2010-11-04 12:16:52 -04:00
< ? php
/**
2013-05-29 19:35:13 -04:00
* Add New User network administration panel .
2010-11-04 12:16:52 -04:00
*
* @ package WordPress
2010-11-10 09:27:15 -05:00
* @ subpackage Multisite
2010-11-04 12:16:52 -04:00
* @ since 3.1 . 0
*/
/** Load WordPress Administration Bootstrap */
2020-02-06 01:33:11 -05:00
require_once __DIR__ . '/admin.php' ;
2010-11-04 12:16:52 -04:00
2017-11-30 18:11:00 -05:00
if ( ! current_user_can ( 'create_users' ) ) {
wp_die ( __ ( 'Sorry, you are not allowed to add users to this network.' ) );
}
2010-11-04 12:16:52 -04:00
2017-11-30 18:11:00 -05:00
get_current_screen () -> add_help_tab (
array (
'id' => 'overview' ,
'title' => __ ( 'Overview' ),
'content' =>
'<p>' . __ ( 'Add User will set up a new user account on the network and send that person an email with username and password.' ) . '</p>' .
'<p>' . __ ( 'Users who are signed up to the network without a site are added as subscribers to the main or primary dashboard site, giving them profile pages to manage their accounts. These users will only see Dashboard and My Sites in the main navigation until a site is created for them.' ) . '</p>' ,
)
);
2011-11-02 01:33:53 -04:00
2011-11-02 17:32:16 -04:00
get_current_screen () -> set_help_sidebar (
2017-11-30 18:11:00 -05:00
'<p><strong>' . __ ( 'For more information:' ) . '</strong></p>' .
'<p>' . __ ( '<a href="https://codex.wordpress.org/Network_Admin_Users_Screen">Documentation on Network Users</a>' ) . '</p>' .
'<p>' . __ ( '<a href="https://wordpress.org/support/forum/multisite/">Support Forums</a>' ) . '</p>'
2010-12-16 01:52:47 -05:00
);
2020-05-24 05:17:09 -04:00
if ( isset ( $_REQUEST [ 'action' ] ) && 'add-user' === $_REQUEST [ 'action' ] ) {
2010-11-04 12:16:52 -04:00
check_admin_referer ( 'add-user' , '_wpnonce_add-user' );
2015-04-19 23:27:27 -04:00
2017-11-30 18:11:00 -05:00
if ( ! current_user_can ( 'manage_network_users' ) ) {
2016-06-29 11:16:29 -04:00
wp_die ( __ ( 'Sorry, you are not allowed to access this page.' ), 403 );
2017-11-30 18:11:00 -05:00
}
2010-11-04 12:16:52 -04:00
2017-11-30 18:11:00 -05:00
if ( ! is_array ( $_POST [ 'user' ] ) ) {
2010-11-04 12:16:52 -04:00
wp_die ( __ ( 'Cannot create an empty user.' ) );
2017-11-30 18:11:00 -05:00
}
2011-06-03 14:59:12 -04:00
2014-10-19 16:30:19 -04:00
$user = wp_unslash ( $_POST [ 'user' ] );
2010-11-04 12:16:52 -04:00
2011-12-08 18:02:33 -05:00
$user_details = wpmu_validate_user_signup ( $user [ 'username' ], $user [ 'email' ] );
2020-05-24 05:17:09 -04:00
2018-02-26 21:31:31 -05:00
if ( is_wp_error ( $user_details [ 'errors' ] ) && $user_details [ 'errors' ] -> has_errors () ) {
2017-11-30 18:11:00 -05:00
$add_user_errors = $user_details [ 'errors' ];
2011-06-03 14:59:12 -04:00
} else {
2017-11-30 18:11:00 -05:00
$password = wp_generate_password ( 12 , false );
$user_id = wpmu_create_user ( esc_html ( strtolower ( $user [ 'username' ] ) ), $password , sanitize_email ( $user [ 'email' ] ) );
2010-11-04 12:16:52 -04:00
2011-06-03 14:59:12 -04:00
if ( ! $user_id ) {
2017-11-30 18:11:00 -05:00
$add_user_errors = new WP_Error ( 'add_user_fail' , __ ( 'Cannot add user.' ) );
2011-06-03 14:59:12 -04:00
} else {
2015-09-16 18:19:24 -04:00
/**
2017-11-26 18:57:55 -05:00
* Fires after a new user has been created via the network user - new . php page .
