Massive user_level fix. We were still using the user_level field in wp_users in some places, where we should just use the table prefixed usermeta value.
git-svn-id: http://svn.automattic.com/wordpress/trunk@2702 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
parent
233afca132
commit
13f492ab75
|
@ -13,12 +13,13 @@ function get_others_drafts( $user_id ) {
|
||||||
$user = get_userdata( $user_id );
|
$user = get_userdata( $user_id );
|
||||||
$level_key = $wpdb->prefix . 'user_level';
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
if ( 1 < $user->user_level ) {
|
if ( 1 < $user->user_level ) {
|
||||||
$editable = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value <= '$user->user_level' AND user_id != $user_id");
|
$editable = get_editable_user_ids( $user_id );
|
||||||
if( is_array( $editable ) == false )
|
|
||||||
|
if( !$editable ) {
|
||||||
$other_drafts = '';
|
$other_drafts = '';
|
||||||
else {
|
} else {
|
||||||
$editable = join(',', $editable);
|
$editable = join(',', $editable);
|
||||||
$other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) ");
|
$other_drafts = $wpdb->get_results("SELECT ID, post_title FROM $wpdb->posts WHERE post_status = 'draft' AND post_author IN ($editable) AND post_author != '$user_id' ");
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
$other_drafts = false;
|
$other_drafts = false;
|
||||||
|
@ -26,4 +27,64 @@ function get_others_drafts( $user_id ) {
|
||||||
return apply_filters('get_others_drafts', $other_drafts);
|
return apply_filters('get_others_drafts', $other_drafts);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function get_editable_authors( $user_id ) {
|
||||||
|
global $wpdb;
|
||||||
|
$user = get_userdata( $user_id );
|
||||||
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
|
|
||||||
|
if ( 7 > $user->user_level ) // TODO: ROLE SYSTEM
|
||||||
|
return false;
|
||||||
|
|
||||||
|
$editable = get_editable_user_ids( $user_id );
|
||||||
|
|
||||||
|
if( !$editable )
|
||||||
|
return false;
|
||||||
|
else {
|
||||||
|
$editable = join(',', $editable);
|
||||||
|
$authors = $wpdb->get_results( "SELECT * FROM $wpdb->users WHERE ID IN ($editable)" );
|
||||||
|
}
|
||||||
|
|
||||||
|
return apply_filters('get_editable_authors', $authors);
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_editable_user_ids( $user_id, $exclude_zeros = true ) {
|
||||||
|
global $wpdb;
|
||||||
|
$user = get_userdata( $user_id );
|
||||||
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
|
|
||||||
|
$query = "SELECT * FROM $wpdb->usermeta WHERE meta_key = '$level_key'";
|
||||||
|
if ( $exclude_zeros )
|
||||||
|
$query .= " AND meta_value != '0'";
|
||||||
|
$possible = $wpdb->get_results( $query );
|
||||||
|
|
||||||
|
if ( !$possible )
|
||||||
|
return false;
|
||||||
|
|
||||||
|
$user_ids = array();
|
||||||
|
foreach ( $possible as $mark )
|
||||||
|
if ( intval($mark->meta_value) <= $user->user_level )
|
||||||
|
$user_ids[] = $mark->user_id;
|
||||||
|
if ( empty( $user_ids ) )
|
||||||
|
return false;
|
||||||
|
return $user_ids;
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_author_user_ids() {
|
||||||
|
global $wpdb;
|
||||||
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
|
|
||||||
|
$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value != '0'";
|
||||||
|
|
||||||
|
return $wpdb->get_col( $query );
|
||||||
|
}
|
||||||
|
|
||||||
|
function get_nonauthor_user_ids() {
|
||||||
|
global $wpdb;
|
||||||
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
|
|
||||||
|
$query = "SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key' AND meta_value = '0'";
|
||||||
|
|
||||||
|
return $wpdb->get_col( $query );
|
||||||
|
}
|
||||||
|
|
||||||
?>
|
?>
|
|
@ -437,8 +437,11 @@ function dropdown_categories($default = 0) {
|
||||||
|
|
||||||
// Dandy new recursive multiple category stuff.
|
// Dandy new recursive multiple category stuff.
