Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644.
git-svn-id: https://develop.svn.wordpress.org/trunk@12753 602fd350-edb4-49c9-b593-d223f7449a82
This commit is contained in:
parent
e2adfc832a
commit
f260b32d25
@ -198,9 +198,9 @@ if ( isset($plugin_page) ) {
|
||||
require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
|
||||
|
||||
define('WP_IMPORTING', true);
|
||||
if ( is_multisite() ) {
|
||||
|
||||
if ( is_multisite() )
|
||||
kses_init_filters(); // Always filter imported data with kses.
|
||||
}
|
||||
|
||||
call_user_func($wp_importers[$importer][2]);
|
||||
|
||||
|
@ -369,6 +369,7 @@ function populate_roles() {
|
||||
populate_roles_260();
|
||||
populate_roles_270();
|
||||
populate_roles_280();
|
||||
populate_roles_300();
|
||||
}
|
||||
|
||||
/**
|
||||
@ -590,4 +591,19 @@ function populate_roles_280() {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Create and modify WordPress roles for WordPress 2.8.
|
||||
*
|
||||
* @since 2.8.0
|
||||
*/
|
||||
function populate_roles_300() {
|
||||
$role =& get_role( 'administrator' );
|
||||
|
||||
if ( !empty( $role ) ) {
|
||||
$role->add_cap( 'update_core' );
|
||||
$role->add_cap( 'remove_user' );
|
||||
$role->add_cap( 'remove_users' );
|
||||
}
|
||||
}
|
||||
|
||||
?>
|
||||
|
@ -82,10 +82,10 @@ function find_core_update( $version, $locale ) {
|
||||
}
|
||||
|
||||
function core_update_footer( $msg = '' ) {
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
if ( is_multisite() && !current_user_can('update_core') )
|
||||
return false;
|
||||
|
||||
if ( !current_user_can('manage_options') )
|
||||
if ( !current_user_can('update_core') )
|
||||
return sprintf( __( 'Version %s' ), $GLOBALS['wp_version'] );
|
||||
|
||||
$cur = get_preferred_from_update_core();
|
||||
@ -104,10 +104,8 @@ function core_update_footer( $msg = '' ) {
|
||||
break;
|
||||
|
||||
case 'upgrade' :
|
||||
if ( current_user_can('manage_options') ) {
|
||||
return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
|
||||
break;
|
||||
}
|
||||
return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
|
||||
break;
|
||||
|
||||
case 'latest' :
|
||||
default :
|
||||
@ -118,7 +116,7 @@ function core_update_footer( $msg = '' ) {
|
||||
add_filter( 'update_footer', 'core_update_footer' );
|
||||
|
||||
function update_nag() {
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
if ( is_multisite() && !current_user_can('update_core') )
|
||||
return false;
|
||||
|
||||
global $pagenow;
|
||||
@ -131,7 +129,7 @@ function update_nag() {
|
||||
if ( ! isset( $cur->response ) || $cur->response != 'upgrade' )
|
||||
return false;
|
||||
|
||||
if ( current_user_can('manage_options') )
|
||||
if ( current_user_can('update_core') )
|
||||
$msg = sprintf( __('WordPress %1$s is available! <a href="%2$s">Please update now</a>.'), $cur->current, 'update-core.php' );
|
||||
else
|
||||
$msg = sprintf( __('WordPress %1$s is available! Please notify the site administrator.'), $cur->current );
|
||||
@ -142,13 +140,13 @@ add_action( 'admin_notices', 'update_nag', 3 );
|
||||
|
||||
// Called directly from dashboard
|
||||
function update_right_now_message() {
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
if ( is_multisite() && !current_user_can('update_core') )
|
||||
return false;
|
