<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[12753] trunk: Use cap checks instead of multisite and super admin checks.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/12753">12753</a></dd>
<dt>Author</dt> <dd>ryan</dd>
<dt>Date</dt> <dd>2010-01-18 22:21:36 +0000 (Mon, 18 Jan 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see <a href="http://trac.wordpress.org/ticket/11644">#11644</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminadminphp">trunk/wp-admin/admin.php</a></li>
<li><a href="#trunkwpadminincludesschemaphp">trunk/wp-admin/includes/schema.php</a></li>
<li><a href="#trunkwpadminincludesupdatephp">trunk/wp-admin/includes/update.php</a></li>
<li><a href="#trunkwpadminincludesupgradephp">trunk/wp-admin/includes/upgrade.php</a></li>
<li><a href="#trunkwpadminmenuphp">trunk/wp-admin/menu.php</a></li>
<li><a href="#trunkwpadminoptionsgeneralphp">trunk/wp-admin/options-general.php</a></li>
<li><a href="#trunkwpadminoptionsphp">trunk/wp-admin/options.php</a></li>
<li><a href="#trunkwpadminpluginsphp">trunk/wp-admin/plugins.php</a></li>
<li><a href="#trunkwpadminthemesphp">trunk/wp-admin/themes.php</a></li>
<li><a href="#trunkwpadminupgradephp">trunk/wp-admin/upgrade.php</a></li>
<li><a href="#trunkwpadminusersphp">trunk/wp-admin/users.php</a></li>
<li><a href="#trunkwpincludescapabilitiesphp">trunk/wp-includes/capabilities.php</a></li>
<li><a href="#trunkwpincludespostphp">trunk/wp-includes/post.php</a></li>
<li><a href="#trunkwpincludesversionphp">trunk/wp-includes/version.php</a></li>
<li><a href="#trunkwpincludeswpdbphp">trunk/wp-includes/wp-db.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminadminphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/admin.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/admin.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/admin.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -198,9 +198,9 @@
</span><span class="cx"> require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
</span><span class="cx">
</span><span class="cx"> define('WP_IMPORTING', true);
</span><del>- if ( is_multisite() ) {
</del><ins>+
+ if ( is_multisite() )
</ins><span class="cx"> kses_init_filters(); // Always filter imported data with kses.
</span><del>- }
</del><span class="cx">
</span><span class="cx"> call_user_func($wp_importers[$importer][2]);
</span><span class="cx">
</span></span></pre></div>
<a id="trunkwpadminincludesschemaphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/schema.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/schema.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/includes/schema.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -369,6 +369,7 @@
</span><span class="cx"> populate_roles_260();
</span><span class="cx"> populate_roles_270();
</span><span class="cx"> populate_roles_280();
</span><ins>+ populate_roles_300();
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -590,4 +591,19 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+/**
+ * Create and modify WordPress roles for WordPress 2.8.
+ *
+ * @since 2.8.0
+ */
+function populate_roles_300() {
+ $role =& get_role( 'administrator' );
+
+ if ( !empty( $role ) ) {
+ $role->add_cap( 'update_core' );
+ $role->add_cap( 'remove_user' );
+ $role->add_cap( 'remove_users' );
+ }
+}
+
</ins><span class="cx"> ?>
</span></span></pre></div>
<a id="trunkwpadminincludesupdatephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/update.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/update.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/includes/update.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -82,10 +82,10 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function core_update_footer( $msg = '' ) {
</span><del>- if ( is_multisite() && !is_super_admin() )
</del><ins>+ if ( is_multisite() && !current_user_can('update_core') )
</ins><span class="cx"> return false;
</span><span class="cx">
</span><del>- if ( !current_user_can('manage_options') )
</del><ins>+ if ( !current_user_can('update_core') )
</ins><span class="cx"> return sprintf( __( 'Version %s' ), $GLOBALS['wp_version'] );
</span><span class="cx">
</span><span class="cx"> $cur = get_preferred_from_update_core();
</span><span class="lines">@@ -104,10 +104,8 @@
</span><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'upgrade' :
</span><del>- if ( current_user_can('manage_options') ) {
- return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
