<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" /><style type="text/css"><!--
#msg dl { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fc0 solid; padding: 6px; }
#msg ul, pre { overflow: auto; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<title>[13941] trunk/wp-admin: Move add/
remove super admin out of bulk edit and into user-edit.php.</title>
</head>
<body>
<div id="msg">
<dl>
<dt>Revision</dt> <dd><a href="http://trac.wordpress.org/changeset/13941">13941</a></dd>
<dt>Author</dt> <dd>nacin</dd>
<dt>Date</dt> <dd>2010-04-02 06:46:07 +0000 (Fri, 02 Apr 2010)</dd>
</dl>
<h3>Log Message</h3>
<pre>Move add/remove super admin out of bulk edit and into user-edit.php. Introduce grant_super_admin() and revoke_super_admin(). Link to profile.php in ms-users user row for current user. Add defensive check by forcing IS_PROFILE_PAGE on user-edit if trying to edit your own user_id. see <a href="http://trac.wordpress.org/ticket/12460">#12460</a></pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#trunkwpadminincludesmsphp">trunk/wp-admin/includes/ms.php</a></li>
<li><a href="#trunkwpadminmseditphp">trunk/wp-admin/ms-edit.php</a></li>
<li><a href="#trunkwpadminmsusersphp">trunk/wp-admin/ms-users.php</a></li>
<li><a href="#trunkwpadminusereditphp">trunk/wp-admin/user-edit.php</a></li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="trunkwpadminincludesmsphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/includes/ms.php (13940 => 13941)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/includes/ms.php 2010-04-02 06:12:49 UTC (rev 13940)
+++ trunk/wp-admin/includes/ms.php 2010-04-02 06:46:07 UTC (rev 13941)
</span><span class="lines">@@ -793,4 +793,42 @@
</span><span class="cx"> echo "<div class='error'><p>$message</p></div>";
</span><span class="cx"> }
</span><span class="cx">
</span><ins>+/**
+ * Grants super admin privileges.
+ *
+ * @since 3.0.0
+ * @param $user_id
+ */
+function grant_super_admin( $user_id ) {
+ $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+
+ $user = new WP_User( $user_id );
+ if ( ! in_array( $user->user_login, $super_admins ) ) {
+ $super_admins[] = $user->user_login;
+ update_site_option( 'site_admins' , $super_admins );
+ }
+}
+
+/**
+ * Revokes super admin privileges.
+ *
+ * @since 3.0.0
+ * @param $user_id
+ */
+function revoke_super_admin( $user_id ) {
+ $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
+ $admin_email = get_site_option( 'admin_email' );
+
+ $user = new WP_User( $user_id );
+ if ( $user->ID != $current_user->ID || $user->user_email != $admin_email ) {
+ foreach ( $super_admins as $key => $username ) {
+ if ( $username == $user->user_login ) {
+ unset( $super_admins[$key] );
+ break;
+ }
+ }
+ }
+
+ update_site_option( 'site_admins' , $super_admins );
+}
</ins><span class="cx"> ?>
</span></span></pre></div>
<a id="trunkwpadminmseditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-edit.php (13940 => 13941)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-edit.php 2010-04-02 06:12:49 UTC (rev 13940)
+++ trunk/wp-admin/ms-edit.php 2010-04-02 06:46:07 UTC (rev 13941)
</span><span class="lines">@@ -524,7 +524,7 @@
</span><span class="cx"> $doaction = $_POST['action'] != -1 ? $_POST['action'] : $_POST['action2'];
</span><span class="cx">
</span><span class="cx"> foreach ( (array) $_POST['allusers'] as $key => $val ) {
</span><del>- if ( $val != '' || $val != '0' ) {
</del><ins>+ if ( !empty( $val ) ) {
</ins><span class="cx"> switch ( $doaction ) {
</span><span class="cx"> case 'delete':
</span><span class="cx"> $title = __( 'Users' );
</span><span class="lines">@@ -539,34 +539,12 @@
</span><span class="cx">
</span><span class="cx"> case 'superadmin':
