2010-10-21 14:35:52 -04:00
< ? php
/**
* Edit Site Users Administration Screen
*
* @ package WordPress
2010-11-10 09:27:15 -05:00
* @ subpackage Multisite
2010-10-21 14:35:52 -04:00
* @ since 3.1 . 0
*/
/** Load WordPress Administration Bootstrap */
2010-11-10 09:27:15 -05:00
require_once ( './admin.php' );
2010-10-21 14:35:52 -04:00
if ( ! is_multisite () )
wp_die ( __ ( 'Multisite support is not enabled.' ) );
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have sufficient permissions to edit this site.' ));
$id = isset ( $_REQUEST [ 'id' ] ) ? intval ( $_REQUEST [ 'id' ] ) : 0 ;
if ( ! $id )
wp_die ( __ ( 'Invalid site ID.' ) );
$details = get_blog_details ( $id );
if ( $details -> site_id != $wpdb -> siteid )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
$is_main_site = is_main_site ( $id );
2010-11-17 14:45:10 -05:00
// get blog prefix
$blog_prefix = $wpdb -> get_blog_prefix ( $id );
// @todo This is a hack. Eventually, add API to WP_Roles allowing retrieval of roles for a particular blog.
if ( ! empty ( $wp_roles -> use_db ) ) {
$editblog_roles = get_blog_option ( $id , " { $blog_prefix } user_roles " );
} else {
// Roles are stored in memory, not the DB.
$editblog_roles = $wp_roles -> roles ;
}
2010-10-21 14:35:52 -04:00
if ( isset ( $_REQUEST [ 'action' ]) && 'update-site' == $_REQUEST [ 'action' ] ) {
check_admin_referer ( 'edit-site' );
switch_to_blog ( $id );
// user roles
if ( isset ( $_POST [ 'role' ] ) && is_array ( $_POST [ 'role' ] ) == true ) {
$newroles = $_POST [ 'role' ];
reset ( $newroles );
foreach ( ( array ) $newroles as $userid => $role ) {
$user = new WP_User ( $userid );
if ( empty ( $user -> ID ) )
continue ;
$user -> for_blog ( $id );
$user -> set_role ( $role );
}
}
// remove user
if ( isset ( $_POST [ 'blogusers' ] ) && is_array ( $_POST [ 'blogusers' ] ) ) {
reset ( $_POST [ 'blogusers' ] );
foreach ( ( array ) $_POST [ 'blogusers' ] as $key => $val )
remove_user_from_blog ( $key , $id );
}
// change password
if ( isset ( $_POST [ 'user_password' ] ) && is_array ( $_POST [ 'user_password' ] ) ) {
reset ( $_POST [ 'user_password' ] );
$newroles = $_POST [ 'role' ];
foreach ( ( array ) $_POST [ 'user_password' ] as $userid => $pass ) {
unset ( $_POST [ 'role' ] );
$_POST [ 'role' ] = $newroles [ $userid ];
if ( $pass != '' ) {
$cap = $wpdb -> get_var ( $wpdb -> prepare ( " SELECT meta_value FROM { $wpdb -> usermeta } WHERE user_id = %d AND meta_key = ' { $blog_prefix } capabilities' AND meta_value = 'a:0: { }' " , $userid ) );
$userdata = get_userdata ( $userid );
$_POST [ 'pass1' ] = $_POST [ 'pass2' ] = $pass ;
$_POST [ 'email' ] = $userdata -> user_email ;
$_POST [ 'rich_editing' ] = $userdata -> rich_editing ;
edit_user ( $userid );
if ( $cap == null )
$wpdb -> query ( $wpdb -> prepare ( " DELETE FROM { $wpdb -> usermeta } WHERE user_id = %d AND meta_key = ' { $blog_prefix } capabilities' AND meta_value = 'a:0: { }' " , $userid ) );
}
}
unset ( $_POST [ 'role' ] );
$_POST [ 'role' ] = $newroles ;
}
// add user
if ( ! empty ( $_POST [ 'newuser' ] ) ) {
$newuser = $_POST [ 'newuser' ];
$userid = $wpdb -> get_var ( $wpdb -> prepare ( " SELECT ID FROM " . $wpdb -> users . " WHERE user_login = %s " , $newuser ) );
if ( $userid ) {
$user = $wpdb -> get_var ( " SELECT user_id FROM " . $wpdb -> usermeta . " WHERE user_id=' $userid ' AND meta_key=' { $blog_prefix } capabilities' " );
if ( $user == false )
add_user_to_blog ( $id , $userid , $_POST [ 'new_role' ] );
}
}
restore_current_blog ();
wp_redirect ( add_query_arg ( array ( 'update' => 'updated' , 'id' => $id ), 'site-users.php' ) );
}
if ( isset ( $_GET [ 'update' ]) ) {
$messages = array ();
if ( 'updated' == $_GET [ 'update' ] )
$messages [] = __ ( 'Site users updated.' );
}
$title = sprintf ( __ ( 'Edit Site: %s' ), get_blogaddress_by_id ( $id ));
$parent_file = 'sites.php' ;
$submenu_file = 'sites.php' ;
require ( '../admin-header.php' );
?>
< div class = " wrap " >
2010-10-21 16:24:54 -04:00
< ? php screen_icon ( 'ms-admin' ); ?>
2010-10-21 14:35:52 -04:00
< h2 id = " edit-site " >< ? php echo $title ?> </h2>