||||
|
||||
$cur = get_preferred_from_update_core();
|
||||
|
||||
$msg = sprintf( __('You are using <span class="b">WordPress %s</span>.'), $GLOBALS['wp_version'] );
|
||||
if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('manage_options') )
|
||||
if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('update_core') )
|
||||
$msg .= " <a href='update-core.php' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
|
||||
|
||||
echo "<span id='wp-version-message'>$msg</span>";
|
||||
@ -169,6 +167,9 @@ function get_plugin_updates() {
|
||||
}
|
||||
|
||||
function wp_plugin_update_rows() {
|
||||
if ( !current_user_can('update_plugins' ) )
|
||||
return;
|
||||
|
||||
$plugins = get_site_transient( 'update_plugins' );
|
||||
if ( isset($plugins->response) && is_array($plugins->response) ) {
|
||||
$plugins = array_keys( $plugins->response );
|
||||
@ -205,10 +206,6 @@ function wp_plugin_update_row( $file, $plugin_data ) {
|
||||
}
|
||||
|
||||
function wp_update_plugin($plugin, $feedback = '') {
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
return false;
|
||||
|
||||
|
||||
if ( !empty($feedback) )
|
||||
add_filter('update_feedback', $feedback);
|
||||
|
||||
@ -234,7 +231,6 @@ function get_theme_updates() {
|
||||
}
|
||||
|
||||
function wp_update_theme($theme, $feedback = '') {
|
||||
|
||||
if ( !empty($feedback) )
|
||||
add_filter('update_feedback', $feedback);
|
||||
|
||||
@ -245,7 +241,6 @@ function wp_update_theme($theme, $feedback = '') {
|
||||
|
||||
|
||||
function wp_update_core($current, $feedback = '') {
|
||||
|
||||
if ( !empty($feedback) )
|
||||
add_filter('update_feedback', $feedback);
|
||||
|
||||
@ -260,7 +255,7 @@ function maintenance_nag() {
|
||||
if ( ! isset( $upgrading ) )
|
||||
return false;
|
||||
|
||||
if ( current_user_can('manage_options') )
|
||||
if ( current_user_can('update_core') )
|
||||
$msg = sprintf( __('An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.'), 'update-core.php' );
|
||||
else
|
||||
$msg = __('An automated WordPress update has failed to complete! Please notify the site administrator.');
|
||||
|
@ -259,7 +259,7 @@ if ( !function_exists('wp_upgrade') ) :
|
||||
* @return null
|
||||
*/
|
||||
function wp_upgrade() {
|
||||
global $wp_current_db_version, $wp_db_version;
|
||||
global $wp_current_db_version, $wp_db_version, $wpdb;
|
||||
|
||||
$wp_current_db_version = __get_option('db_version');
|
||||
|
||||
@ -276,6 +276,14 @@ function wp_upgrade() {
|
||||
make_db_current_silent();
|
||||
upgrade_all();
|
||||
wp_cache_flush();
|
||||
|
||||
if ( is_multisite() ) {
|
||||
if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
|
||||
$wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
|
||||
} else {
|
||||
$wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
|
||||
}
|
||||
}
|
||||
}
|
||||
endif;
|
||||
|
||||
@ -352,6 +360,9 @@ function upgrade_all() {
|
||||
if ( $wp_current_db_version < 11958 )
|
||||
upgrade_290();
|
||||
|
||||
if ( $wp_current_db_version < 12751 )
|
||||
upgrade_300();
|
||||
|
||||
maybe_disable_automattic_widgets();
|
||||
|
||||
update_option( 'db_version', $wp_db_version );
|
||||
@ -1006,6 +1017,14 @@ function upgrade_290() {
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Execute changes made in WordPress 3.0.