*
* @ since 4.4 . 0
*
* @ param int $user_id ID of the newly created user .
*/
2015-09-16 18:19:24 -04:00
do_action ( 'network_user_new_created_user' , $user_id );
2020-05-24 05:17:09 -04:00
2017-11-30 18:11:00 -05:00
wp_redirect (
add_query_arg (
array (
'update' => 'added' ,
'user_id' => $user_id ,
2018-08-16 21:51:36 -04:00
),
'user-new.php'
2017-11-30 18:11:00 -05:00
)
);
2011-06-03 14:59:12 -04:00
exit ;
}
}
2010-11-04 12:16:52 -04:00
}
2017-11-30 18:11:00 -05:00
if ( isset ( $_GET [ 'update' ] ) ) {
2010-11-04 12:16:52 -04:00
$messages = array ();
2020-05-24 05:17:09 -04:00
if ( 'added' === $_GET [ 'update' ] ) {
2016-02-24 16:43:25 -05:00
$edit_link = '' ;
if ( isset ( $_GET [ 'user_id' ] ) ) {
$user_id_new = absint ( $_GET [ 'user_id' ] );
if ( $user_id_new ) {
$edit_link = esc_url ( add_query_arg ( 'wp_http_referer' , urlencode ( wp_unslash ( $_SERVER [ 'REQUEST_URI' ] ) ), get_edit_user_link ( $user_id_new ) ) );
}
}
2019-06-15 14:57:52 -04:00
$message = __ ( 'User added.' );
if ( $edit_link ) {
I18N: Improve translator comments.
* Add missing translator comments.
* Fix placement of some translator comments. Translator comments should be on the line directly above the line containing the translation function call for optimal compatibility with various `.pot` file generation tools. The CS auto-fixing, which changed some inconsistent function calls to multi-line function calls, is part of the reason why this was no longer the case for a select group of translator comments.
Includes minor code layout fixes.
Polyglots, rejoice! All WordPress core files now have translator comments for all strings with placeholders!
Props jrf, subrataemfluence, GaryJ, webdados, Dency, swissspidy, alvarogois, marcomartins, mihaiiceyro, vladwtz, niq1982, flipkeijzer, michielatyoast, chandrapatel, thrijith, joshuanoyce, FesoVik, tessak22, bhaktirajdev, cleancoded, dhavalkasvala, garrett-eclipse, bibliofille, socalchristina, priyankkpatel, 5hel2l2y, adamsilverstein, JeffPaul, pierlo, SergeyBiryukov.
Fixes #44360.
Built from https://develop.svn.wordpress.org/trunk@45926
git-svn-id: http://core.svn.wordpress.org/trunk@45737 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2019-09-01 13:13:59 -04:00
$message .= sprintf ( ' <a href="%s">%s</a>' , $edit_link , __ ( 'Edit user' ) );
2016-02-24 16:43:25 -05:00
}
2019-06-15 14:57:52 -04:00
$messages [] = $message ;
2016-02-24 16:43:25 -05:00
}
2010-11-04 12:16:52 -04:00
}
2021-07-22 09:53:00 -04:00
// Used in the HTML title tag.