2010-10-25 16:45:58 -04:00
< h3 class = " nav-tab-wrapper " >
2010-10-21 14:35:52 -04:00
< ? php
$tabs = array ( 'site-info' => array ( 'label' => __ ( 'Info' ), 'url' => 'site-info.php' ), 'site-options' => array ( 'label' => __ ( 'Options' ), 'url' => 'site-options.php' ),
'site-users' => array ( 'label' => __ ( 'Users' ), 'url' => 'site-users.php' ), 'site-themes' => array ( 'label' => __ ( 'Themes' ), 'url' => 'site-themes.php' ));
foreach ( $tabs as $tab_id => $tab ) {
$class = ( $tab [ 'url' ] == $pagenow ) ? ' nav-tab-active' : '' ;
echo '<a href="' . $tab [ 'url' ] . '?id=' . $id . '" class="nav-tab' . $class . '">' . esc_html ( $tab [ 'label' ] ) . '</a>' ;
}
?>
</ h3 >
< ? php
if ( ! empty ( $messages ) ) {
foreach ( $messages as $msg )
echo '<div id="message" class="updated"><p>' . $msg . '</p></div>' ;
} ?>
< form method = " post " action = " site-users.php?action=update-site " >
< ? php wp_nonce_field ( 'edit-site' ); ?>
< input type = " hidden " name = " id " value = " <?php echo esc_attr( $id ) ?> " />
< ? php
$blogusers = get_users ( array ( 'blog_id' => $id , 'number' => 20 ) );
2010-11-17 14:45:10 -05:00
2010-10-21 14:35:52 -04:00
if ( is_array ( $blogusers ) ) {
echo '<table class="form-table">' ;
echo " <tr><th> " . __ ( 'User' ) . " </th><th> " . __ ( 'Role' ) . " </th><th> " . __ ( 'Password' ) . " </th><th> " . __ ( 'Remove' ) . " </th></tr> " ;
$user_count = 0 ;
foreach ( $blogusers as $user_id => $user_object ) {
$user_count ++ ;
$existing_role = reset ( $user_object -> roles );
echo '<tr><td><a href="user-edit.php?user_id=' . $user_id . '">' . $user_object -> user_login . '</a></td>' ;
if ( $user_id != $current_user -> data -> ID ) {
?>
< td >
< select name = " role[<?php echo $user_id ?>] " id = " new_role_1 " >< ? php
foreach ( $editblog_roles as $role => $role_assoc ){
$name = translate_user_role ( $role_assoc [ 'name' ] );
echo '<option ' . selected ( $role , $existing_role , false ) . ' value="' . esc_attr ( $role ) . '">' . esc_html ( $name ) . '</option>' ;
}
?>
</ select >
</ td >
< td >
< input type = " text " name = " user_password[<?php echo esc_attr( $user_id ) ?>] " />
</ td >
< ? php
echo '<td><input title="' . __ ( 'Click to remove user' ) . '" type="checkbox" name="blogusers[' . esc_attr ( $user_id ) . ']" /></td>' ;
} else {
echo " <td><strong> " . __ ( 'N/A' ) . " </strong></td><td><strong> " . __ ( 'N/A' ) . " </strong></td><td><strong> " . __ ( 'N/A' ) . " </strong></td> " ;
}
echo '</tr>' ;
}
echo " </table> " ;
submit_button ();
if ( 20 == $user_count )
echo '<p>' . sprintf ( __ ( 'First 20 users shown. <a href="%s">Manage all users</a>.' ), get_admin_url ( $id , 'users.php' ) ) . '</p>' ;
} else {
_e ( 'This site has no users.' );
}
?>
</ form >
2010-11-17 14:45:10 -05:00
< h3 id = " add-new-user " >< ? php _e ( 'Add Existing User' ) ?> </h3>
< p class = " description " >< ? php _e ( 'Enter the username of an existing user.' ) ?> </p>
< form action = " site-users.php?action=update-site " id = " adduser " method = " post " >
< ? php wp_nonce_field ( 'edit-site' ); ?>
< input type = " hidden " name = " id " value = " <?php echo esc_attr( $id ) ?> " />
< table class = " form-table " >
< tr >
< th scope = " row " >< ? php _e ( 'Username' ); ?> </th>
< td >< input type = " text " name = " newuser " id = " newuser " /></ td >
</ tr >
< tr >
< th scope = " row " >< ? php _e ( 'Role' ); ?> </th>
< td >< select name = " new_role " id = " new_role_0 " >
< ? php
$default_role = $wpdb -> get_var ( " SELECT `option_value` FROM { $blog_prefix } options WHERE option_name = 'default_role' " );
reset ( $editblog_roles );
foreach ( $editblog_roles as $role => $role_assoc ){
$name = translate_user_role ( $role_assoc [ 'name' ] );
$selected = ( $role == $default_role ) ? 'selected="selected"' : '' ;
echo '<option ' . $selected . ' value="' . esc_attr ( $role ) . '">' . esc_html ( $name ) . '</option>' ;
}
?>
</ select ></ td >
</ tr >
</ table >
< ? php submit_button ( __ ( 'Add User' ), 'primary' , 'add-user' ); ?>
</ form >
2010-10-21 14:35:52 -04:00
</ div >
< ? php
require ( '../admin-footer.php' );