Index: site-users.php
===================================================================
--- site-users.php	(revision 17113)
+++ site-users.php	(working copy)
@@ -59,6 +59,7 @@
 
 if ( $action ) {
 	switch_to_blog( $id );
+	$redirect = wp_get_referer();
 	
 	switch ( $action ) {
 		case 'newuser':
@@ -98,25 +99,95 @@
 			}
 			break;
 		
-		case 'remove':
+		case 'doremove':
+			check_admin_referer('remove-users');
+
 			if ( !current_user_can('remove_users')  )
-				die(__('You can’t remove users.'));
-				
+				die( __('You can’t remove users.') );
+
 			$update = 'remove';
 			if ( isset( $_REQUEST['users'] ) ) {
 				$userids = $_REQUEST['users'];
 
 				foreach ( $userids as $user_id ) {
 					$user_id = (int) $user_id;
-					remove_user_from_blog( $user_id, $id );
+					switch ( $_REQUEST['delete_option'] ) {
+					case 'delete':
+						remove_user_from_blog( $user_id, $id );
+						break;
+					case 'reassign':
+						remove_user_from_blog( $user_id, $id, $_REQUEST['user'] );
+						break;
+					}
 				}
 			} elseif ( isset( $_GET['user'] ) ) {
-				remove_user_from_blog( $_GET['user'] );
+				switch ( $_REQUEST['delete_option'] ) {
+				case 'delete':
+					remove_user_from_blog( $_GET['user'], $id );
+					break;
+				case 'reassign':
+					remove_user_from_blog( $_GET['user'], $id, $_REQUEST['user'] );
+					break;
+				}
 			} else {
 				$update = 'err_remove';
 			}
+			$redirect = remove_query_arg( 'action', $redirect );
 			break;
 
+		case 'remove':
+			if ( !current_user_can('remove_users')  )
+				die( __('You can’t remove users.') );
+
+			if ( empty($_REQUEST['users']) )
+				$userids = array( intval($_REQUEST['user']) );
+			else
+				$userids = $_REQUEST['users'];
+
+			require('../admin-header.php'); ?>
+<form action="" method="post" name="updateusers" id="updateusers">
+<?php wp_nonce_field('remove-users') ?>
+
+<div class="wrap">
+<?php screen_icon('users'); ?>
+<h2><?php printf( __('Remove Users from %s'), get_blogaddress_by_id($id) ); ?></h2>
+<p><?php _e('You have specified these users for removal:'); ?></p>
+<ul>
+<?php
+	$go_remove = false;
+ 	foreach ( $userids as $id ) {
+		$id = (int) $id;
+ 		$user = new WP_User($id);
+		if ( $id == $current_user->id && !is_super_admin() ) {
+			echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be removed.</strong>'), $id, $user->user_login) . "</li>\n";
+		} elseif ( !current_user_can('remove_user', $id) ) {
+			echo "<li>" . sprintf(__('ID #%1s: %2s <strong>You don\'t have permission to remove this user.</strong>'), $id, $user->user_login) . "</li>\n";
+		} else {
+			echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";
+			$go_remove = true;
+		}
+ 	}
+ 	?>
+<?php if ( $go_remove ) : ?>
+	<fieldset><p><legend><?php _e('What should be done with posts and links owned by this user?'); ?></legend></p>
+	<ul style="list-style:none;">
+		<li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />
+		<?php _e('Delete all posts and links.'); ?></label></li>
+		<li><input type="radio" id="delete_option1" name="delete_option" value="reassign" />
+		<?php echo '<label for="delete_option1">'.__('Attribute all posts and links to:').'</label>';
+		wp_dropdown_users( array( 'exclude' => array_diff( $userids, array($current_user->ID) ) ) ); ?></li>
+	</ul></fieldset>
+	<input type="hidden" name="action" value="doremove" />
+	<?php submit_button( __('Confirm Removal'), 'secondary' ); ?>
+<?php else : ?>
+	<p><?php _e('There are no valid users selected for removal.'); ?></p>
+<?php endif; ?>
+</div>
+</form><?php
+			require('../admin-footer.php');
+			exit();
+			break;
+
 		case 'promote':
 			$editable_roles = get_editable_roles();
 			if ( empty( $editable_roles[$_REQUEST['new_role']] ) )
@@ -142,7 +213,7 @@
 	}
 	
 	restore_current_blog();
-	wp_redirect( add_query_arg( 'update', $update, wp_get_referer() ) );
+	wp_redirect( add_query_arg( 'update', $update, $redirect ) );
 	exit();
 }