|
||||||
function cat_rows($parent = 0, $level = 0, $categories = 0) {
|
function cat_rows($parent = 0, $level = 0, $categories = 0) {
|
||||||
global $wpdb, $class, $user_level;
|
global $wpdb, $class, $current_user;
|
||||||
if (!$categories)
|
|
||||||
|
$user_level = $current_user->user_level;
|
||||||
|
|
||||||
|
if ( !$categories )
|
||||||
$categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
|
$categories = $wpdb->get_results("SELECT * FROM $wpdb->categories ORDER BY cat_name");
|
||||||
|
|
||||||
if ($categories) {
|
if ($categories) {
|
||||||
|
|
|
@ -104,13 +104,13 @@ window.onload = focusit;
|
||||||
</fieldset>
|
</fieldset>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
|
|
||||||
<?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) : ?>
|
<?php if ( $authors = get_editable_authors( $current_user->ID ) ) : // TODO: ROLE SYSTEM ?>
|
||||||
<fieldset id="authordiv" class="dbx-box">
|
<fieldset id="authordiv" class="dbx-box">
|
||||||
<h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3>
|
<h3 class="dbx-handle"><?php _e('Post author'); ?>:</h3>
|
||||||
<div class="dbx-content">
|
<div class="dbx-content">
|
||||||
<select name="post_author_override" id="post_author_override">
|
<select name="post_author_override" id="post_author_override">
|
||||||
<?php
|
<?php
|
||||||
foreach ($users as $o) :
|
foreach ($authors as $o) :
|
||||||
$o = get_userdata( $o->ID );
|
$o = get_userdata( $o->ID );
|
||||||
if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
|
if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
|
||||||
else $selected = '';
|
else $selected = '';
|
||||||
|
|
|
@ -108,13 +108,13 @@ edCanvas = document.getElementById('content');
|
||||||
<th scope="row" width="30%"><?php _e('Page slug') ?>:</th>
|
<th scope="row" width="30%"><?php _e('Page slug') ?>:</th>
|
||||||
<td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post->post_name ?>" /></td>
|
<td><input name="post_name" type="text" size="25" id="post_name" value="<?php echo $post->post_name ?>" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<?php if ($user_level > 7 && $users = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users WHERE user_level <= $user_level AND user_level > 0") ) : ?>
|
<?php if ( $authors = get_editable_authors( $current_user->ID ) ) : // TODO: ROLE SYSTEM ?>
|
||||||
<tr>
|
<tr>
|
||||||
<th scope="row" width="30%"><?php _e('Page owner'); ?>:</th>
|
<th scope="row" width="30%"><?php _e('Page owner'); ?>:</th>
|
||||||
<td>
|
<td>
|
||||||
<select name="post_author" id="post_author">
|
<select name="post_author" id="post_author">
|
||||||
<?php
|
<?php
|
||||||
foreach ($users as $o) :
|
foreach ($authors as $o) :
|
||||||
$o = get_userdata( $o->ID );
|
$o = get_userdata( $o->ID );
|
||||||
if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
|
if ( $post->post_author == $o->ID || ( empty($post_ID) && $user_ID == $o->ID ) ) $selected = 'selected="selected"';
|
||||||
else $selected = '';
|
else $selected = '';
|
||||||
|
|
|
@ -11,6 +11,7 @@ get_currentuserinfo();
|
||||||
<h2><?php _e('Page Management'); ?></h2>
|
<h2><?php _e('Page Management'); ?></h2>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
/*
|
||||||
if (isset($user_ID) && ('' != intval($user_ID))) {
|
if (isset($user_ID) && ('' != intval($user_ID))) {
|
||||||
$posts = $wpdb->get_results("
|
$posts = $wpdb->get_results("
|
||||||
SELECT $wpdb->posts.*, $wpdb->users.user_level FROM $wpdb->posts
|
SELECT $wpdb->posts.*, $wpdb->users.user_level FROM $wpdb->posts
|
||||||
|
@ -18,9 +19,9 @@ if (isset($user_ID) && ('' != intval($user_ID))) {
|
||||||
WHERE $wpdb->posts.post_status = 'static'
|
WHERE $wpdb->posts.post_status = 'static'
|
||||||
AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID)
|
AND ($wpdb->users.user_level < $user_level OR $wpdb->posts.post_author = $user_ID)
|
||||||
");
|
");
|
||||||
} else {
|
} else { */
|
||||||
$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
|