|
||||
*
|
||||
* @since 3.0
|
||||
*/
|
||||
function upgrade_300() {
|
||||
populate_roles_300();
|
||||
}
|
||||
|
||||
// The functions we use to actually do stuff
|
||||
|
||||
|
@ -30,12 +30,12 @@ $menu[0] = array( __('Dashboard'), 'read', 'index.php', '', 'menu-top', 'menu-da
|
||||
if ( is_multisite() && is_super_admin() ) {
|
||||
$menu[1] = array( '', 'read', 'separator0', '', 'wp-menu-separator' );
|
||||
$menu[2] = array(__('Site Admin'), '10', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div');
|
||||
$submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'delete_users', 'ms-admin.php' );
|
||||
$submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'delete_users', 'ms-sites.php' );
|
||||
$submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'delete_users', 'ms-users.php' );
|
||||
$submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'delete_users', 'ms-themes.php' );
|
||||
$submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'delete_users', 'ms-options.php' );
|
||||
$submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'delete_users', 'ms-upgrade-site.php' );
|
||||
$submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'super_admin', 'ms-admin.php' );
|
||||
$submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'super_admin', 'ms-sites.php' );
|
||||
$submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'super_admin', 'ms-users.php' );
|
||||
$submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'super_admin', 'ms-themes.php' );
|
||||
$submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'super_admin', 'ms-options.php' );
|
||||
$submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'super_admin', 'ms-upgrade-site.php' );
|
||||
}
|
||||
|
||||
$menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );
|
||||
@ -105,8 +105,7 @@ $menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-to
|
||||
$submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
|
||||
if ( !is_multisite() )
|
||||
$submenu['themes.php'][10] = array(__('Editor'), 'edit_themes', 'theme-editor.php');
|
||||
if ( is_super_admin() )
|
||||
$submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
|
||||
$submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
|
||||
|
||||
$update_plugins = get_site_transient( 'update_plugins' );
|
||||
$update_count = 0;
|
||||
@ -117,10 +116,8 @@ $menu_perms = get_site_option('menu_items', array());
|
||||
if ( is_super_admin() || is_multisite() && $menu_perms['plugins'] ) {
|
||||
$menu[65] = array( sprintf( __('Plugins %s'), "<span class='update-plugins count-$update_count'><span class='plugin-count'>" . number_format_i18n($update_count) . "</span></span>" ), 'activate_plugins', 'plugins.php', '', 'menu-top', 'menu-plugins', 'div' );
|
||||
$submenu['plugins.php'][5] = array( __('Installed'), 'activate_plugins', 'plugins.php' );
|
||||
if ( is_super_admin() ) {
|
||||
/* translators: add new plugin */
|
||||
$submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
|
||||
}
|
||||
/* translators: add new plugin */
|
||||
$submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
|
||||
if ( !is_multisite() )
|
||||
$submenu['plugins.php'][15] = array( __('Editor'), 'edit_plugins', 'plugin-editor.php' );
|
||||
}
|
||||
|
@ -292,14 +292,17 @@ endfor;
|
||||
</tr>
|
||||
<?php do_settings_fields('general', 'default'); ?>
|
||||
<?php
|
||||
if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) )
|
||||
while( ( $lang_file = readdir( $dh ) ) !== false )
|
||||
|
||||
$lang_files = array();
|
||||
if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) ) {
|
||||
while ( ( $lang_file = readdir( $dh ) ) !== false ) {
|
||||
if ( substr( $lang_file, -3 ) == '.mo' )
|
||||
$lang_files[] = $lang_file;
|
||||
$lang = get_option('WPLANG');
|
||||
}
|
||||
}
|
||||
|
||||
if ( is_array($lang_files) && !empty($lang_files) ) {
|
||||
?>
|
||||
if ( !empty($lang_files) ) {
|
||||
?>
|
||||
<tr valign="top">
|
||||
<th width="33%" scope="row"><?php _e('Blog language:') ?></th>
|
||||
<td>
|
||||
@ -308,7 +311,7 @@ if ( is_array($lang_files) && !empty($lang_files) ) {
|
||||
</select>
|
||||
</td>
|
||||
</tr>
|
||||
<?php
|
||||
<?php
|
||||
} // languages
|
||||
?>
|
||||
</table>
|
||||
|
@ -118,11 +118,6 @@ default:
|
||||
<?php wp_nonce_field('options-options') ?>
|
||||
<input type="hidden" name="action" value="update" />
|
||||
<input type='hidden' name='option_page' value='options' />
|
||||
<?php if ( is_multisite() ) { ?>
|
||||
<p class="submit submit-top">
|
||||
<input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" class="button-primary" />
|
||||
</p>
|
||||
<?php } ?>
|
||||
<table class="form-table">
