Force the user to explicitly choose between content deletion and reassignment when deleting users. props Dan Rivera, Ben Brooks, GhostToast. fixes #20045.
git-svn-id: https://develop.svn.wordpress.org/trunk@22166 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
77892ba183
commit
b4f8bc836e
@ -75,6 +75,22 @@ if ( empty($_REQUEST) ) {
|
||||
|
||||
$update = '';
|
||||
|
||||
/**
|
||||
* @since 3.5.0
|
||||
* @access private
|
||||
*/
|
||||
function delete_users_add_js() { ?>
|
||||
<script>
|
||||
jQuery(document).ready( function($) {
|
||||
var submit = $('#submit').prop('disabled', true);
|
||||
$('input[name=delete_option]').one('change', function() {
|
||||
submit.prop('disabled', false);
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<?php
|
||||
}
|
||||
|
||||
switch ( $wp_list_table->current_action() ) {
|
||||
|
||||
/* Bulk Dropdown menu Role changes */
|
||||
@ -131,16 +147,22 @@ case 'dodelete':
|
||||
exit();
|
||||
}
|
||||
|
||||
$userids = array_map( 'intval', (array) $_REQUEST['users'] );
|
||||
|
||||
if ( empty( $_REQUEST['delete_option'] ) ) {
|
||||
$url = self_admin_url( 'users.php?action=delete&users[]=' . implode( '&users[]=', $userids ) . '&error=true' );
|
||||
$url = str_replace( '&', '&', wp_nonce_url( $url, 'bulk-users' ) );
|
||||
wp_redirect( $url );
|
||||
exit;
|
||||
}
|
||||
|
||||
if ( ! current_user_can( 'delete_users' ) )
|
||||
wp_die(__('You can’t delete users.'));
|
||||
|
||||
$userids = $_REQUEST['users'];
|
||||
$update = 'del';
|
||||
$delete_count = 0;
|
||||
|
||||
foreach ( (array) $userids as $id) {
|
||||
$id = (int) $id;
|
||||
|
||||
foreach ( $userids as $id ) {
|
||||
if ( ! current_user_can( 'delete_user', $id ) )
|
||||
wp_die(__( 'You can’t delete that user.' ) );
|
||||
|
||||
@ -150,12 +172,10 @@ case 'dodelete':
|
||||
}
|
||||
switch ( $_REQUEST['delete_option'] ) {
|
||||
case 'delete':
|
||||
if ( current_user_can('delete_user', $id) )
|
||||
wp_delete_user($id);
|
||||
wp_delete_user( $id );
|
||||
break;
|
||||
case 'reassign':
|
||||
if ( current_user_can('delete_user', $id) )
|
||||
wp_delete_user($id, $_REQUEST['reassign_user']);
|
||||
wp_delete_user( $id, $_REQUEST['reassign_user'] );
|
||||
break;
|
||||
}
|
||||
++$delete_count;
|
||||
@ -182,9 +202,11 @@ case 'delete':
|
||||
$errors = new WP_Error( 'edit_users', __( 'You can’t delete users.' ) );
|
||||
|
||||
if ( empty($_REQUEST['users']) )
|
||||
$userids = array(intval($_REQUEST['user']));
|
||||
$userids = array( intval( $_REQUEST['user'] ) );
|
||||
else
|
||||
$userids = (array) $_REQUEST['users'];
|
||||
$userids = array_map( 'intval', (array) $_REQUEST['users'] );
|
||||
|
||||
add_action( 'admin_head', 'delete_users_add_js' );
|
||||
|
||||
include ('admin-header.php');
|
||||
?>
|
||||
@ -195,12 +217,16 @@ case 'delete':
|
||||
<div class="wrap">
|
||||
<?php screen_icon(); ?>
|
||||
<h2><?php _e('Delete Users'); ?></h2>
|
||||
<?php if ( isset( $_REQUEST['error'] ) ) : ?>
|
||||
<div class="error">
|
||||
<p><strong><?php _e( 'ERROR:' ); ?></strong> <?php _e( 'Please select an option.' ); ?></p>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
<p><?php echo _n( 'You have specified this user for deletion:', 'You have specified these users for deletion:', count( $userids ) ); ?></p>
|
||||
<ul>
|
||||
<?php
|
||||
$go_delete = 0;
|
||||
foreach ( $userids as $id ) {
|
||||
$id = (int) $id;
|
||||
$user = get_userdata( $id );
|
||||
if ( $id == $current_user->ID ) {
|
||||
echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n";
|
||||
@ -214,10 +240,10 @@ case 'delete':
|
||||
<?php if ( $go_delete ) : ?>
|
||||
<fieldset><p><legend><?php echo _n( 'What should be done with posts owned by this user?', 'What should be done with posts owned by these users?', $go_delete ); ?></legend></p>
|
||||
<ul style="list-style:none;">
|
||||
<li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />
|
||||
<li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" />
|
||||
<?php _e('Delete all posts.'); ?></label></li>
|
||||
<li><input type="radio" id="delete_option1" name="delete_option" value="reassign" />
|
||||
<?php echo '<label for="delete_option1">'.__('Attribute all posts to:').'</label>';
|
||||
<?php echo '<label for="delete_option1">' . __( 'Attribute all posts to:' ) . '</label> ';
|
||||
wp_dropdown_users( array( 'name' => 'reassign_user', 'exclude' => array_diff( $userids, array($current_user->ID) ) ) ); ?></li>
|
||||
</ul></fieldset>
|
||||
<input type="hidden" name="action" value="dodelete" />
|
||||
|
Loading…
Reference in New Issue
Block a user