEST['users']; 127 $update = 'promote'; 128 foreach ( $userids as $id ) { 129 $id = (int) $id; 130 131 if ( ! current_user_can( 'promote_user', $id ) ) { 132 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 133 } 134 // The new role of the current user must also have the promote_users cap or be a multisite super admin 135 if ( $id == $current_user->ID && ! $wp_roles->role_objects[ $role ]->has_cap( 'promote_users' ) 136 && ! ( is_multisite() && current_user_can( 'manage_network_users' ) ) ) { 137 $update = 'err_admin_role'; 138 continue; 139 } 140 141 // If the user doesn't already belong to the blog, bail. 142 if ( is_multisite() && ! is_user_member_of_blog( $id ) ) { 143 wp_die( 144 '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . 145 '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>', 146 403 147 ); 148 } 149 150 $user = get_userdata( $id ); 151 $user->set_role( $role ); 152 } 153 154 wp_redirect( add_query_arg( 'update', $update, $redirect ) ); 101 155 exit(); 102 } 103 104 $editable_roles = get_editable_roles(); 105 $role = false; 106 if ( ! empty( $_REQUEST['new_role2'] ) ) { 107 $role = $_REQUEST['new_role2']; 108 } elseif ( ! empty( $_REQUEST['new_role'] ) ) { 109 $role = $_REQUEST['new_role']; 110 } 111 112 if ( ! $role || empty( $editable_roles[ $role ] ) ) { 113 wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 ); 114 } 115 116 $userids = $_REQUEST['users']; 117 $update = 'promote'; 118 foreach ( $userids as $id ) { 119 $id = (int) $id; 120 121 if ( ! current_user_can('promote_user', $id) ) 122 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 123 // The new role of the current user must also have the promote_users cap or be a multisite super admin 124 if ( $id == $current_user->ID && ! $wp_roles->role_objects[ $role ]->has_cap('promote_users') 125 && ! ( is_multisite() && current_user_can( 'manage_network_users' ) ) ) { 126 $update = 'err_admin_role'; 156 157 case 'dodelete': 158 if ( is_multisite() ) { 159 wp_die( __( 'User deletion is not allowed from this screen.' ), 400 ); 160 } 161 162 check_admin_referer( 'delete-users' ); 163 164 if ( empty( $_REQUEST['users'] ) ) { 165 wp_redirect( $redirect ); 166 exit(); 167 } 168 169 $userids = array_map( 'intval', (array) $_REQUEST['users'] ); 170 171 if ( empty( $_REQUEST['delete_option'] ) ) { 172 $url = self_admin_url( 'users.php?action=delete&users[]=' . implode( '&users[]=', $userids ) . '&error=true' ); 173 $url = str_replace( '&', '&', wp_nonce_url( $url, 'bulk-users' ) ); 174 wp_redirect( $url ); 175 exit; 176 } 177 178 if ( ! current_user_can( 'delete_users' ) ) { 179 wp_die( __( 'Sorry, you are not allowed to delete users.' ), 403 ); 180 } 181 182 $update = 'del'; 183 $delete_count = 0; 184 185 foreach ( $userids as $id ) { 186 if ( ! current_user_can( 'delete_user', $id ) ) { 187 wp_die( __( 'Sorry, you are not allowed to delete that user.' ), 403 ); 188 } 189 190 if ( $id == $current_user->ID ) { 191 $update = 'err_admin_del'; 127 192 continue; 128 } 129 130 // If the user doesn't already belong to the blog, bail. 131 if ( is_multisite() && !is_user_member_of_blog( $id ) ) { 132 wp_die( 133 '<h1>' . __( 'Cheatin’ uh?' ) . '</h1>' . 134 '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>', 135 403 136 ); 137 } 138 139 $user = get_userdata( $id ); 140 $user->set_role( $role ); 141 } 142 143 wp_redirect(add_query_arg('update', $update, $redirect)); 144 exit(); 145 146 case 'dodelete': 147 if ( is_multisite() ) 148 wp_die( __('User deletion is not allowed from this screen.'), 400 ); 149 150 check_admin_referer('delete-users'); 151 152 if ( empty($_REQUEST['users']) ) { 153 wp_redirect($redirect); 193 } 194 switch ( $_REQUEST['delete_option'] ) { 195 case 'delete': 196 wp_delete_user( $id ); 197 break; 198 case 'reassign': 199 wp_delete_user( $id, $_REQUEST['reassign_user'] ); 200 break; 201 } 202 ++$delete_count; 203 } 204 205 $redirect = add_query_arg( 206 array( 207 'delete_count' => $delete_count, 208 'update' => $update, 209 ), $redirect 210 ); 211 wp_redirect( $redirect ); 154 212 exit(); 155 } 156 157 $userids = array_map( 'intval', (array) $_REQUEST['users'] ); 158 159 if ( empty( $_REQUEST['delete_option'] ) ) { 160 $url = self_admin_url( 'users.php?action=delete&users[]=' . implode( '&users[]=', $userids ) . '&error=true' ); 161 $url = str_replace( '&', '&', wp_nonce_url( $url, 'bulk-users' ) ); 162 wp_redirect( $url ); 163 exit; 164 } 165 166 if ( ! current_user_can( 'delete_users' ) ) 167 wp_die( __( 'Sorry, you are not allowed to delete users.' ), 403 ); 168 169 $update = 'del'; 170 $delete_count = 0; 171 172 foreach ( $userids as $id ) { 173 if ( ! current_user_can( 'delete_user', $id ) ) 174 wp_die( __( 'Sorry, you are not allowed to delete that user.' ), 403 ); 175 176 if ( $id == $current_user->ID ) { 177 $update = 'err_admin_del'; 178 continue; 179 } 180 switch ( $_REQUEST['delete_option'] ) { 181 case 'delete': 182 wp_delete_user( $id ); 183 break; 184 case 'reassign': 185 wp_delete_user( $id, $_REQUEST['reassign_user'] ); 186 break; 187 } 188 ++$delete_count; 189 } 190 191 $redirect = add_query_arg( array('delete_count' => $delete_count, 'update' => $update), $redirect); 192 wp_redirect($redirect); 193 exit(); 194 195 case 'delete': 196 if ( is_multisite() ) 197 wp_die( __('User deletion is not allowed from this screen.'), 400 ); 198 199 check_admin_referer('bulk-users'); 200 201 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) { 202 wp_redirect($redirect); 203 exit(); 204 } 205 206 if ( ! current_user_can( 'delete_users' ) ) 207 $errors = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to delete users.' ) ); 208 209 if ( empty($_REQUEST['users']) ) 210 $userids = array( intval( $_REQUEST['user'] ) ); 211 else 212 $userids = array_map( 'intval', (array) $_REQUEST['users'] ); 213 214 $users_have_content = false; 215 if ( $wpdb->get_var( "SELECT ID FROM {$wpdb->posts} WHERE post_author IN( " . implode( ',', $userids ) . " ) LIMIT 1" ) ) { 216 $users_have_content = true; 217 } elseif ( $wpdb->get_var( "SELECT link_id FROM {$wpdb->links} WHERE link_owner IN( " . implode( ',', $userids ) . " ) LIMIT 1" ) ) { 218 $users_have_content = true; 219 } 220 221 if ( $users_have_content ) { 222 add_action( 'admin_head', 'delete_users_add_js' ); 223 } 224 225 include( ABSPATH . 'wp-admin/admin-header.php' ); 226 ?> 227 <form method="post" name="updateusers" id="updateusers"> 228 <?php wp_nonce_field('delete-users') ?> 213 214 case 'delete': 215 if ( is_multisite() ) { 216 wp_die( __( 'User deletion is not allowed from this screen.' ), 400 ); 217 } 218 219 check_admin_referer( 'bulk-users' ); 220 221 if ( empty( $_REQUEST['users'] ) && empty( $_REQUEST['user'] ) ) { 222 wp_redirect( $redirect ); 223 exit(); 224 } 225 226 if ( ! current_user_can( 'delete_users' ) ) { 227 $errors = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to delete users.' ) ); 228 } 229 230 if ( empty( $_REQUEST['users'] ) ) { 231 $userids = array( intval( $_REQUEST['user'] ) ); 232 } else { 233 $userids = array_map( 'intval', (array) $_REQUEST['users'] ); 234 } 235 236 $users_have_content = false; 237 if ( $wpdb->get_var( "SELECT ID FROM {$wpdb->posts} WHERE post_author IN( " . implode( ',', $userids ) . ' ) LIMIT 1' ) ) { 238 $users_have_content = true; 239 } elseif ( $wpdb->get_var( "SELECT link_id FROM {$wpdb->links} WHERE link_owner IN( " . implode( ',', $userids ) . ' ) LIMIT 1' ) ) { 240 $users_have_content = true; 241 } 242 243 if ( $users_have_content ) { 244 add_action( 'admin_head', 'delete_users_add_js' ); 245 } 246 247 include( ABSPATH . 'wp-admin/admin-header.php' ); 248 ?> 249 <form method="post" name="updateusers" id="updateusers"> 250 <?php wp_nonce_field( 'delete-users' ); ?> 229 251 <?php echo $referer; ?