</span><span class="cx"> $userfunction = 'add_superadmin';
</span><del>- $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
-
- $user = new WP_User( $val );
- if ( ! in_array( $user->user_login, $super_admins ) ) {
- if ( $current_site->blog_id )
- add_user_to_blog( $current_site->blog_id, $user->ID, 'administrator' );
-
- $super_admins[] = $user->user_login;
- update_site_option( 'site_admins' , $super_admins );
- }
</del><ins>+ grant_super_admin( $val );
</ins><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'notsuperadmin':
</span><span class="cx"> $userfunction = 'remove_superadmin';
</span><del>- $super_admins = get_site_option( 'site_admins', array( 'admin' ) );
- $admin_email = get_site_option( 'admin_email' );
-
- $user = new WP_User( $val );
- if ( $user->ID != $current_user->ID || $user->user_email != $admin_email ) {
- foreach ( $super_admins as $key => $username ) {
- if ( $username == $user->user_login ) {
- unset( $super_admins[$key] );
- break;
- }
- }
- }
-
- update_site_option( 'site_admins' , $super_admins );
</del><ins>+ revoke_super_admin( $val );
</ins><span class="cx"> break;
</span><span class="cx">
</span><span class="cx"> case 'spam':
</span></span></pre></div>
<a id="trunkwpadminmsusersphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/ms-users.php (13940 => 13941)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/ms-users.php 2010-04-02 06:12:49 UTC (rev 13940)
+++ trunk/wp-admin/ms-users.php 2010-04-02 06:46:07 UTC (rev 13941)
</span><span class="lines">@@ -34,12 +34,6 @@
</span><span class="cx"> case 'add':
</span><span class="cx"> _e( 'User added.' );
</span><span class="cx"> break;
</span><del>- case 'add_superadmin':
- _e( 'Network admin added.' );
- break;
- case 'remove_superadmin':
- _e( 'Network admin removed.' );
- break;
</del><span class="cx"> }
</span><span class="cx"> ?>
</span><span class="cx"> </p></div>
</span><span class="lines">@@ -128,10 +122,8 @@
</span><span class="cx"> <select name="action">
</span><span class="cx"> <option value="-1" selected="selected"><?php _e( 'Bulk Actions' ); ?></option>
</span><span class="cx"> <option value="delete"><?php _e( 'Delete' ); ?></option>
</span><del>- <option value="spam"><?php _e( 'Mark as Spammers' ); ?></option>
</del><ins>+ <option value="spam"><?php _e( 'Mark as Spam' ); ?></option>
</ins><span class="cx"> <option value="notspam"><?php _e( 'Not Spam' ); ?></option>
</span><del>- <option value="superadmin"><?php _e( 'Add Super Admins' ); ?></option>
- <option value="notsuperadmin"><?php _e( 'Remove Super Admins' ); ?></option>
</del><span class="cx"> </select>
</span><span class="cx"> <input type="submit" value="<?php esc_attr_e( 'Apply' ); ?>" name="doaction" id="doaction" class="button-secondary action" />
</span><span class="cx"> <?php wp_nonce_field( 'bulk-ms-users' ); ?>
</span><span class="lines">@@ -227,15 +219,16 @@
</span><span class="cx">
</span><span class="cx"> case 'login':
</span><span class="cx"> $avatar = get_avatar( $user['user_email'], 32 );
</span><ins>+ $edit_link = ( $current_user->ID == $user['ID'] ) ? 'profile.php' : 'user-edit.php?user_id=' . $user['ID'];
</ins><span class="cx"> ?>
</span><span class="cx"> <td class="username column-username">
</span><del>- <?php echo $avatar; ?><strong><a href="<?php echo esc_url( admin_url( 'user-edit.php?user_id=' . $user['ID'] ) ); ?>" class="edit"><?php echo stripslashes( $user['user_login'] ); ?></a><?php
</del><ins>+ <?php echo $avatar; ?><strong><a href="<?php echo esc_url( admin_url( $edit_link ) ); ?>" class="edit"><?php echo stripslashes( $user['user_login'] ); ?></a><?php
</ins><span class="cx"> if ( in_array( $user['user_login'], $super_admins ) )