$posts = $wpdb->get_results("SELECT * FROM $wpdb->posts WHERE post_status = 'static'");
|
||||||
}
|
// } FIXME
|
||||||
|
|
||||||
if ($posts) {
|
if ($posts) {
|
||||||
?>
|
?>
|
||||||
|
|
|
@ -354,7 +354,7 @@ default:
|
||||||
?>
|
?>
|
||||||
<div class="wrap">
|
<div class="wrap">
|
||||||
<?php _e('<h3>WordPress bookmarklet</h3>
|
<?php _e('<h3>WordPress bookmarklet</h3>
|
||||||
<p>You can drag the following link to your links bar or add it to your bookmarks and when you "Press it" it will open up a popup window with information and a link to the site you’re currently browsing so you can make a quick post about it. Try it out:</p>') ?>
|
<p>Right click on the following link and choose "Add to favorites" to create a posting shortcut.</p>') ?>
|
||||||
<p>
|
<p>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
|
|
|
@ -252,7 +252,7 @@ function upgrade_160() {
|
||||||
$wpdb->query("UPDATE $wpdb->users SET display_name = '$id' WHERE ID = '$user->ID'");
|
$wpdb->query("UPDATE $wpdb->users SET display_name = '$id' WHERE ID = '$user->ID'");
|
||||||
endif;
|
endif;
|
||||||
endforeach;
|
endforeach;
|
||||||
$old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname' );
|
$old_user_fields = array( 'user_firstname', 'user_lastname', 'user_icq', 'user_aim', 'user_msn', 'user_yim', 'user_idmode', 'user_ip', 'user_domain', 'user_browser', 'user_description', 'user_nickname', 'user_level' );
|
||||||
$wpdb->hide_errors();
|
$wpdb->hide_errors();
|
||||||
foreach ( $old_user_fields as $old )
|
foreach ( $old_user_fields as $old )
|
||||||
$wpdb->query("ALTER TABLE $wpdb->users DROP $old");
|
$wpdb->query("ALTER TABLE $wpdb->users DROP $old");
|
||||||
|
|
|
@ -130,7 +130,6 @@ CREATE TABLE $wpdb->users (
|
||||||
user_email varchar(100) NOT NULL default '',
|
user_email varchar(100) NOT NULL default '',
|
||||||
user_url varchar(100) NOT NULL default '',
|
user_url varchar(100) NOT NULL default '',
|
||||||
user_registered datetime NOT NULL default '0000-00-00 00:00:00',
|
user_registered datetime NOT NULL default '0000-00-00 00:00:00',
|
||||||
user_level int(2) unsigned NOT NULL default '0',
|
|
||||||
user_activation_key varchar(60) NOT NULL default '',
|
user_activation_key varchar(60) NOT NULL default '',
|
||||||
user_status int(11) NOT NULL default '0',
|
user_status int(11) NOT NULL default '0',
|
||||||
display_name varchar(250) NOT NULL default '',
|
display_name varchar(250) NOT NULL default '',
|
||||||
|
|
|
@ -172,18 +172,18 @@ if ($edituser->user_level >= $user_level) die( __('You do not have permission to
|
||||||
<th scope="row"><?php _e('Identity on blog:') ?>
|
<th scope="row"><?php _e('Identity on blog:') ?>
|
||||||
</th>
|
</th>
|
||||||
<td> <select name="display_name">
|
<td> <select name="display_name">
|
||||||
<option value="<?php echo $profiledata->display_name; ?>"><?php echo $profiledata->display_name; ?></option>
|
<option value="<?php echo $edituser->display_name; ?>"><?php echo $edituser->display_name; ?></option>
|
||||||
<option value="<?php echo $profiledata->nickname ?>"><?php echo $profiledata->nickname ?></option>
|
<option value="<?php echo $edituser->nickname ?>"><?php echo $edituser->nickname ?></option>
|
||||||
<option value="<?php echo $profiledata->user_login ?>"><?php echo $profiledata->user_login ?></option>
|
<option value="<?php echo $edituser->user_login ?>"><?php echo $edituser->user_login ?></option>
|
||||||
<?php if ( !empty( $profiledata->first_name ) ) : ?>
|
<?php if ( !empty( $edituser->first_name ) ) : ?>
|
||||||
<option value="<?php echo $profiledata->first_name ?>"><?php echo $profiledata->first_name ?></option>
|
<option value="<?php echo $edituser->first_name ?>"><?php echo $edituser->first_name ?></option>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<?php if ( !empty( $profiledata->last_name ) ) : ?>
|
<?php if ( !empty( $edituser->last_name ) ) : ?>
|
||||||
<option value="<?php echo $profiledata->last_name ?>"><?php echo $profiledata->last_name ?></option>