2017-11-30 18:11:00 -05:00
$title = __ ( 'Add New User' );
2010-11-04 12:16:52 -04:00
$parent_file = 'users.php' ;
2020-02-06 01:33:11 -05:00
require_once ABSPATH . 'wp-admin/admin-header.php' ; ?>
2010-11-04 12:16:52 -04:00
< div class = " wrap " >
2015-06-27 11:41:25 -04:00
< h1 id = " add-new-user " >< ? php _e ( 'Add New User' ); ?> </h1>
2010-11-04 12:16:52 -04:00
< ? php
if ( ! empty ( $messages ) ) {
2017-11-30 18:11:00 -05:00
foreach ( $messages as $msg ) {
2015-04-01 18:06:28 -04:00
echo '<div id="message" class="updated notice is-dismissible"><p>' . $msg . '</p></div>' ;
2017-11-30 18:11:00 -05:00
}
2011-06-03 14:59:12 -04:00
}
2017-11-30 18:11:00 -05:00
if ( isset ( $add_user_errors ) && is_wp_error ( $add_user_errors ) ) {
2018-08-16 21:51:36 -04:00
?>
2011-06-03 14:59:12 -04:00
< div class = " error " >
< ? php
2017-11-30 18:11:00 -05:00
foreach ( $add_user_errors -> get_error_messages () as $message ) {
echo " <p> $message </p> " ;
}
2011-06-03 14:59:12 -04:00
?>
</ div >
< ? php } ?>
2021-06-21 00:30:56 -04:00
< form action = " <?php echo esc_url( network_admin_url( 'user-new.php?action=add-user' ) ); ?> " id = " adduser " method = " post " novalidate = " novalidate " >
2019-05-24 17:56:54 -04:00
< table class = " form-table " role = " presentation " >
2010-11-04 12:16:52 -04:00
< tr class = " form-field form-required " >
2017-11-30 18:11:00 -05:00
< th scope = " row " >< label for = " username " >< ? php _e ( 'Username' ); ?> </label></th>
Improve validation of `user_login` and `user_nicename` length.
The `user_login` field only allows 60 characters, and `user_nicename` allows
50. However, there are no protections in the interface, and few in the code,
that prevent the creation of users with values in excess of these limits. Prior
to recent changes in `$wpdb`, users were generally created anyway, MySQL
having performed the necessary truncation. More recently, the `INSERT`s and
`UPDATE`s simply fail, with no real feedback on the nature of the failure.
This changeset addresses the issue in a number of ways:
* On the user-new.php and network/user-new.php panels, don't allow input in excess of the maximum field length.
* In `wp_insert_user()`, throw an error if the value provided for `'user_login'` or `'user_nicename'` exceeds the maximum field length.
* In `wp_insert_user()`, when using `'user_login'` to generate a default value for `'user_nicename'`, ensure that the nicename is properly truncated, even when suffixed for uniqueness (username-2, etc).
Props dipesh.kakadiya, utkarshpatel, tommarshall, boonebgorges.
Fixes #33793.
Built from https://develop.svn.wordpress.org/trunk@34218
git-svn-id: http://core.svn.wordpress.org/trunk@34182 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-09-15 18:14:26 -04:00
< td >< input type = " text " class = " regular-text " name = " user[username] " id = " username " autocapitalize = " none " autocorrect = " off " maxlength = " 60 " /></ td >
2010-11-04 12:16:52 -04:00
</ tr >
< tr class = " form-field form-required " >
2017-11-30 18:11:00 -05:00
< th scope = " row " >< label for = " email " >< ? php _e ( 'Email' ); ?> </label></th>
2021-03-20 14:30:08 -04:00
< td >< input type = " email " class = " regular-text " name = " user[email] " id = " email " /></ td >
2010-11-04 12:16:52 -04:00
</ tr >
< tr class = " form-field " >
2019-05-25 11:19:53 -04:00
< td colspan = " 2 " class = " td-full " >< ? php _e ( 'A password reset link will be sent to the user via email.' ); ?> </td>
2010-11-04 12:16:52 -04:00
</ tr >
</ table >
2016-02-17 14:15:26 -05:00
< ? php
/**
* Fires at the end of the new user form in network admin .
*
* @ since 4.5 . 0
*/
do_action ( 'network_user_new_form' );
wp_nonce_field ( 'add-user' , '_wpnonce_add-user' );
2017-11-30 18:11:00 -05:00
submit_button ( __ ( 'Add User' ), 'primary' , 'add-user' );
2016-02-17 14:15:26 -05:00
?>
2010-11-04 12:16:52 -04:00
</ form >
</ div >
< ? php
2020-02-06 01:33:11 -05:00
require_once ABSPATH . 'wp-admin/admin-footer.php' ;