|
||||
<?php
|
||||
$options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");
|
||||
|
@ -231,7 +231,7 @@ wp_enqueue_script('plugin-install');
|
||||
add_thickbox();
|
||||
|
||||
$help = '<p>' . __('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.') . '</p>';
|
||||
if ( !is_multisite() || is_super_admin() ) {
|
||||
if ( current_user_can('edit_plugins') ) {
|
||||
$help .= '<p>' . sprintf(__('If something goes wrong with a plugin and you can’t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), WP_PLUGIN_DIR) . '</p>';
|
||||
$help .= '<p>' . sprintf(__('You can find additional plugins for your site by using the new <a href="%1$s">Plugin Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/plugins/">WordPress Plugin Directory</a> directly and installing manually. To <em>manually</em> install a plugin you generally just need to upload the plugin file into your <code>%2$s</code> directory. Once a plugin has been installed, you may activate it here.'), 'plugin-install.php', WP_PLUGIN_DIR) . '</p>';
|
||||
}
|
||||
@ -284,7 +284,7 @@ if ( !empty($invalid) )
|
||||
|
||||
<div class="wrap">
|
||||
<?php screen_icon(); ?>
|
||||
<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
|
||||
<h2><?php echo esc_html( $title ); if ( current_user_can('install_plugins') ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
|
||||
|
||||
<?php
|
||||
|
||||
@ -325,9 +325,8 @@ foreach ( (array)$all_plugins as $plugin_file => $plugin_data) {
|
||||
$upgrade_plugins[ $plugin_file ] = $plugin_data;
|
||||
}
|
||||
|
||||
if ( is_multisite() && !is_super_admin() ) {
|
||||
$upgrade_plugins = false;
|
||||
}
|
||||
if ( !current_user_can('update_plugins') )
|
||||
$upgrade_plugins = array();
|
||||
|
||||
$total_all_plugins = count($all_plugins);
|
||||
$total_inactive_plugins = count($inactive_plugins);
|
||||
|
@ -67,7 +67,7 @@ add_thickbox();
|
||||
wp_enqueue_script( 'theme-preview' );
|
||||
|
||||
require_once('admin-header.php');
|
||||
if ( is_multisite() && is_super_admin() ) {
|
||||
if ( is_multisite() && current_user_can('edit_themes') ) {
|
||||
?><div id="message0" class="updated fade"><p><?php _e('Administrator: new themes must be activated in the <a href="wpmu-themes.php">Themes Admin</a> page before they appear here.'); ?></p></div><?php
|
||||
}
|
||||
?>
|
||||
@ -126,7 +126,7 @@ $themes = array_slice( $themes, $start, $per_page );
|
||||
function theme_update_available( $theme ) {
|
||||
static $themes_update;
|
||||
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
if ( !current_user_can('update_themes' ) )
|
||||
return;
|
||||
|
||||
if ( !isset($themes_update) )
|
||||
@ -159,7 +159,7 @@ function theme_update_available( $theme ) {
|
||||
|
||||
<div class="wrap">
|
||||
<?php screen_icon(); ?>
|
||||
<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
|
||||
<h2><?php echo esc_html( $title ); if ( !current_user_can('install_themes') ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
|
||||
|
||||
<h3><?php _e('Current Theme'); ?></h3>
|
||||
<div id="current-theme">
|
||||
@ -170,7 +170,7 @@ function theme_update_available( $theme ) {
|
||||
/* translators: 1: theme title, 2: theme version, 3: theme author */
|
||||
printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h4>
|
||||
<p class="theme-description"><?php echo $ct->description; ?></p>
|
||||
<?php if ( ( !is_multisite() || is_super_admin() ) && $ct->parent_theme ) { ?>
|
||||
<?php if ( current_user_can('edit_themes') && $ct->parent_theme ) { ?>
|
||||
<p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ), $ct->title, $ct->parent_theme); ?></p>
|
||||
<?php } else { ?>
|
||||
<p><?php printf(__('All of this theme’s files are located in <code>%2$s</code>.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ) ); ?></p>
|
||||
@ -265,7 +265,7 @@ foreach ( $cols as $col => $theme_name ) {
|
||||
printf(__('%1$s %2$s by %3$s'), $title, $version, $author) ; ?></h3>
|
||||
<p class="description"><?php echo $description; ?></p>
|
||||
<span class='action-links'><?php echo $actions ?></span>
|
||||
<?php if ( ( !is_multisite() || is_super_admin() ) && $parent_theme ) {
|
||||
<?php if ( current_user_can('edit_themes') && $parent_theme ) {
|
||||
/* translators: 1: theme title, 2: template dir, 3: stylesheet_dir, 4: theme title, 5: parent_theme */ ?>
|
||||
<p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $title, str_replace( WP_CONTENT_DIR, '', $template_dir ), str_replace( WP_CONTENT_DIR, '', $stylesheet_dir ), $title, $parent_theme); ?></p>
|
||||
<?php } else { ?>
|
||||
@ -298,7 +298,7 @@ foreach ( $cols as $col => $theme_name ) {
|
||||
<?php
|
||||
// List broken themes, if any.
