ID;
} else {
wp_die(__('Invalid user ID.'));
}
} elseif ( !get_userdata($user_id) ) {
wp_die( __('Invalid user ID.') );
}
$all_post_caps = array('posts', 'pages');
$user_can_edit = false;
foreach ( $all_post_caps as $post_cap )
$user_can_edit |= current_user_can("edit_$post_cap");
/**
* Optional SSL preference that can be turned on by hooking to the 'personal_options' action.
*
* @since 2.7.0
*
* @param object $user User data object
*/
function use_ssl_preference($user) {
?>
|
|
ID )
wp_die( __( 'You do not have permission to edit this user.' ) );
// Execute confirmed email change. See send_confirmation_on_profile_email().
if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) {
$new_email = get_option( $current_user->ID . '_new_email' );
if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) {
$user->ID = $current_user->ID;
$user->user_email = wp_specialchars( trim( $new_email[ 'newemail' ] ) );
if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) )
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) );
wp_update_user( get_object_vars( $user ) );
delete_option( $current_user->ID . '_new_email' );
wp_redirect( add_query_arg( array('updated' => 'true'), admin_url( 'profile.php' ) ) );
die();
}
}
switch ($action) {
case 'switchposts':
check_admin_referer();
/* TODO: Switch all posts from one user to another user */
break;
case 'update':
check_admin_referer('update-user_' . $user_id);
if ( !current_user_can('edit_user', $user_id) )
wp_die(__('You do not have permission to edit this user.'));
if ( IS_PROFILE_PAGE )
do_action('personal_options_update', $user_id);
else
do_action('edit_user_profile_update', $user_id);
if ( !is_multisite() ) {
$errors = edit_user($user_id);
} else {
$user = get_userdata( $user_id );
// Update the email address in signups, if present.
if ( $user->user_login && isset( $_POST[ 'email' ] ) && is_email( $_POST[ 'email' ] ) && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login ) ) )
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST[ 'email' ], $user_login ) );
// WPMU must delete the user from the current blog if WP added him after editing.
$delete_role = false;
$blog_prefix = $wpdb->get_blog_prefix();
if ( $user_id != $current_user->ID ) {
$cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" );
if ( null == $cap && $_POST[ 'role' ] == '' ) {
$_POST[ 'role' ] = 'contributor';
$delete_role = true;
}
}
if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) )
$errors = edit_user($user_id);
if ( $delete_role ) // stops users being added to current blog when they are edited
update_usermeta( $user_id, $blog_prefix . 'capabilities' , '' );
}
if ( !is_wp_error( $errors ) ) {
$redirect = (IS_PROFILE_PAGE ? "profile.php?" : "user-edit.php?user_id=$user_id&"). "updated=true";
$redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
wp_redirect($redirect);
exit;
}
default:
$profileuser = get_user_to_edit($user_id);
if ( !current_user_can('edit_user', $user_id) )
wp_die(__('You do not have permission to edit this user.'));
include ('admin-header.php');
?>
get_error_messages() as $message )
echo "- $message
";
?>