Correct user admin redirection checks, and deny access to the user admin when not running multisite. fixes #16297.

git-svn-id: https://develop.svn.wordpress.org/trunk@17332 602fd350-edb4-49c9-b593-d223f7449a82

wp-admin/user/admin.php

@@ -11,6 +11,11 @@ define('WP_USER_ADMIN', TRUE);
 
 require_once( dirname(dirname(__FILE__)) . '/admin.php');
 
+if ( ! is_multisite() ) {
+	wp_redirect( admin_url() );
+	exit;
+}
+
 if ( ! is_main_site() ) {
 	wp_redirect( user_admin_url() );
 	exit;

wp-login.php

@@ -586,7 +586,7 @@ default:
 		// If the user doesn't belong to a blog, send them to user admin. If the user can't edit posts, send them to their profile.
 		if ( is_multisite() && !get_active_blog_for_user($user->id) )
 			$redirect_to = user_admin_url();
-		elseif ( !is_multisite() && !$user->has_cap('read') )
+		elseif ( is_multisite() && !$user->has_cap('read') )
 			$redirect_to = user_admin_url();
 		elseif ( !$user->has_cap('edit_posts') && ( empty( $redirect_to ) || $redirect_to == 'wp-admin/' || $redirect_to == admin_url() ) )
 			$redirect_to = admin_url('profile.php');