|
||||
$broken_themes = get_broken_themes();
|
||||
if ( ( !is_multisite() || is_super_admin() ) && count( $broken_themes ) ) {
|
||||
if ( current_user_can('edit_themes') && count( $broken_themes ) ) {
|
||||
?>
|
||||
|
||||
<h2><?php _e('Broken Themes'); ?> <?php if ( is_multisite() ) _e( '(Site admin only)' ); ?></h2>
|
||||
|
@ -85,11 +85,6 @@ switch ( $step ) :
|
||||
$backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
|
||||
$backto = esc_url_raw( $backto );
|
||||
$backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
|
||||
if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
|
||||
$wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
|
||||
} else {
|
||||
$wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
|
||||
}
|
||||
?>
|
||||
<h2><?php _e( 'Upgrade Complete' ); ?></h2>
|
||||
<p><?php _e( 'Your WordPress database has been successfully upgraded!' ); ?></p>
|
||||
|
@ -15,6 +15,10 @@ require_once( ABSPATH . WPINC . '/registration.php');
|
||||
if ( !current_user_can('edit_users') )
|
||||
wp_die(__('Cheatin’ uh?'));
|
||||
|
||||
$del_cap_type = 'remove';
|
||||
if ( !is_multisite() && current_user_can('delete_users') )
|
||||
$del_cap_type = 'delete';
|
||||
|
||||
$title = __('Users');
|
||||
$parent_file = 'users.php';
|
||||
|
||||
@ -43,22 +47,22 @@ switch ($doaction) {
|
||||
case 'promote':
|
||||
check_admin_referer('bulk-users');
|
||||
|
||||
if (empty($_REQUEST['users'])) {
|
||||
if ( empty($_REQUEST['users']) ) {
|
||||
wp_redirect($redirect);
|
||||
exit();
|
||||
}
|
||||
|
||||
$editable_roles = get_editable_roles();
|
||||
if (!$editable_roles[$_REQUEST['new_role']])
|
||||
if ( !$editable_roles[$_REQUEST['new_role']] )
|
||||
wp_die(__('You can’t give users that role.'));
|
||||
|
||||
$userids = $_REQUEST['users'];
|
||||
$update = 'promote';
|
||||
foreach($userids as $id) {
|
||||
foreach ( $userids as $id ) {
|
||||
if ( ! current_user_can('edit_user', $id) )
|
||||
wp_die(__('You can’t edit that user.'));
|
||||
// The new role of the current user must also have edit_users caps
|
||||
if($id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users')) {
|
||||
if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users') ) {
|
||||
$update = 'err_admin_role';
|
||||
continue;
|
||||
}
|
||||
@ -81,7 +85,7 @@ case 'dodelete':
|
||||
exit();
|
||||
}
|
||||
|
||||