- break;
- }
</del><ins>+ return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
+ break;
</ins><span class="cx">
</span><span class="cx"> case 'latest' :
</span><span class="cx"> default :
</span><span class="lines">@@ -118,7 +116,7 @@
</span><span class="cx"> add_filter( 'update_footer', 'core_update_footer' );
</span><span class="cx">
</span><span class="cx"> function update_nag() {
</span><del>- if ( is_multisite() && !is_super_admin() )
</del><ins>+ if ( is_multisite() && !current_user_can('update_core') )
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> global $pagenow;
</span><span class="lines">@@ -131,7 +129,7 @@
</span><span class="cx"> if ( ! isset( $cur->response ) || $cur->response != 'upgrade' )
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if ( current_user_can('manage_options') )
</del><ins>+ if ( current_user_can('update_core') )
</ins><span class="cx"> $msg = sprintf( __('WordPress %1$s is available! <a href="%2$s">Please update now</a>.'), $cur->current, 'update-core.php' );
</span><span class="cx"> else
</span><span class="cx"> $msg = sprintf( __('WordPress %1$s is available! Please notify the site administrator.'), $cur->current );
</span><span class="lines">@@ -142,13 +140,13 @@
</span><span class="cx">
</span><span class="cx"> // Called directly from dashboard
</span><span class="cx"> function update_right_now_message() {
</span><del>- if ( is_multisite() && !is_super_admin() )
</del><ins>+ if ( is_multisite() && !current_user_can('update_core') )
</ins><span class="cx"> return false;
</span><span class="cx">
</span><span class="cx"> $cur = get_preferred_from_update_core();
</span><span class="cx">
</span><span class="cx"> $msg = sprintf( __('You are using <span class="b">WordPress %s</span>.'), $GLOBALS['wp_version'] );
</span><del>- if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('manage_options') )
</del><ins>+ if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('update_core') )
</ins><span class="cx"> $msg .= " <a href='update-core.php' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
</span><span class="cx">
</span><span class="cx"> echo "<span id='wp-version-message'>$msg</span>";
</span><span class="lines">@@ -169,6 +167,9 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function wp_plugin_update_rows() {
</span><ins>+ if ( !current_user_can('update_plugins' ) )
+ return;
+
</ins><span class="cx"> $plugins = get_site_transient( 'update_plugins' );
</span><span class="cx"> if ( isset($plugins->response) && is_array($plugins->response) ) {
</span><span class="cx"> $plugins = array_keys( $plugins->response );
</span><span class="lines">@@ -205,10 +206,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function wp_update_plugin($plugin, $feedback = '') {
</span><del>- if ( is_multisite() && !is_super_admin() )
- return false;
-
-
</del><span class="cx"> if ( !empty($feedback) )
</span><span class="cx"> add_filter('update_feedback', $feedback);
</span><span class="cx">
</span><span class="lines">@@ -234,7 +231,6 @@
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> function wp_update_theme($theme, $feedback = '') {
</span><del>-
</del><span class="cx"> if ( !empty($feedback) )
</span><span class="cx"> add_filter('update_feedback', $feedback);
</span><span class="cx">
</span><span class="lines">@@ -245,7 +241,6 @@
</span><span class="cx">
</span><span class="cx">
</span><span class="cx"> function wp_update_core($current, $feedback = '') {
</span><del>-
</del><span class="cx"> if ( !empty($feedback) )
</span><span class="cx"> add_filter('update_feedback', $feedback);
</span><span class="cx">
</span><span class="lines">@@ -260,7 +255,7 @@
</span><span class="cx"> if ( ! isset( $upgrading ) )
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- if ( current_user_can('manage_options') )
</del><ins>+ if ( current_user_can('update_core') )
</ins><span class="cx"> $msg = sprintf( __('An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.'), 'update-core.php' );
</span><span class="cx"> else
</span><span class="cx"> $msg = __('An automated WordPress update has failed to complete! Please notify the site administrator.');
</span></span></pre></div>
<a id="trunkwpadminincludesupgradephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/upgrade.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/upgrade.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/includes/upgrade.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -259,7 +259,7 @@
