Show Role in profile and user edit. Don't allow users with edit_users caps to demote themselves. Props: davidhouse, ringmaster. fixes #1825

git-svn-id: https://develop.svn.wordpress.org/trunk@2995 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
Ryan Boren 2005-11-06 03:58:52 +00:00
parent 1fb12a1eaa
commit c244bfd360
4 changed files with 31 additions and 1 deletions

View File

@ -256,6 +256,7 @@ function add_user() {
} }
function edit_user($user_id = 0) { function edit_user($user_id = 0) {
global $current_user, $wp_roles;
if ($user_id != 0) { if ($user_id != 0) {
$update = true; $update = true;
@ -276,6 +277,14 @@ function edit_user($user_id = 0) {
if (isset ($_POST['pass2'])) if (isset ($_POST['pass2']))
$pass2 = $_POST['pass2']; $pass2 = $_POST['pass2'];
if (isset ($_POST['role'])) {
if($user_id != $current_user->id || $wp_roles->role_objects[$_POST['role']]->has_cap('edit_users'))
$user->role = $_POST['role'];
}
if (isset ($_POST['role'])) {
$user->role = $_POST['role'];
}
if (isset ($_POST['email'])) if (isset ($_POST['email']))
$user->user_email = wp_specialchars(trim($_POST['email'])); $user->user_email = wp_specialchars(trim($_POST['email']));
if (isset ($_POST['url'])) { if (isset ($_POST['url'])) {

View File

@ -30,6 +30,10 @@ $bookmarklet_height= 440;
<p><label><?php _e('Username: (no editing)'); ?><br /> <p><label><?php _e('Username: (no editing)'); ?><br />
<input type="text" name="user_login" value="<?php echo $profiledata->user_login; ?>" disabled="disabled" /> <input type="text" name="user_login" value="<?php echo $profiledata->user_login; ?>" disabled="disabled" />
</label></p> </label></p>
<p><label><?php _e('Role: (no editing)') ?><br />
<input type="text" name="role" value="<?php echo $wp_roles->role_names[$profileuser->roles[0]] ?>" disabled="disabled" /></label></p>
<p><label><?php _e('First name:') ?><br /> <p><label><?php _e('First name:') ?><br />
<input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p> <input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p>

View File

@ -82,6 +82,18 @@ if (!current_user_can('edit_users')) $errors['head'] = __('You do not have permi
<p><label><?php _e('Username: (no editing)'); ?><br /> <p><label><?php _e('Username: (no editing)'); ?><br />
<input type="text" name="user_login" value="<?php echo $profiledata->user_login; ?>" disabled="disabled" /> <input type="text" name="user_login" value="<?php echo $profiledata->user_login; ?>" disabled="disabled" />
</label></p> </label></p>
<p><label><?php _e('Role:') ?><br />
<?php
// print_r($profileuser);
echo '<select name="role">';
foreach($wp_roles->role_names as $role => $name) {
$selected = ($profileuser->roles[0] == $role) ? ' selected="selected"' : '';
echo "<option value=\"{$role}\"{$selected}>{$name}</option>";
}
echo '</select>';
?></label></p>
<p><label><?php _e('First name:') ?><br /> <p><label><?php _e('First name:') ?><br />
<input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p> <input type="text" name="first_name" value="<?php echo $profiledata->first_name ?>" /></label></p>

View File

@ -59,7 +59,12 @@ function wp_insert_user($userdata) {
update_usermeta( $user_id, 'jabber', $jabber ); update_usermeta( $user_id, 'jabber', $jabber );
update_usermeta( $user_id, 'aim', $aim ); update_usermeta( $user_id, 'aim', $aim );
update_usermeta( $user_id, 'yim', $yim ); update_usermeta( $user_id, 'yim', $yim );
if ($update && !empty($role)) {
$user = new WP_User($user_id);
$user->set_role($role);
}
if ( !$update ) { if ( !$update ) {
$user = new WP_User($user_id); $user = new WP_User($user_id);
$user->set_role(get_settings('default_role')); $user->set_role(get_settings('default_role'));