</span><span class="cx"> echo ' - ' . __( 'Super admin' );
</span><span class="cx"> ?></strong>
</span><span class="cx"> <br/>
</span><span class="cx"> <div class="row-actions">
</span><del>- <span class="edit"><a href="<?php echo esc_url( admin_url( 'user-edit.php?user_id=' . $user['ID'] ) ); ?>"><?php _e( 'Edit'); ?></a></span>
</del><ins>+ <span class="edit"><a href="<?php echo esc_url( admin_url( $edit_link ) ); ?>"><?php _e( 'Edit' ); ?></a></span>
</ins><span class="cx"> <?php if ( ! in_array( $user['user_login'], $super_admins ) ) { ?>
</span><span class="cx"> | <span class="delete"><a href="<?php echo $delete = esc_url( admin_url( add_query_arg( '_wp_http_referer', urlencode( stripslashes( $_SERVER['REQUEST_URI'] ) ), wp_nonce_url( 'ms-edit.php', 'deleteuser' ) . '&amp;action=deleteuser&amp;id=' . $user['ID'] ) ) ); ?>" class="delete"><?php _e( 'Delete' ); ?></a></span>
</span><span class="cx"> <?php } ?>
</span><span class="lines">@@ -323,10 +316,8 @@
</span><span class="cx"> <select name="action2">
</span><span class="cx"> <option value="-1" selected="selected"><?php _e( 'Bulk Actions' ); ?></option>
</span><span class="cx"> <option value="delete"><?php _e( 'Delete' ); ?></option>
</span><del>- <option value="spam"><?php _e( 'Mark as Spammers' ); ?></option>
</del><ins>+ <option value="spam"><?php _e( 'Mark as Spam' ); ?></option>
</ins><span class="cx"> <option value="notspam"><?php _e( 'Not Spam' ); ?></option>
</span><del>- <option value="superadmin"><?php _e( 'Add Super Admins' ); ?></option>
- <option value="notsuperadmin"><?php _e( 'Remove Super Admins' ); ?></option>
</del><span class="cx"> </select>
</span><span class="cx"> <input type="submit" value="<?php esc_attr_e( 'Apply' ); ?>" name="doaction2" id="doaction2" class="button-secondary action" />
</span><span class="cx"> </div>
</span></span></pre></div>
<a id="trunkwpadminusereditphp"></a>
<div class="modfile"><h4>Modified: trunk/wp-admin/user-edit.php (13940 => 13941)</h4>
<pre class="diff"><span>
<span class="info">--- trunk/wp-admin/user-edit.php 2010-04-02 06:12:49 UTC (rev 13940)
+++ trunk/wp-admin/user-edit.php 2010-04-02 06:46:07 UTC (rev 13941)
</span><span class="lines">@@ -9,9 +9,20 @@
</span><span class="cx"> /** WordPress Administration Bootstrap */
</span><span class="cx"> require_once('admin.php');
</span><span class="cx">
</span><del>-if ( !defined('IS_PROFILE_PAGE') )
- define('IS_PROFILE_PAGE', false);
</del><ins>+wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
</ins><span class="cx">
</span><ins>+$user_id = (int) $user_id;
+$current_user = wp_get_current_user();
+if ( ! defined( 'IS_PROFILE_PAGE' ) )
+ define( 'IS_PROFILE_PAGE', ( $user_id == $current_user->ID ) );
+
+if ( ! $user_id && IS_PROFILE_PAGE )
+ $user_id = $current_user->ID;
+elseif ( ! $user_id && ! IS_PROFILE_PAGE )
+ wp_die(__( 'Invalid user ID.' ) );
+elseif ( ! get_userdata( $user_id ) )
+ wp_die( __('Invalid user ID.') );
+
</ins><span class="cx"> wp_enqueue_script('user-profile');
</span><span class="cx"> wp_enqueue_script('password-strength-meter');
</span><span class="cx">
</span><span class="lines">@@ -22,23 +33,8 @@
</span><span class="cx"> $submenu_file = 'profile.php';
</span><span class="cx"> $parent_file = 'users.php';
</span><span class="cx">
</span><del>-wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
-
</del><span class="cx"> $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
</span><span class="cx">
</span><del>-$user_id = (int) $user_id;
-
-if ( !$user_id ) {
- if ( IS_PROFILE_PAGE ) {
- $current_user = wp_get_current_user();
- $user_id = $current_user->ID;
- } else {
- wp_die(__('Invalid user ID.'));
- }
-} elseif ( !get_userdata($user_id) ) {