</span><span class="cx"> * @return null
</span><span class="cx"> */
</span><span class="cx"> function wp_upgrade() {
</span><del>- global $wp_current_db_version, $wp_db_version;
</del><ins>+ global $wp_current_db_version, $wp_db_version, $wpdb;
</ins><span class="cx">
</span><span class="cx"> $wp_current_db_version = __get_option('db_version');
</span><span class="cx">
</span><span class="lines">@@ -276,6 +276,14 @@
</span><span class="cx"> make_db_current_silent();
</span><span class="cx"> upgrade_all();
</span><span class="cx"> wp_cache_flush();
</span><ins>+
+ if ( is_multisite() ) {
+ if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
+ $wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
+ } else {
+ $wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
+ }
+ }
</ins><span class="cx"> }
</span><span class="cx"> endif;
</span><span class="cx">
</span><span class="lines">@@ -352,6 +360,9 @@
</span><span class="cx"> if ( $wp_current_db_version < 11958 )
</span><span class="cx"> upgrade_290();
</span><span class="cx">
</span><ins>+ if ( $wp_current_db_version < 12751 )
+ upgrade_300();
+
</ins><span class="cx"> maybe_disable_automattic_widgets();
</span><span class="cx">
</span><span class="cx"> update_option( 'db_version', $wp_db_version );
</span><span class="lines">@@ -1006,6 +1017,14 @@
</span><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+/**
+ * Execute changes made in WordPress 3.0.
+ *
+ * @since 3.0
+ */
+function upgrade_300() {
+ populate_roles_300();
+}
</ins><span class="cx">
</span><span class="cx"> // The functions we use to actually do stuff
</span><span class="cx">
</span></span></pre></div>
<a id="trunkwpadminmenuphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/menu.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/menu.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/menu.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -30,12 +30,12 @@
</span><span class="cx"> if ( is_multisite() && is_super_admin() ) {
</span><span class="cx"> $menu[1] = array( '', 'read', 'separator0', '', 'wp-menu-separator' );
</span><span class="cx"> $menu[2] = array(__('Site Admin'), '10', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div');
</span><del>- $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'delete_users', 'ms-admin.php' );
- $submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'delete_users', 'ms-sites.php' );
- $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'delete_users', 'ms-users.php' );
- $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'delete_users', 'ms-themes.php' );
- $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'delete_users', 'ms-options.php' );
- $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'delete_users', 'ms-upgrade-site.php' );
</del><ins>+ $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'super_admin', 'ms-admin.php' );
+ $submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'super_admin', 'ms-sites.php' );
+ $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'super_admin', 'ms-users.php' );
+ $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'super_admin', 'ms-themes.php' );
+ $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'super_admin', 'ms-options.php' );
+ $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'super_admin', 'ms-upgrade-site.php' );
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );
</span><span class="lines">@@ -105,8 +105,7 @@
</span><span class="cx"> $submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
</span><span class="cx"> if ( !is_multisite() )
</span><span class="cx"> $submenu['themes.php'][10] = array(__('Editor'), 'edit_themes', 'theme-editor.php');
</span><del>- if ( is_super_admin() )
- $submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
</del><ins>+ $submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
</ins><span class="cx">
</span><span class="cx"> $update_plugins = get_site_transient( 'update_plugins' );
</span><span class="cx"> $update_count = 0;
</span><span class="lines">@@ -117,10 +116,8 @@
</span><span class="cx"> if ( is_super_admin() || is_multisite() && $menu_perms['plugins'] ) {
</span><span class="cx"> $menu[65] = array( sprintf( __('Plugins %s'), "<span class='update-plugins count-$update_count'><span class='plugin-count'>" . number_format_i18n($update_count) . "</span></span>" ), 'activate_plugins', 'plugins.php', '', 'menu-top', 'menu-plugins', 'div' );
