From 003941b2e7f3ceed13f78cb80429cc3aeba7fe04 Mon Sep 17 00:00:00 2001
From: Ryan Boren <ryan@boren.nu>
Date: Fri, 12 Apr 2013 13:35:45 +0000
Subject: [PATCH] Use API instead of bare SQL queries in site-users.php.

see #21767


git-svn-id: http://core.svn.wordpress.org/trunk@23974 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/network/site-users.php | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/wp-admin/network/site-users.php b/wp-admin/network/site-users.php
index 2064a763b5..0812b50c56 100644
--- a/wp-admin/network/site-users.php
+++ b/wp-admin/network/site-users.php
@@ -85,12 +85,10 @@ if ( $action ) {
 			if ( !empty( $_POST['newuser'] ) ) {
 				$update = 'adduser';
 				$newuser = $_POST['newuser'];
-				$userid = $wpdb->get_var( $wpdb->prepare( "SELECT ID FROM " . $wpdb->users . " WHERE user_login = %s", $newuser ) );
-				if ( $userid ) {
-					$blog_prefix = $wpdb->get_blog_prefix( $id );
-					$user = $wpdb->get_var( "SELECT user_id FROM " . $wpdb->usermeta . " WHERE user_id='$userid' AND meta_key='{$blog_prefix}capabilities'" );
-					if ( $user == false )
-						add_user_to_blog( $id, $userid, $_POST['new_role'] );
+				$user = get_user_by( 'login', $newuser );
+				if ( $user->exists() ) {
+					if ( ! is_user_member_of_blog( $user->ID, $id ) )
+						add_user_to_blog( $id, $user->ID, $_POST['new_role'] );
 					else
 						$update = 'err_add_member';
 				} else {