> 230 252 … … 246 268 <?php 247 269 $go_delete = 0; 248 foreach ( $userids as $id ) { 249 $user = get_userdata( $id ); 250 if ( $id == $current_user->ID ) { 251 /* translators: 1: user id, 2: user login */ 252 echo "<li>" . sprintf(__('ID #%1$s: %2$s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n"; 253 } else { 254 /* translators: 1: user id, 2: user login */ 255 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"" . esc_attr($id) . "\" />" . sprintf(__('ID #%1$s: %2$s'), $id, $user->user_login) . "</li>\n"; 256 $go_delete++; 257 } 270 foreach ( $userids as $id ) { 271 $user = get_userdata( $id ); 272 if ( $id == $current_user->ID ) { 273 /* translators: 1: user id, 2: user login */ 274 echo '<li>' . sprintf( __( 'ID #%1$s: %2$s <strong>The current user will not be deleted.</strong>' ), $id, $user->user_login ) . "</li>\n"; 275 } else { 276 /* translators: 1: user id, 2: user login */ 277 echo '<li><input type="hidden" name="users[]" value="' . esc_attr( $id ) . '" />' . sprintf( __( 'ID #%1$s: %2$s' ), $id, $user->user_login ) . "</li>\n"; 278 $go_delete++; 258 279 } 280 } 259 281 ?> 260 282 </ul> 261 <?php if ( $go_delete ) : 262 263 if ( ! $users_have_content ) : ?> 264 <input type="hidden" name="delete_option" value="delete" /> 265 <?php else: ?> 283 <?php 284 if ( $go_delete ) : 285 286 if ( ! $users_have_content ) : 287 ?> 288 <input type="hidden" name="delete_option" value="delete" /> 289 <?php else : ?> 266 290 <?php if ( 1 == $go_delete ) : ?> 267 291 <fieldset><p><legend><?php _e( 'What should be done with content owned by this user?' ); ?></legend></p> … … 271 295 <ul style="list-style:none;"> 272 296 <li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" /> 273 <?php _e( 'Delete all content.'); ?></label></li>297 <?php _e( 'Delete all content.' ); ?></label></li> 274 298 <li><input type="radio" id="delete_option1" name="delete_option" value="reassign" /> 275 <?php echo '<label for="delete_option1">' . __( 'Attribute all content to:' ) . '</label> '; 276 wp_dropdown_users( array( 277 'name' => 'reassign_user', 278 'exclude' => array_diff( $userids, array( $current_user->ID ) ), 279 'show' => 'display_name_with_login', 280 ) ); ?></li> 299 <?php 300 echo '<label for="delete_option1">' . __( 'Attribute all content to:' ) . '</label> '; 301 wp_dropdown_users( 302 array( 303 'name' => 'reassign_user', 304 'exclude' => array_diff( $userids, array( $current_user->ID ) ), 305 'show' => 'display_name_with_login', 306 ) 307 ); 308 ?> 309 </li> 281 310 </ul></fieldset> 282 <?php endif; 311 <?php 312 endif; 283 313 /** 284 314 * Fires at the end of the delete users form prior to the confirm button. … … 293 323 ?> 294 324 <input type="hidden" name="action" value="dodelete" /> 295 <?php submit_button( __('Confirm Deletion'), 'primary' ); ?> 296 <?php else : ?> 297 <p><?php _e('There are no valid users selected for deletion.'); ?></p> 298 <?php endif; ?> 299 </div> 300 </form> 301 <?php 302 303 break; 304 305 case 'doremove': 306 check_admin_referer('remove-users'); 307 308 if ( ! is_multisite() ) 309 wp_die( __( 'You can’t remove users.' ), 400 ); 310 311 if ( empty($_REQUEST['users']) ) { 312 wp_redirect($redirect); 325 <?php submit_button( __( 'Confirm Deletion' ), 'primary' ); ?> 326 <?php else : ?> 327 <p><?php _e( 'There are no valid users selected for deletion.' ); ?></p> 328 <?php endif; ?> 329 </div> 330 </form> 331 <?php 332 333 break; 334 335 case 'doremove': 336 check_admin_referer( 'remove-users' ); 337 338 if ( ! is_multisite() ) { 339 wp_die( __( 'You can’t remove users.' ), 400 ); 340 } 341 342 if ( empty( $_REQUEST['users'] ) ) { 343 wp_redirect( $redirect ); 344 exit; 345 } 346 347 if ( ! current_user_can( 'remove_users' ) ) { 348 wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 ); 349 } 350 351 $userids = $_REQUEST['users']; 352 353 $update = 'remove'; 354 foreach ( $userids as $id ) { 355 $id = (int) $id; 356 if ( ! current_user_can( 'remove_user', $id ) ) { 357 $update = 'err_admin_remove'; 358 continue; 359 } 360 remove_user_from_blog( $id, $blog_id ); 361 } 362 363 $redirect = add_query_arg( array( 'update' => $update ), $redirect ); 364 wp_redirect( $redirect ); 313 365 exit; 314 } 315 316 if ( ! current_user_can( 'remove_users' ) ) 317 wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 ); 318 319 $userids = $_REQUEST['users']; 320 321 $update = 'remove'; 322 foreach ( $userids as $id ) { 323 $id = (int) $id; 324 if ( !current_user_can('remove_user', $id) ) { 325 $update = 'err_admin_remove'; 326 continue; 327 } 328 remove_user_from_blog($id, $blog_id); 329 } 330 331 $redirect = add_query_arg( array('update' => $update), $redirect); 332 wp_redirect($redirect); 333 exit; 334 335 case 'remove': 336 337 check_admin_referer('bulk-users'); 338 339 if ( ! is_multisite() ) 340 wp_die( __( 'You can’t remove users.' ), 400 ); 341 342 if ( empty($_REQUEST['users']) && empty($_REQUEST['user']) ) { 343 wp_redirect($redirect); 344 exit(); 345 } 346 347 if ( !current_user_can('remove_users') ) 348 $error = new WP_Error('edit_users', __('Sorry, you are not allowed to remove users.')); 349 350 if ( empty($_REQUEST['users']) ) 351 $userids = array(intval($_REQUEST['user'])); 352 else 353 $userids = $_REQUEST['users']; 354 355 include( ABSPATH . 'wp-admin/admin-header.php' ); 356 ?> 357 <form method="post" name="updateusers" id="updateusers"> 358 <?php wp_nonce_field('remove-users') ?> 366 367 case 'remove': 368 check_admin_referer( 'bulk-users' ); 369 370 if ( ! is_multisite() ) { 371 wp_die( __( 'You can’t remove users.' ), 400 ); 372 } 373 374 if ( empty( $_REQUEST['users'] ) && empty( $_REQUEST['user'] ) ) { 375 wp_redirect( $redirect ); 376 exit(); 377 } 378 379 if ( ! current_user_can( 'remove_users' ) ) { 380 $error = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to remove users.' ) ); 381 } 382 383 if ( empty( $_REQUEST['users'] ) ) { 384 $userids = array( intval( $_REQUEST['user'] ) ); 385 } else { 386 $userids = $_REQUEST['users']; 387 } 388 389 include( ABSPATH . 'wp-admin/admin-header.php' ); 390 ?> 391 <form method="post" name="updateusers" id="updateusers"> 392 <?php wp_nonce_field( 'remove-users' ); ?> 359 393 <?php echo $referer; ?> 360 394 … … 371 405 <?php 372 406 $go_remove = false; 373 374 $id= (int) $id;375 376 377 378 echo "<li>" . sprintf(__('ID #%1$s: %2$s <strong>Sorry, you are not allowed to remove this user.</strong>'), $id, $user->user_login) . "</li>\n";379 380 381 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1$s: %2$s'), $id, $user->user_login) . "</li>\n";382 383 384 385 386 </ul>387 <?php if ( $go_remove ) : ?>407 foreach ( $userids as $id ) { 408 $id = (int) $id; 409 $user = get_userdata( $id ); 410 if ( ! current_user_can( 'remove_user', $id ) ) { 411 /* translators: 1: user id, 2: user login */ 412 echo '<li>' . sprintf( __( 'ID #%1$s: %2$s <strong>Sorry, you are not allowed to remove this user.</strong>' ), $id, $user->user_login ) . "</li>\n"; 413 } else { 414 /* translators: 1: user id, 2: user login */ 415 echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf( __( 'ID #%1$s: %2$s' ), $id, $user->user_login ) . "</li>\n"; 416 $go_remove = true; 417 } 418 } 419 ?> 420 </ul> 421 <?php if ( $go_remove ) : ?> 388 422 <input type="hidden" name="action" value="doremove" /> 389 <?php submit_button( __('Confirm Removal'), 'primary' ); ?> 390 <?php else : ?> 391 <p><?php _e('There are no valid users selected for removal.'); ?></p> 392 <?php endif; ?> 393 </div> 394 </form> 395 <?php 396 397 break; 398 399 default: 400 401 if ( !empty($_GET['_wp_http_referer']) ) { 402 wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce'), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ); 403 exit; 423 <?php submit_button( __( 'Confirm Removal' ), 'primary' ); ?> 424 <?php else : ?> 425 <p><?php _e( 'There are no valid users selected for removal.' ); ?></p> 426 <?php endif; ?