</span><span class="cx"> $submenu['plugins.php'][5] = array( __('Installed'), 'activate_plugins', 'plugins.php' );
</span><del>- if ( is_super_admin() ) {
- /* translators: add new plugin */
- $submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
- }
</del><ins>+ /* translators: add new plugin */
+ $submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
</ins><span class="cx"> if ( !is_multisite() )
</span><span class="cx"> $submenu['plugins.php'][15] = array( __('Editor'), 'edit_plugins', 'plugin-editor.php' );
</span><span class="cx"> }
</span></span></pre></div>
<a id="trunkwpadminoptionsgeneralphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/options-general.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/options-general.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/options-general.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -292,14 +292,17 @@
</span><span class="cx"> </tr>
</span><span class="cx"> <?php do_settings_fields('general', 'default'); ?>
</span><span class="cx"> <?php
</span><del>-if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) )
- while( ( $lang_file = readdir( $dh ) ) !== false )
</del><ins>+
+$lang_files = array();
+if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) ) {
+ while ( ( $lang_file = readdir( $dh ) ) !== false ) {
</ins><span class="cx"> if ( substr( $lang_file, -3 ) == '.mo' )
</span><span class="cx"> $lang_files[] = $lang_file;
</span><del>-$lang = get_option('WPLANG');
</del><ins>+ }
+}
</ins><span class="cx">
</span><del>-if ( is_array($lang_files) && !empty($lang_files) ) {
- ?>
</del><ins>+if ( !empty($lang_files) ) {
+?>
</ins><span class="cx"> <tr valign="top">
</span><span class="cx"> <th width="33%" scope="row"><?php _e('Blog language:') ?></th>
</span><span class="cx"> <td>
</span><span class="lines">@@ -308,7 +311,7 @@
</span><span class="cx"> </select>
</span><span class="cx"> </td>
</span><span class="cx"> </tr>
</span><del>- <?php
</del><ins>+<?php
</ins><span class="cx"> } // languages
</span><span class="cx"> ?>
</span><span class="cx"> </table>
</span></span></pre></div>
<a id="trunkwpadminoptionsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/options.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/options.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/options.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -118,11 +118,6 @@
</span><span class="cx"> <?php wp_nonce_field('options-options') ?>
</span><span class="cx"> <input type="hidden" name="action" value="update" />
</span><span class="cx"> <input type='hidden' name='option_page' value='options' />
</span><del>-<?php if ( is_multisite() ) { ?>
-<p class="submit submit-top">
- <input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" class="button-primary" />
-</p>
-<?php } ?>
</del><span class="cx"> <table class="form-table">
</span><span class="cx"> <?php
</span><span class="cx"> $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");
</span></span></pre></div>
<a id="trunkwpadminpluginsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/plugins.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/plugins.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/plugins.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -231,7 +231,7 @@
</span><span class="cx"> add_thickbox();
</span><span class="cx">
</span><span class="cx"> $help = '<p>' . __('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.') . '</p>';
</span><del>-if ( !is_multisite() || is_super_admin() ) {
</del><ins>+if ( current_user_can('edit_plugins') ) {
</ins><span class="cx"> $help .= '<p>' . sprintf(__('If something goes wrong with a plugin and you can&#8217;t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), WP_PLUGIN_DIR) . '</p>';
</span><span class="cx"> $help .= '<p>' . sprintf(__('You can find additional plugins for your site by using the new <a href="%1$s">Plugin Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/plugins/">WordPress Plugin Directory</a> directly and installing manually. To <em>manually</em> install a plugin you generally just need to upload the plugin file into your <code>%2$s</code> directory. Once a plugin has been installed, you may activate it here.'), 'plugin-install.php', WP_PLUGIN_DIR) . '</p>';
</span><span class="cx"> }
</span><span class="lines">@@ -284,7 +284,7 @@
</span><span class="cx">
</span><span class="cx"> <div class="wrap">