if ( !current_user_can('delete_users') )
|
||||
if ( !current_user_can($del_cap_type . '_users') )
|
||||
wp_die(__('You can’t delete users.'));
|
||||
|
||||
$userids = $_REQUEST['users'];
|
||||
@ -89,27 +93,25 @@ case 'dodelete':
|
||||
$delete_count = 0;
|
||||
|
||||
foreach ( (array) $userids as $id) {
|
||||
if ( ! current_user_can('delete_user', $id) )
|
||||
if ( ! current_user_can($del_cap_type . '_user', $id) )
|
||||
wp_die(__('You can’t delete that user.'));
|
||||
|
||||
if ($id == $current_user->ID) {
|
||||
if ( $id == $current_user->ID ) {
|
||||
$update = 'err_admin_del';
|
||||
continue;
|
||||
}
|
||||
switch($_REQUEST['delete_option']) {
|
||||
switch ( $_REQUEST['delete_option'] ) {
|
||||
case 'delete':
|
||||
if ( !is_multisite() ) {
|
||||
if ( !is_multisite() && current_user_can('delete_user', $id) )
|
||||
wp_delete_user($id);
|
||||
} else {
|
||||
else
|
||||
remove_user_from_blog($id, $blog_id); // WPMU only remove user from blog
|
||||
}
|
||||
break;
|
||||
case 'reassign':
|
||||
if ( !is_multisite() ) {
|
||||
if ( !is_multisite() && current_user_can('delete_user', $id) )
|
||||
wp_delete_user($id, $_REQUEST['reassign_user']);
|
||||
} else {
|
||||
else
|
||||
remove_user_from_blog($id, $blog_id, $_REQUEST['reassign_user']);
|
||||
}
|
||||
break;
|
||||
}
|
||||
++$delete_count;
|
||||
@ -130,7 +132,7 @@ case 'delete':
|
||||
exit();
|
||||
}
|
||||
|
||||
if ( !current_user_can('delete_users') )
|
||||
if ( !current_user_can($del_cap_type . '_users') )
|
||||
$errors = new WP_Error('edit_users', __('You can’t delete users.'));
|
||||
|
||||
if ( empty($_REQUEST['users']) )
|
||||
|
@ -717,6 +717,10 @@ class WP_User {
|
||||
$cap = $this->translate_level_to_cap( $cap );
|
||||
}
|
||||
|
||||
// Multisite super admin has all caps by definition.
|
||||
if ( is_multisite() && is_super_admin() )
|
||||
return true;
|
||||
|
||||
$args = array_slice( func_get_args(), 1 );
|
||||
$args = array_merge( array( $cap, $this->ID ), $args );
|
||||
$caps = call_user_func_array( 'map_meta_cap', $args );
|
||||
@ -962,6 +966,9 @@ function map_meta_cap( $cap, $user_id ) {
|
||||
case 'update_themes':
|
||||
case 'install_themes':
|
||||
case 'edit_themes':
|
||||
case 'update_core':
|
||||
case 'delete_user':
|
||||
case 'delete_users':
|
||||
// If multisite these caps are allowed only for super admins.