> 427 </div> 428 </form> 429 <?php 430 431 break; 432 433 default: 434 if ( ! empty( $_GET['_wp_http_referer'] ) ) { 435 wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) ); 436 exit; 437 } 438 439 if ( $wp_list_table->current_action() && ! empty( $_REQUEST['users'] ) ) { 440 $userids = $_REQUEST['users']; 441 $sendback = wp_get_referer(); 442 443 /** This action is documented in wp-admin/edit-comments.php */ 444 $sendback = apply_filters( 'handle_bulk_actions-' . get_current_screen()->id, $sendback, $wp_list_table->current_action(), $userids ); 445 446 wp_safe_redirect( $sendback ); 447 exit; 448 } 449 450 $wp_list_table->prepare_items(); 451 $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); 452 if ( $pagenum > $total_pages && $total_pages > 0 ) { 453 wp_redirect( add_query_arg( 'paged', $total_pages ) ); 454 exit; 455 } 456 457 include( ABSPATH . 'wp-admin/admin-header.php' ); 458 459 $messages = array(); 460 if ( isset( $_GET['update'] ) ) : 461 switch ( $_GET['update'] ) { 462 case 'del': 463 case 'del_many': 464 $delete_count = isset( $_GET['delete_count'] ) ? (int) $_GET['delete_count'] : 0; 465 if ( 1 == $delete_count ) { 466 $message = __( 'User deleted.' ); 467 } else { 468 $message = _n( '%s user deleted.', '%s users deleted.', $delete_count ); 469 } 470 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $delete_count ) ) . '</p></div>'; 471 break; 472 case 'add': 473 if ( isset( $_GET['id'] ) && ( $user_id = $_GET['id'] ) && current_user_can( 'edit_user', $user_id ) ) { 474 /* translators: %s: edit page url */ 475 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( 476 __( 'New user created. <a href="%s">Edit user</a>' ), 477 esc_url( 478 add_query_arg( 479 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 480 self_admin_url( 'user-edit.php?user_id=' . $user_id ) 481 ) 482 ) 483 ) . '</p></div>'; 484 } else { 485 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __( 'New user created.' ) . '</p></div>'; 486 } 487 break; 488 case 'promote': 489 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __( 'Changed roles.' ) . '</p></div>'; 490 break; 491 case 'err_admin_role': 492 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __( 'The current user’s role must have user editing capabilities.' ) . '</p></div>'; 493 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __( 'Other user roles have been changed.' ) . '</p></div>'; 494 break; 495 case 'err_admin_del': 496 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __( 'You can’t delete the current user.' ) . '</p></div>'; 497 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __( 'Other users have been deleted.' ) . '</p></div>'; 498 break; 499 case 'remove': 500 $messages[] = '<div id="message" class="updated notice is-dismissible fade"><p>' . __( 'User removed from this site.' ) . '</p></div>'; 501 break; 502 case 'err_admin_remove': 503 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __( "You can't remove the current user." ) . '</p></div>'; 504 $messages[] = '<div id="message" class="updated notice is-dismissible fade"><p>' . __( 'Other users have been removed.' ) . '</p></div>'; 505 break; 506 } 507 endif; 508 ?> 509 510 <?php if ( isset( $errors ) && is_wp_error( $errors ) ) : ?> 511 <div class="error"> 512 <ul> 513 <?php 514 foreach ( $errors->get_error_messages() as $err ) { 515 echo "<li>$err</li>\n"; 516 } 517 ?> 518 </ul> 519 </div> 520 <?php 521 endif; 522 523 if ( ! empty( $messages ) ) { 524 foreach ( $messages as $msg ) { 525 echo $msg; 404 526 } 405 406 if ( $wp_list_table->current_action() && ! empty( $_REQUEST['users'] ) ) { 407 $userids = $_REQUEST['users']; 408 $sendback = wp_get_referer(); 409 410 /** This action is documented in wp-admin/edit-comments.php */ 411 $sendback = apply_filters( 'handle_bulk_actions-' . get_current_screen()->id, $sendback, $wp_list_table->current_action(), $userids ); 412 413 wp_safe_redirect( $sendback ); 414 exit; 415 } 416 417 $wp_list_table->prepare_items(); 418 $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); 419 if ( $pagenum > $total_pages && $total_pages > 0 ) { 420 wp_redirect( add_query_arg( 'paged', $total_pages ) ); 421 exit; 422 } 423 424 include( ABSPATH . 