</span><span class="cx"> <?php screen_icon(); ?>
</span><del>-<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
</del><ins>+<h2><?php echo esc_html( $title ); if ( current_user_can('install_plugins') ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
</ins><span class="cx">
</span><span class="cx"> <?php
</span><span class="cx">
</span><span class="lines">@@ -325,9 +325,8 @@
</span><span class="cx"> $upgrade_plugins[ $plugin_file ] = $plugin_data;
</span><span class="cx"> }
</span><span class="cx">
</span><del>-if ( is_multisite() && !is_super_admin() ) {
- $upgrade_plugins = false;
-}
</del><ins>+if ( !current_user_can('update_plugins') )
+ $upgrade_plugins = array();
</ins><span class="cx">
</span><span class="cx"> $total_all_plugins = count($all_plugins);
</span><span class="cx"> $total_inactive_plugins = count($inactive_plugins);
</span></span></pre></div>
<a id="trunkwpadminthemesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/themes.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/themes.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/themes.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -67,7 +67,7 @@
</span><span class="cx"> wp_enqueue_script( 'theme-preview' );
</span><span class="cx">
</span><span class="cx"> require_once('admin-header.php');
</span><del>-if ( is_multisite() && is_super_admin() ) {
</del><ins>+if ( is_multisite() && current_user_can('edit_themes') ) {
</ins><span class="cx"> ?><div id="message0" class="updated fade"><p><?php _e('Administrator: new themes must be activated in the <a href="wpmu-themes.php">Themes Admin</a> page before they appear here.'); ?></p></div><?php
</span><span class="cx"> }
</span><span class="cx"> ?>
</span><span class="lines">@@ -126,7 +126,7 @@
</span><span class="cx"> function theme_update_available( $theme ) {
</span><span class="cx"> static $themes_update;
</span><span class="cx">
</span><del>- if ( is_multisite() && !is_super_admin() )
</del><ins>+ if ( !current_user_can('update_themes' ) )
</ins><span class="cx"> return;
</span><span class="cx">
</span><span class="cx"> if ( !isset($themes_update) )
</span><span class="lines">@@ -159,7 +159,7 @@
</span><span class="cx">
</span><span class="cx"> <div class="wrap">
</span><span class="cx"> <?php screen_icon(); ?>
</span><del>-<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
</del><ins>+<h2><?php echo esc_html( $title ); if ( !current_user_can('install_themes') ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
</ins><span class="cx">
</span><span class="cx"> <h3><?php _e('Current Theme'); ?></h3>
</span><span class="cx"> <div id="current-theme">
</span><span class="lines">@@ -170,7 +170,7 @@
</span><span class="cx"> /* translators: 1: theme title, 2: theme version, 3: theme author */
</span><span class="cx"> printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h4>
</span><span class="cx"> <p class="theme-description"><?php echo $ct->description; ?></p>
</span><del>-<?php if ( ( !is_multisite() || is_super_admin() ) && $ct->parent_theme ) { ?>
</del><ins>+<?php if ( current_user_can('edit_themes') && $ct->parent_theme ) { ?>
</ins><span class="cx"> <p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ), $ct->title, $ct->parent_theme); ?></p>
</span><span class="cx"> <?php } else { ?>
</span><span class="cx"> <p><?php printf(__('All of this theme&#8217;s files are located in <code>%2$s</code>.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ) ); ?></p>
</span><span class="lines">@@ -265,7 +265,7 @@
</span><span class="cx"> printf(__('%1$s %2$s by %3$s'), $title, $version, $author) ; ?></h3>
</span><span class="cx"> <p class="description"><?php echo $description; ?></p>
</span><span class="cx"> <span class='action-links'><?php echo $actions ?></span>
</span><del>- <?php if ( ( !is_multisite() || is_super_admin() ) && $parent_theme ) {
</del><ins>+ <?php if ( current_user_can('edit_themes') && $parent_theme ) {
</ins><span class="cx"> /* translators: 1: theme title, 2: template dir, 3: stylesheet_dir, 4: theme title, 5: parent_theme */ ?>
</span><span class="cx"> <p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $title, str_replace( WP_CONTENT_DIR, '', $template_dir ), str_replace( WP_CONTENT_DIR, '', $stylesheet_dir ), $title, $parent_theme); ?></p>
</span><span class="cx"> <?php } else { ?>
</span><span class="lines">@@ -298,7 +298,7 @@
</span><span class="cx"> <?php
</span><span class="cx"> // List broken themes, if any.