|
||||
if ( is_multisite() && !is_super_admin() )
|
||||
$caps[] = 'do_not_allow';
|
||||
|
@ -3251,12 +3251,10 @@ function wp_get_attachment_url( $post_id = 0 ) {
|
||||
if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] ) { //Get upload directory
|
||||
if ( 0 === strpos($file, $uploads['basedir']) ) //Check that the upload base exists in the file location
|
||||
$url = str_replace($uploads['basedir'], $uploads['baseurl'], $file); //replace file location with url location
|
||||
elseif ( !is_multisite() ) {
|
||||
if ( false !== strpos($file, 'wp-content/uploads') )
|
||||
$url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
|
||||
else
|
||||
$url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
|
||||
}
|
||||
elseif ( false !== strpos($file, 'wp-content/uploads') )
|
||||
$url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
|
||||
else
|
||||
$url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -15,7 +15,7 @@ $wp_version = '3.0-alpha';
|
||||
*
|
||||
* @global int $wp_db_version
|
||||
*/
|
||||
$wp_db_version = 12329;
|
||||
$wp_db_version = 12751;
|
||||
|
||||
/**
|
||||
* Holds the TinyMCE version
|
||||
|
@ -370,14 +370,13 @@ class wpdb {
|
||||
if ( WP_DEBUG )
|
||||
$this->show_errors();
|
||||
|
||||
if( is_multisite() ) {
|
||||
$this->charset = 'utf8';
|
||||
if( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' ) {
|
||||
$this->collate = constant( 'DB_COLLATE' );
|
||||
} else {
|
||||
$this->collate = 'utf8_general_ci';
|
||||
}
|
||||
}
|
||||
if ( is_multisite() ) {
|
||||
$this->charset = 'utf8';
|
||||
if ( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' )
|
||||
$this->collate = constant( 'DB_COLLATE' );
|
||||
else
|
||||
$this->collate = 'utf8_general_ci';
|
||||
}
|
||||
|
||||
if ( defined('DB_CHARSET') )
|
||||
$this->charset = DB_CHARSET;
|
||||
@ -446,12 +445,12 @@ class wpdb {
|
||||
if ( preg_match('|[^a-z0-9_]|i', $prefix) )
|
||||
return new WP_Error('invalid_db_prefix', /*WP_I18N_DB_BAD_PREFIX*/'Invalid database prefix'/*/WP_I18N_DB_BAD_PREFIX*/);
|
||||
|
||||
if( is_multisite() ) {
|
||||
$old_prefix = '';
|
||||
} else {
|
||||
$old_prefix = $prefix;
|
||||
}
|
||||
if( isset( $this->base_prefix ) )
|
||||
if ( is_multisite() )
|
||||
$old_prefix = '';
|
||||
else
|
||||
$old_prefix = $prefix;
|
||||
|
||||
if ( isset( $this->base_prefix ) )
|
||||
$old_prefix = $this->base_prefix;
|
||||
$this->base_prefix = $prefix;
|
||||
foreach ( $this->global_tables as $table )
|
||||
@ -664,22 +663,22 @@ class wpdb {
|
||||
if ( !$this->show_errors )
|
||||
return false;
|
||||
|
||||
// If there is an error then take note of it
|
||||
if( is_multisite() ) {
|
||||
$msg = "WordPress database error: [$str]\n{$this->last_query}\n";
|
||||
if( defined( 'ERRORLOGFILE' ) )
|
||||
error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
|
||||
if( defined( 'DIEONDBERROR' ) )
|
||||
die( $msg );
|
||||
} else {
|
||||
$str = htmlspecialchars($str, ENT_QUOTES);
|
||||
$query = htmlspecialchars($this->last_query, ENT_QUOTES);
|
||||
// If there is an error then take note of it
|
||||
if ( is_multisite() ) {
|
||||
$msg = "WordPress database error: [$str]\n{$this->last_query}\n";
|
||||
if ( defined( 'ERRORLOGFILE' ) )
|
||||
error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
|
||||
if ( defined( 'DIEONDBERROR' ) )
|
||||
die( $msg );
|
||||
} else {
|
||||
$str = htmlspecialchars($str, ENT_QUOTES);
|
||||
$query = htmlspecialchars($this->last_query, ENT_QUOTES);
|
||||
|
||||
print "<div id='error'>
|
||||
<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
|
||||
<code>$query</code></p>
|
||||
</div>";
|
||||
}
|
||||
print "<div id='error'>
|
||||
<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
|
||||
<code>$query</code></p>
|
||||
</div>";
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
@ -739,10 +738,10 @@ class wpdb {
|
||||
|
||||
function db_connect( $query = "SELECT" ) {
|
||||
global $db_list, $global_db_list;
|
||||
if( is_array( $db_list ) == false )
|
||||
if ( is_array( $db_list ) == false )
|
||||
return true;
|
||||
|
||||
if( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
|
||||
if ( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
|
||||
$action = 'global';
|
||||
$details = $global_db_list[ mt_rand( 0, count( $global_db_list ) -1 ) ];
|
||||
$this->db_global = $details;
|
||||
|
Loading…
Reference in New Issue
Block a user