'wp-admin/admin-header.php' ); 425 426 $messages = array(); 427 if ( isset($_GET['update']) ) : 428 switch($_GET['update']) { 429 case 'del': 430 case 'del_many': 431 $delete_count = isset($_GET['delete_count']) ? (int) $_GET['delete_count'] : 0; 432 if ( 1 == $delete_count ) { 433 $message = __( 'User deleted.' ); 434 } else { 435 $message = _n( '%s user deleted.', '%s users deleted.', $delete_count ); 436 } 437 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( $message, number_format_i18n( $delete_count ) ) . '</p></div>'; 438 break; 439 case 'add': 440 if ( isset( $_GET['id'] ) && ( $user_id = $_GET['id'] ) && current_user_can( 'edit_user', $user_id ) ) { 441 /* translators: %s: edit page url */ 442 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . sprintf( __( 'New user created. <a href="%s">Edit user</a>' ), 443 esc_url( add_query_arg( 'wp_http_referer', urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ), 444 self_admin_url( 'user-edit.php?user_id=' . $user_id ) ) ) ) . '</p></div>'; 445 } else { 446 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __( 'New user created.' ) . '</p></div>'; 447 } 448 break; 449 case 'promote': 450 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __('Changed roles.') . '</p></div>'; 451 break; 452 case 'err_admin_role': 453 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __('The current user’s role must have user editing capabilities.') . '</p></div>'; 454 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __('Other user roles have been changed.') . '</p></div>'; 455 break; 456 case 'err_admin_del': 457 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __('You can’t delete the current user.') . '</p></div>'; 458 $messages[] = '<div id="message" class="updated notice is-dismissible"><p>' . __('Other users have been deleted.') . '</p></div>'; 459 break; 460 case 'remove': 461 $messages[] = '<div id="message" class="updated notice is-dismissible fade"><p>' . __('User removed from this site.') . '</p></div>'; 462 break; 463 case 'err_admin_remove': 464 $messages[] = '<div id="message" class="error notice is-dismissible"><p>' . __("You can't remove the current user.") . '</p></div>'; 465 $messages[] = '<div id="message" class="updated notice is-dismissible fade"><p>' . __('Other users have been removed.') . '</p></div>'; 466 break; 467 } 468 endif; ?> 469 470 <?php if ( isset($errors) && is_wp_error( $errors ) ) : ?> 471 <div class="error"> 472 <ul> 473 <?php 474 foreach ( $errors->get_error_messages() as $err ) 475 echo "<li>$err</li>\n"; 476 ?> 477 </ul> 478 </div> 479 <?php endif; 480 481 if ( ! empty($messages) ) { 482 foreach ( $messages as $msg ) 483 echo $msg; 484 } ?> 485 486 <div class="wrap"> 487 <h1 class="wp-heading-inline"><?php 527 } 528 ?> 529 530 <div class="wrap"> 531 <h1 class="wp-heading-inline"> 532 <?php 488 533 echo esc_html( $title ); 489 ?></h1> 490 491 <?php 492 if ( current_user_can( 'create_users' ) ) { ?> 534 ?> 535 </h1> 536 537 <?php 538 if ( current_user_can( 'create_users' ) ) { 539 ?> 493 540 <a href="<?php echo admin_url( 'user-new.php' ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user' ); ?></a> 494 541 <?php } elseif ( is_multisite() && current_user_can( 'promote_users' ) ) { ?> 495 542 <a href="<?php echo admin_url( 'user-new.php' ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add Existing', 'user' ); ?></a> 496 <?php } 543 <?php 544 } 497 545 498 546 if ( strlen( $usersearch ) ) { … … 520 568 </div> 521 569 <?php 522 break;570 break; 523 571 524 572 } // end of the $doaction switch
Note: See TracChangeset
for help on using the changeset viewer.