</span><span class="cx"> $broken_themes = get_broken_themes();
</span><del>-if ( ( !is_multisite() || is_super_admin() ) && count( $broken_themes ) ) {
</del><ins>+if ( current_user_can('edit_themes') && count( $broken_themes ) ) {
</ins><span class="cx"> ?>
</span><span class="cx">
</span><span class="cx"> <h2><?php _e('Broken Themes'); ?> <?php if ( is_multisite() ) _e( '(Site admin only)' ); ?></h2>
</span></span></pre></div>
<a id="trunkwpadminupgradephp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/upgrade.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/upgrade.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/upgrade.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -85,11 +85,6 @@
</span><span class="cx"> $backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
</span><span class="cx"> $backto = esc_url_raw( $backto );
</span><span class="cx"> $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
</span><del>- if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
- $wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
- } else {
- $wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
- }
</del><span class="cx"> ?>
</span><span class="cx"> <h2><?php _e( 'Upgrade Complete' ); ?></h2>
</span><span class="cx"> <p><?php _e( 'Your WordPress database has been successfully upgraded!' ); ?></p>
</span></span></pre></div>
<a id="trunkwpadminusersphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/users.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/users.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-admin/users.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -15,6 +15,10 @@
</span><span class="cx"> if ( !current_user_can('edit_users') )
</span><span class="cx"> wp_die(__('Cheatin&#8217; uh?'));
</span><span class="cx">
</span><ins>+$del_cap_type = 'remove';
+if ( !is_multisite() && current_user_can('delete_users') )
+ $del_cap_type = 'delete';
+
</ins><span class="cx"> $title = __('Users');
</span><span class="cx"> $parent_file = 'users.php';
</span><span class="cx">
</span><span class="lines">@@ -43,22 +47,22 @@
</span><span class="cx"> case 'promote':
</span><span class="cx"> check_admin_referer('bulk-users');
</span><span class="cx">
</span><del>- if (empty($_REQUEST['users'])) {
</del><ins>+ if ( empty($_REQUEST['users']) ) {
</ins><span class="cx"> wp_redirect($redirect);
</span><span class="cx"> exit();
</span><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> $editable_roles = get_editable_roles();
</span><del>- if (!$editable_roles[$_REQUEST['new_role']])
</del><ins>+ if ( !$editable_roles[$_REQUEST['new_role']] )
</ins><span class="cx"> wp_die(__('You can&#8217;t give users that role.'));
</span><span class="cx">
</span><span class="cx"> $userids = $_REQUEST['users'];
</span><span class="cx"> $update = 'promote';
</span><del>- foreach($userids as $id) {
</del><ins>+ foreach ( $userids as $id ) {
</ins><span class="cx"> if ( ! current_user_can('edit_user', $id) )
</span><span class="cx"> wp_die(__('You can&#8217;t edit that user.'));
</span><span class="cx"> // The new role of the current user must also have edit_users caps
</span><del>- if($id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users')) {
</del><ins>+ if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users') ) {
</ins><span class="cx"> $update = 'err_admin_role';
</span><span class="cx"> continue;
</span><span class="cx"> }
</span><span class="lines">@@ -81,7 +85,7 @@
</span><span class="cx"> exit();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if ( !current_user_can('delete_users') )
</del><ins>+ if ( !current_user_can($del_cap_type . '_users') )
</ins><span class="cx"> wp_die(__('You can&#8217;t delete users.'));
</span><span class="cx">
</span><span class="cx"> $userids = $_REQUEST['users'];
</span><span class="lines">@@ -89,27 +93,25 @@
</span><span class="cx"> $delete_count = 0;
</span><span class="cx">
</span><span class="cx"> foreach ( (array) $userids as $id) {
</span><del>- if ( ! current_user_can('delete_user', $id) )
</del><ins>+ if ( ! current_user_can($del_cap_type . '_user', $id) )
</ins><span class="cx"> wp_die(__('You can&#8217;t delete that user.'));
</span><span class="cx">
</span><del>- if ($id == $current_user->ID) {
