1 | <?php |
---|
2 | /** |
---|
3 | * Multisite users administration panel. |
---|
4 | * |
---|
5 | * @package WordPress |
---|
6 | * @subpackage Multisite |
---|
7 | * @since 3.0.0 |
---|
8 | */ |
---|
9 | |
---|
10 | /** Load WordPress Administration Bootstrap */ |
---|
11 | require_once __DIR__ . '/admin.php'; |
---|
12 | |
---|
13 | if ( ! current_user_can( 'manage_network_users' ) ) { |
---|
14 | wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); |
---|
15 | } |
---|
16 | |
---|
17 | if ( isset( $_GET['action'] ) ) { |
---|
18 | /** This action is documented in wp-admin/network/edit.php */ |
---|
19 | do_action( 'wpmuadminedit' ); |
---|
20 | |
---|
21 | switch ( $_GET['action'] ) { |
---|
22 | case 'deleteuser': |
---|
23 | if ( ! current_user_can( 'manage_network_users' ) ) { |
---|
24 | wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); |
---|
25 | } |
---|
26 | |
---|
27 | check_admin_referer( 'deleteuser' ); |
---|
28 | |
---|
29 | $id = (int) $_GET['id']; |
---|
30 | if ( $id > 1 ) { |
---|
31 | $_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle arrays. |
---|
32 | |
---|
33 | // Used in the HTML title tag. |
---|
34 | $title = __( 'Users' ); |
---|
35 | $parent_file = 'users.php'; |
---|
36 | |
---|
37 | require_once ABSPATH . 'wp-admin/admin-header.php'; |
---|
38 | |
---|
39 | echo '<div class="wrap">'; |
---|
40 | confirm_delete_users( $_POST['allusers'] ); |
---|
41 | echo '</div>'; |
---|
42 | |
---|
43 | require_once ABSPATH . 'wp-admin/admin-footer.php'; |
---|
44 | } else { |
---|
45 | wp_redirect( network_admin_url( 'users.php' ) ); |
---|
46 | } |
---|
47 | exit; |
---|
48 | |
---|
49 | case 'allusers': |
---|
50 | if ( ! current_user_can( 'manage_network_users' ) ) { |
---|
51 | wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); |
---|
52 | } |
---|
53 | |
---|
54 | if ( isset( $_POST['action'] ) && isset( $_POST['allusers'] ) ) { |
---|
55 | check_admin_referer( 'bulk-users-network' ); |
---|
56 | |
---|
57 | $doaction = $_POST['action']; |
---|
58 | $userfunction = ''; |
---|
59 | |
---|
60 | foreach ( (array) $_POST['allusers'] as $user_id ) { |
---|
61 | if ( ! empty( $user_id ) ) { |
---|
62 | switch ( $doaction ) { |
---|
63 | case 'delete': |
---|
64 | �� if ( ! current_user_can( 'delete_users' ) ) { |
---|
65 | wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); |
---|
66 | } |
---|
67 | |
---|
68 | // Used in the HTML title tag. |
---|
69 | $title = __( 'Users' ); |
---|
70 | $parent_file = 'users.php'; |
---|
71 | |
---|
72 | require_once ABSPATH . 'wp-admin/admin-header.php'; |
---|
73 | |
---|
74 | echo '<div class="wrap">'; |
---|
75 | confirm_delete_users( $_POST['allusers'] ); |
---|
76 | echo '</div>'; |
---|
77 | |
---|
78 | require_once ABSPATH . 'wp-admin/admin-footer.php'; |
---|
79 | exit; |
---|
80 | |
---|
81 | case 'spam': |
---|
82 | $user = get_userdata( $user_id ); |
---|
83 | if ( is_super_admin( $user->ID ) ) { |
---|
84 | wp_die( |
---|
85 | sprintf( |
---|
86 | /* translators: %s: User login. */ |
---|
87 | __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), |
---|
88 | esc_html( $user->user_login ) |
---|
89 | ) |
---|
90 | ); |
---|
91 | } |
---|
92 | |
---|
93 | $userfunction = 'all_spam'; |
---|
94 | $blogs = get_blogs_of_user( $user_id, true ); |
---|
95 | |
---|
96 | foreach ( (array) $blogs as $details ) { |
---|
97 | if ( get_network()->site_id != $details->userblog_id ) { // Main blog is not a spam! |
---|
98 | update_blog_status( $details->userblog_id, 'spam', '1' ); |
---|
99 | } |
---|
100 | } |
---|
101 | |
---|
102 | $user_data = $user->to_array(); |
---|
103 | $user_data['spam'] = '1'; |
---|
104 | |
---|
105 | wp_update_user( $user_data ); |
---|
106 | break; |
---|
107 | |
---|
108 | case 'notspam': |
---|
109 | $user = get_userdata( $user_id ); |
---|
110 | |
---|
111 | $userfunction = 'all_notspam'; |
---|
112 | $blogs = get_blogs_of_user( $user_id, true ); |
---|
113 | |
---|
114 | foreach ( (array) $blogs as $details ) { |
