#12815 closed defect (bug) (fixed)
Allow defining $site_admins global array
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | 3.0 | Priority: | normal |
Severity: | normal | Version: | |
Component: | Role/Capability | Keywords: | |
Focuses: | Cc: |
Description
For a little extra security and to avoid a DB lookup, some sites define the site admins as an array of user names in wp-config.php.
Attachments (3)
Change History (10)
#1
@
15 years ago
- Summary changed from Allow defining $site_admins global array to allow bypassing option lookup to Allow defining $site_admins global array
#4
@
15 years ago
that way we can replace more get_site_option( 'site_admins', array( 'admin' ) ); calls
Do we have 'admin' hardcoded anywhere? Keep in mind that with the change to allow a different username to be created during install, that its entirely possible for someone to come along later and register 'admin' if the installer doesnt use it.
#5
@
15 years ago
Do we have 'admin' hardcoded anywhere? Keep in mind that with the change to allow a different username to be created during install, that its entirely possible for someone to come along later and register 'admin' if the installer doesnt use it.
Don't I know it. Yes, we use it everywhere. The sitemeta value would need to be missing and the 'admin' user would need to be gone. Additionally, 'admin' would need to be omitted from the illegal_names sitemeta value, and it is included there by default.
(Not supporting it, just saying how it is used.)
Seems fine to me. We should probably go with
$super_admins
since the only thing we'd be breaking compatibility with is wp.com.We could introduce a get_super_admins() to handle this, that way we can replace more
get_site_option( 'site_admins', array( 'admin' ) );
calls, and for example allow ms-users.php to show the right super admins.If
$super_admins
is set, the new checkbox on user-edit.php should be disabled, or hidden entirely (it can be hidden as I added a div.updated 'Important' box for super admin profiles).