</del><ins>+ if ( $id == $current_user->ID ) {
</ins><span class="cx"> $update = 'err_admin_del';
</span><span class="cx"> continue;
</span><span class="cx"> }
</span><del>- switch($_REQUEST['delete_option']) {
</del><ins>+ switch ( $_REQUEST['delete_option'] ) {
</ins><span class="cx"> case 'delete':
</span><del>- if ( !is_multisite() ) {
</del><ins>+ if ( !is_multisite() && current_user_can('delete_user', $id) )
</ins><span class="cx"> wp_delete_user($id);
</span><del>- } else {
</del><ins>+ else
</ins><span class="cx"> remove_user_from_blog($id, $blog_id); // WPMU only remove user from blog
</span><del>- }
</del><span class="cx"> break;
</span><span class="cx"> case 'reassign':
</span><del>- if ( !is_multisite() ) {
</del><ins>+ if ( !is_multisite() && current_user_can('delete_user', $id) )
</ins><span class="cx"> wp_delete_user($id, $_REQUEST['reassign_user']);
</span><del>- } else {
</del><ins>+ else
</ins><span class="cx"> remove_user_from_blog($id, $blog_id, $_REQUEST['reassign_user']);
</span><del>- }
</del><span class="cx"> break;
</span><span class="cx"> }
</span><span class="cx"> ++$delete_count;
</span><span class="lines">@@ -130,7 +132,7 @@
</span><span class="cx"> exit();
</span><span class="cx"> }
</span><span class="cx">
</span><del>- if ( !current_user_can('delete_users') )
</del><ins>+ if ( !current_user_can($del_cap_type . '_users') )
</ins><span class="cx"> $errors = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
</span><span class="cx">
</span><span class="cx"> if ( empty($_REQUEST['users']) )
</span></span></pre></div>
<a id="trunkwpincludescapabilitiesphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/capabilities.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/capabilities.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-includes/capabilities.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -717,6 +717,10 @@
</span><span class="cx"> $cap = $this->translate_level_to_cap( $cap );
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+ // Multisite super admin has all caps by definition.
+ if ( is_multisite() && is_super_admin() )
+ return true;
+
</ins><span class="cx"> $args = array_slice( func_get_args(), 1 );
</span><span class="cx"> $args = array_merge( array( $cap, $this->ID ), $args );
</span><span class="cx"> $caps = call_user_func_array( 'map_meta_cap', $args );
</span><span class="lines">@@ -962,6 +966,9 @@
</span><span class="cx"> case 'update_themes':
</span><span class="cx"> case 'install_themes':
</span><span class="cx"> case 'edit_themes':
</span><ins>+ case 'update_core':
+ case 'delete_user':
+ case 'delete_users':
</ins><span class="cx"> // If multisite these caps are allowed only for super admins.
</span><span class="cx"> if ( is_multisite() && !is_super_admin() )
</span><span class="cx"> $caps[] = 'do_not_allow';
</span></span></pre></div>
<a id="trunkwpincludespostphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/post.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/post.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-includes/post.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -3251,12 +3251,10 @@
</span><span class="cx"> if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] ) { //Get upload directory
</span><span class="cx"> if ( 0 === strpos($file, $uploads['basedir']) ) //Check that the upload base exists in the file location
</span><span class="cx"> $url = str_replace($uploads['basedir'], $uploads['baseurl'], $file); //replace file location with url location
</span><del>- elseif ( !is_multisite() ) {
- if ( false !== strpos($file, 'wp-content/uploads') )
- $url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
- else
- $url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
- }
</del><ins>+ elseif ( false !== strpos($file, 'wp-content/uploads') )
+ $url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
+ else
+ $url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
</ins><span class="cx"> }
</span><span class="cx"> }
</span><span class="cx">
</span></span></pre></div>
<a id="trunkwpincludesversionphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/version.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/version.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-includes/version.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -15,7 +15,7 @@
