Do not allow deletion of a super admin user through `wpmu_delete_user()`.

In step with the UI provided by `wp-admin/network/users.php`, super admin privileges must be removed before a user can be deleted through the API. Props @johnjamesjacoby, @jeremyfelt. Fixes #32935. Built from https://develop.svn.wordpress.org/trunk@33143 git-svn-id: http://core.svn.wordpress.org/trunk@33114 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-07-09 16:16:25 +00:00 · 2015-07-09 16:16:25 +00:00 · 0bc0b0c917
parent 6963767a7c
commit 0bc0b0c917
2 changed files with 8 additions and 1 deletions
--- a/wp-admin/includes/ms.php
+++ b/wp-admin/includes/ms.php
@ -190,6 +190,13 @@ function wpmu_delete_user( $id ) {

 	if ( !$user->exists() )
 		return false;
+
+	// Global super-administrators are protected, and cannot be deleted.
+	$_super_admins = get_super_admins();
+	if ( in_array( $user->user_login, $_super_admins, true ) ) {
+		return false;
+	}
+
 	/**
 	 * Fires before a user is deleted from the network.
 	 *
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.3-beta2-33142';
+$wp_version = '4.3-beta2-33143';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.