---|
115 | update_blog_status( $details->userblog_id, 'spam', '0' ); |
---|
116 | } |
---|
117 | |
---|
118 | $user_data = $user->to_array(); |
---|
119 | $user_data['spam'] = '0'; |
---|
120 | |
---|
121 | wp_update_user( $user_data ); |
---|
122 | break; |
---|
123 | } |
---|
124 | } |
---|
125 | } |
---|
126 | |
---|
127 | if ( ! in_array( $doaction, array( 'delete', 'spam', 'notspam' ), true ) ) { |
---|
128 | $sendback = wp_get_referer(); |
---|
129 | $user_ids = (array) $_POST['allusers']; |
---|
130 | |
---|
131 | /** This action is documented in wp-admin/network/site-themes.php */ |
---|
132 | $sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores |
---|
133 | |
---|
134 | wp_safe_redirect( $sendback ); |
---|
135 | exit; |
---|
136 | } |
---|
137 | |
---|
138 | wp_safe_redirect( |
---|
139 | add_query_arg( |
---|
140 | array( |
---|
141 | 'updated' => 'true', |
---|
142 | 'action' => $userfunction, |
---|
143 | ), |
---|
144 | wp_get_referer() |
---|
145 | ) |
---|
146 | ); |
---|
147 | } else { |
---|
148 | $location = network_admin_url( 'users.php' ); |
---|
149 | |
---|
150 | if ( ! empty( $_REQUEST['paged'] ) ) { |
---|
151 | $location = add_query_arg( 'paged', (int) $_REQUEST['paged'], $location ); |
---|
152 | } |
---|
153 | wp_redirect( $location ); |
---|
154 | } |
---|
155 | exit; |
---|
156 | |
---|
157 | case 'dodelete': |
---|
158 | check_admin_referer( 'ms-users-delete' ); |
---|
159 | if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' ) ) ) { |
---|
160 | wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); |
---|
161 | } |
---|
162 | |
---|
163 | if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) { |
---|
164 | foreach ( $_POST['blog'] as $id => $users ) { |
---|
165 | foreach ( $users as $blogid => $user_id ) { |
---|
166 | if ( ! current_user_can( 'delete_user', $id ) ) { |
---|
167 | continue; |
---|
168 | } |
---|
169 | |
---|
170 | if ( ! empty( $_POST['delete'] ) && 'reassign' === $_POST['delete'][ $blogid ][ $id ] ) { |
---|
171 | remove_user_from_blog( $id, $blogid, (int) $user_id ); |
---|
172 | } else { |
---|
173 | remove_user_from_blog( $id, $blogid ); |
---|
174 | } |
---|
175 | } |
---|
176 | } |
---|
177 | } |
---|
178 | |
---|
179 | $i = 0; |
---|
180 | |
---|
181 | if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) { |
---|
182 | foreach ( $_POST['user'] as $id ) { |
---|
183 | if ( ! current_user_can( 'delete_user', $id ) ) { |
---|
184 | continue; |
---|
185 | } |
---|
186 | wpmu_delete_user( $id ); |
---|
187 | $i++; |
---|
188 | } |
---|
189 | } |
---|
190 | |
---|
191 | if ( 1 === $i ) { |
---|
192 | $deletefunction = 'delete'; |
---|
193 | } else { |
---|
194 | $deletefunction = 'all_delete'; |
---|
195 | } |
---|
196 | |
---|
197 | wp_redirect( |
---|
198 | add_query_arg( |
---|
199 | array( |
---|
200 | 'updated' => 'true', |
---|
201 | 'action' => $deletefunction, |
---|
202 | ), |
---|
203 | network_admin_url( 'users.php' ) |
---|
204 | ) |
---|
205 | ); |
---|
206 | exit; |
---|
207 | } |
---|
208 | } |
---|
209 | |
---|
210 | $wp_list_table = _get_list_table( 'WP_MS_Users_List_Table' ); |
---|
211 | $pagenum = $wp_list_table->get_pagenum(); |
---|
212 | $wp_list_table->prepare_items(); |
---|
213 | $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); |
---|
214 | |
---|
215 | if ( $pagenum > $total_pages && $total_pages > 0 ) { |
---|
216 | wp_redirect( add_query_arg( 'paged', $total_pages ) ); |
---|
217 | exit; |
---|
218 | } |
---|
219 | |
---|
220 | // Used in the HTML title tag. |
---|
221 | $title = __( 'Users' ); |
---|
222 | $parent_file = 'users.php'; |
---|
223 | |
---|
224 | add_screen_option( 'per_page' ); |
---|
225 | |
---|
226 | get_current_screen()->add_help_tab( |
---|
227 | array( |
---|
228 | 'id' => 'overview', |
---|
229 | 'title' => __( 'Overview' ), |
---|
230 | 'content' => |
---|
231 | '<p>' . __( 'This table shows all users across the network and the sites to which they are assigned.' ) . '</p>' . |