</span><span class="cx"> *
</span><span class="cx"> * @global int $wp_db_version
</span><span class="cx"> */
</span><del>-$wp_db_version = 12329;
</del><ins>+$wp_db_version = 12751;
</ins><span class="cx">
</span><span class="cx"> /**
</span><span class="cx"> * Holds the TinyMCE version
</span></span></pre></div>
<a id="trunkwpincludeswpdbphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-includes/wp-db.php (12752 => 12753)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-includes/wp-db.php 2010-01-18 20:34:48 UTC (rev 12752)
+++ trunk/wp-includes/wp-db.php 2010-01-18 22:21:36 UTC (rev 12753)
</span><span class="lines">@@ -370,14 +370,13 @@
</span><span class="cx"> if ( WP_DEBUG )
</span><span class="cx"> $this->show_errors();
</span><span class="cx">
</span><del>- if( is_multisite() ) {
- $this->charset = 'utf8';
- if( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' ) {
- $this->collate = constant( 'DB_COLLATE' );
- } else {
- $this->collate = 'utf8_general_ci';
- }
- }
</del><ins>+ if ( is_multisite() ) {
+ $this->charset = 'utf8';
+ if ( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' )
+ $this->collate = constant( 'DB_COLLATE' );
+ else
+ $this->collate = 'utf8_general_ci';
+ }
</ins><span class="cx">
</span><span class="cx"> if ( defined('DB_CHARSET') )
</span><span class="cx"> $this->charset = DB_CHARSET;
</span><span class="lines">@@ -446,12 +445,12 @@
</span><span class="cx"> if ( preg_match('|[^a-z0-9_]|i', $prefix) )
</span><span class="cx"> return new WP_Error('invalid_db_prefix', /*WP_I18N_DB_BAD_PREFIX*/'Invalid database prefix'/*/WP_I18N_DB_BAD_PREFIX*/);
</span><span class="cx">
</span><del>- if( is_multisite() ) {
- $old_prefix = '';
- } else {
- $old_prefix = $prefix;
- }
- if( isset( $this->base_prefix ) )
</del><ins>+ if ( is_multisite() )
+ $old_prefix = '';
+ else
+ $old_prefix = $prefix;
+
+ if ( isset( $this->base_prefix ) )
</ins><span class="cx"> $old_prefix = $this->base_prefix;
</span><span class="cx"> $this->base_prefix = $prefix;
</span><span class="cx"> foreach ( $this->global_tables as $table )
</span><span class="lines">@@ -664,22 +663,22 @@
</span><span class="cx"> if ( !$this->show_errors )
</span><span class="cx"> return false;
</span><span class="cx">
</span><del>- // If there is an error then take note of it
- if( is_multisite() ) {
- $msg = "WordPress database error: [$str]\n{$this->last_query}\n";
- if( defined( 'ERRORLOGFILE' ) )
- error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
- if( defined( 'DIEONDBERROR' ) )
- die( $msg );
- } else {
- $str = htmlspecialchars($str, ENT_QUOTES);
- $query = htmlspecialchars($this->last_query, ENT_QUOTES);
</del><ins>+ // If there is an error then take note of it
+ if ( is_multisite() ) {
+ $msg = "WordPress database error: [$str]\n{$this->last_query}\n";
+ if ( defined( 'ERRORLOGFILE' ) )
+ error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
+ if ( defined( 'DIEONDBERROR' ) )
+ die( $msg );
+ } else {
+ $str = htmlspecialchars($str, ENT_QUOTES);
+ $query = htmlspecialchars($this->last_query, ENT_QUOTES);
</ins><span class="cx">
</span><del>- print "<div id='error'>
- <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
- <code>$query</code></p>
- </div>";
- }
</del><ins>+ print "<div id='error'>
+ <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
+ <code>$query</code></p>
+ </div>";
+ }
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> /**
</span><span class="lines">@@ -739,10 +738,10 @@
</span><span class="cx">
</span><span class="cx"> function db_connect( $query = "SELECT" ) {
</span><span class="cx"> global $db_list, $global_db_list;
</span><del>- if( is_array( $db_list ) == false )
</del><ins>+ if ( is_array( $db_list ) == false )
</ins><span class="cx"> return true;
</span><span class="cx">
</span><del>- if( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
</del><ins>+ if ( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
</ins><span class="cx"> $action = 'global';
</span><span class="cx"> $details = $global_db_list[ mt_rand( 0, count( $global_db_list ) -1 ) ];
</span><span class="cx"> $this->db_global = $details;
</span></span></pre>
</div>
</div>
</body>
</html>