- wp_die( __('Invalid user ID.') );
-}
-
</del><span class="cx"> $all_post_caps = array('posts', 'pages');
</span><span class="cx"> $user_can_edit = false;
</span><span class="cx"> foreach ( $all_post_caps as $post_cap )
</span><span class="lines">@@ -123,7 +119,10 @@
</span><span class="cx"> if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) )
</span><span class="cx"> $errors = edit_user($user_id);
</span><span class="cx"> if ( $delete_role ) // stops users being added to current blog when they are edited
</span><del>- update_user_meta( $user_id, $blog_prefix . 'capabilities' , '' );
</del><ins>+ delete_user_meta( $user_id, $blog_prefix . 'capabilities' );
+
+ if ( is_multisite() && is_super_admin() && !IS_PROFILE_PAGE )
+ empty( $_POST['super_admin'] ) ? revoke_super_admin( $user_id ) : grant_super_admin( $user_id );
</ins><span class="cx"> }
</span><span class="cx">
</span><span class="cx"> if ( !is_wp_error( $errors ) ) {
</span><span class="lines">@@ -142,6 +141,9 @@
</span><span class="cx"> include ('admin-header.php');
</span><span class="cx"> ?>
</span><span class="cx">
</span><ins>+<?php if ( !IS_PROFILE_PAGE && is_super_admin( $profileuser->ID ) ) { ?>
+ <div class="updated"><p><strong><?php _e('Important:'); ?></strong> <?php _e('This user has super admin privileges.'); ?></p></div>
+<?php } ?>
</ins><span class="cx"> <?php if ( isset($_GET['updated']) ) : ?>
</span><span class="cx"> <div id="message" class="updated">
</span><span class="cx"> <p><strong><?php _e('User updated.') ?></strong></p>
</span><span class="lines">@@ -165,7 +167,7 @@
</span><span class="cx"> <?php screen_icon(); ?>
</span><span class="cx"> <h2><?php echo esc_html( $title ); ?></h2>
</span><span class="cx">
</span><del>-<form id="your-profile" action="<?php if ( IS_PROFILE_PAGE ) { echo admin_url('profile.php'); } else { echo admin_url('user-edit.php'); } ?>" method="post">
</del><ins>+<form id="your-profile" action="<?php echo esc_url( admin_url( IS_PROFILE_PAGE ? 'profile.php' : 'user-edit.php' ) ); ?>" method="post">
</ins><span class="cx"> <?php wp_nonce_field('update-user_' . $user_id) ?>
</span><span class="cx"> <?php if ( $wp_http_referer ) : ?>
</span><span class="cx"> <input type="hidden" name="wp_http_referer" value="<?php echo esc_url($wp_http_referer); ?>" />
</span><span class="lines">@@ -232,7 +234,11 @@
</span><span class="cx"> else
</span><span class="cx"> echo '<option value="" selected="selected">' . __('&mdash; No role for this blog &mdash;') . '</option>';
</span><span class="cx"> ?>
</span><del>-</select></td></tr>
</del><ins>+</select>
+<?php if ( is_multisite() && is_super_admin() ) { ?>
+<p><label><input type="checkbox" id="super_admin" name="super_admin"<?php checked( is_super_admin( $profileuser->ID ) ); ?> /> <?php _e( 'Grant this user super admin privileges for the Network.'); ?></label></p>
+<?php } ?>
+</td></tr>
</ins><span class="cx"> <?php endif; //!IS_PROFILE_PAGE ?>
</span><span class="cx">
</span><span class="cx"> <tr>
</span><span class="lines">@@ -331,11 +337,10 @@
</span><span class="cx"> </table>
</span><span class="cx">
</span><span class="cx"> <?php
</span><del>- if ( IS_PROFILE_PAGE ) {
- do_action('show_user_profile', $profileuser);
- } else {
- do_action('edit_user_profile', $profileuser);
- }
</del><ins>+ if ( IS_PROFILE_PAGE )
+ do_action( 'show_user_profile', $profileuser );
+ else
+ do_action( 'edit_user_profile', $profileuser );
</ins><span class="cx"> ?>
</span><span class="cx">
</span><span class="cx"> <?php if ( count($profileuser->caps) > count($profileuser->roles) && apply_filters('additional_capabilities_display', true, $profileuser) ) { ?>
</span></span></pre>
</div>
</div>
</body>
</html>