---|
232 | '<p>' . __( 'Hover over any user on the list to make the edit links appear. The Edit link on the left will take you to their Edit User profile page; the Edit link on the right by any site name goes to an Edit Site screen for that site.' ) . '</p>' . |
---|
233 | '<p>' . __( 'You can also go to the user’s profile page by clicking on the individual username.' ) . '</p>' . |
---|
234 | '<p>' . __( 'You can sort the table by clicking on any of the table headings and switch between list and excerpt views by using the icons above the users list.' ) . '</p>' . |
---|
235 | '<p>' . __( 'The bulk action will permanently delete selected users, or mark/unmark those selected as spam. Spam users will have posts removed and will be unable to sign up again with the same email addresses.' ) . '</p>' . |
---|
236 | '<p>' . __( 'You can make an existing user an additional super admin by going to the Edit User profile page and checking the box to grant that privilege.' ) . '</p>', |
---|
237 | ) |
---|
238 | ); |
---|
239 | |
---|
240 | get_current_screen()->set_help_sidebar( |
---|
241 | '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . |
---|
242 | '<p>' . __( '<a href="https://codex.wordpress.org/Network_Admin_Users_Screen">Documentation on Network Users</a>' ) . '</p>' . |
---|
243 | '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support Forums</a>' ) . '</p>' |
---|
244 | ); |
---|
245 | |
---|
246 | get_current_screen()->set_screen_reader_content( |
---|
247 | array( |
---|
248 | 'heading_views' => __( 'Filter users list' ), |
---|
249 | 'heading_pagination' => __( 'Users list navigation' ), |
---|
250 | 'heading_list' => __( 'Users list' ), |
---|
251 | ) |
---|
252 | ); |
---|
253 | |
---|
254 | require_once ABSPATH . 'wp-admin/admin-header.php'; |
---|
255 | |
---|
256 | if ( isset( $_REQUEST['updated'] ) && 'true' == $_REQUEST['updated'] && ! empty( $_REQUEST['action'] ) ) { |
---|
257 | ?> |
---|
258 | <div id="message" class="updated notice is-dismissible"><p> |
---|
259 | <?php |
---|
260 | switch ( $_REQUEST['action'] ) { |
---|
261 | case 'delete': |
---|
262 | _e( 'User deleted.' ); |
---|
263 | break; |
---|
264 | case 'all_spam': |
---|
265 | _e( 'Users marked as spam.' ); |
---|
266 | break; |
---|
267 | case 'all_notspam': |
---|
268 | _e( 'Users removed from spam.' ); |
---|
269 | break; |
---|
270 | case 'all_delete': |
---|
271 | _e( 'Users deleted.' ); |
---|
272 | break; |
---|
273 | case 'add': |
---|
274 | _e( 'User added.' ); |
---|
275 | break; |
---|
276 | } |
---|
277 | ?> |
---|
278 | </p></div> |
---|
279 | <?php |
---|
280 | } |
---|
281 | ?> |
---|
282 | <div class="wrap"> |
---|
283 | <h1 class="wp-heading-inline"><?php esc_html_e( 'Users' ); ?></h1> |
---|
284 | |
---|
285 | <?php |
---|
286 | if ( current_user_can( 'create_users' ) ) : |
---|
287 | ?> |
---|
288 | <a href="<?php echo esc_url( network_admin_url( 'user-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html_x( 'Add New', 'user' ); ?></a> |
---|
289 | <?php |
---|
290 | endif; |
---|
291 | |
---|
292 | if ( strlen( $usersearch ) ) { |
---|
293 | echo '<span class="subtitle">'; |
---|
294 | printf( |
---|
295 | /* translators: %s: Search query. */ |
---|
296 | __( 'Search results for: %s' ), |
---|
297 | '<strong>' . esc_html( $usersearch ) . '</strong>' |
---|
298 | ); |
---|
299 | echo '</span>'; |
---|
300 | } |
---|
301 | ?> |
---|
302 | |
---|
303 | <hr class="wp-header-end"> |
---|
304 | |
---|
305 | <?php $wp_list_table->views(); ?> |
---|
306 | |
---|
307 | <form method="get" class="search-form"> |
---|
308 | <?php $wp_list_table->search_box( __( 'Search Users' ), 'all-user' ); ?> |
---|
309 | </form> |
---|
310 | |
---|
311 | <form id="form-user-list" action="users.php?action=allusers" method="post"> |
---|
312 | <?php $wp_list_table->display(); ?> |
---|
313 | </form> |
---|
314 | </div> |
---|
315 | |
---|
316 | <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?> |
---|