|
<option value="<?php echo $edituser->last_name ?>"><?php echo $edituser->last_name ?></option>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
<?php if ( !empty( $profiledata->first_name ) && !empty( $profiledata->last_name ) ) : ?>
|
<?php if ( !empty( $edituser->first_name ) && !empty( $edituser->last_name ) ) : ?>
|
||||||
<option value="<?php echo $profiledata->first_name." ".$profiledata->last_name ?>"><?php echo $profiledata->first_name." ".$profiledata->last_name ?></option>
|
<option value="<?php echo $edituser->first_name." ".$edituser->last_name ?>"><?php echo $edituser->first_name." ".$edituser->last_name ?></option>
|
||||||
<option value="<?php echo $profiledata->last_name." ".$profiledata->first_name ?>"><?php echo $profiledata->last_name." ".$profiledata->first_name ?></option>
|
<option value="<?php echo $edituser->last_name." ".$edituser->first_name ?>"><?php echo $edituser->last_name." ".$edituser->first_name ?></option>
|
||||||
<?php endif; ?>
|
<?php endif; ?>
|
||||||
</select>
|
</select>
|
||||||
</td>
|
</td>
|
||||||
|
|
|
@ -1,24 +1,11 @@
|
||||||
<?php
|
<?php
|
||||||
require_once('admin.php');
|
require_once('admin.php');
|
||||||
|
require_once( ABSPATH . WPINC . '/registration-functions.php');
|
||||||
|
|
||||||
$title = __('Users');
|
$title = __('Users');
|
||||||
$parent_file = 'profile.php';
|
$parent_file = 'profile.php';
|
||||||
|
|
||||||
$wpvarstoreset = array('action');
|
$action = $_REQUEST['action'];
|
||||||
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
|
|
||||||
$wpvar = $wpvarstoreset[$i];
|
|
||||||
if (!isset($$wpvar)) {
|
|
||||||
if (empty($_POST["$wpvar"])) {
|
|
||||||
if (empty($_GET["$wpvar"])) {
|
|
||||||
$$wpvar = '';
|
|
||||||
} else {
|
|
||||||
$$wpvar = $_GET["$wpvar"];
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$$wpvar = $_POST["$wpvar"];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
switch ($action) {
|
switch ($action) {
|
||||||
case 'adduser':
|
case 'adduser':
|
||||||
|
@ -47,35 +34,24 @@ case 'adduser':
|
||||||
|
|
||||||
$user_nickname = $user_login;
|
$user_nickname = $user_login;
|
||||||
|
|
||||||
/* checking that the username isn't already used by another user */
|
if ( username_exists( $user_login ) )
|
||||||
$loginthere = $wpdb->get_var("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'");
|
|
||||||
if ($loginthere)
|
|
||||||
die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
|
die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
|
||||||
|
|
||||||
/* checking e-mail address */
|
/* checking e-mail address */
|
||||||
if (empty($_POST["email"])) {
|
if (empty($user_email)) {
|
||||||
die (__("<strong>ERROR</strong>: please type an e-mail address"));
|
die (__("<strong>ERROR</strong>: please type an e-mail address"));
|
||||||
return false;
|
return false;
|
||||||
} else if (!is_email($_POST["email"])) {
|
} else if (!is_email($user_email)) {
|
||||||
die (__("<strong>ERROR</strong>: the email address isn't correct"));
|
die (__("<strong>ERROR</strong>: the email address isn't correct"));
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
$user_ID = $wpdb->get_var("SELECT ID FROM $wpdb->users ORDER BY ID DESC LIMIT 1") + 1;
|
$user_ID = create_user( $user_login, $pass1, $user_email, 0 );
|
||||||
|
|
||||||
$user_nicename = sanitize_title($user_nickname, $user_ID);
|
update_usermeta( $user_ID, 'first_name', $user_firstname);
|
||||||
$user_uri = preg_match('/^(https?|ftps?|mailto|news|gopher):/is', $user_uri) ? $user_uri : 'http://' . $user_uri;
|
update_usermeta( $user_ID, 'last_name', $user_lastname);
|
||||||
$now = gmdate('Y-m-d H:i:s');
|
update_usermeta( $user_ID, 'first_name', $user_firstname);
|
||||||
$new_users_can_blog = get_settings('new_users_can_blog');
|
|
||||||
|
|
||||||
$result = $wpdb->query("INSERT INTO $wpdb->users
|
|
||||||
(user_login, user_pass, user_email, user_registered, user_level, user_nicename, user_url)
|
|
||||||
VALUES
|
|
||||||
('$user_login', MD5('$pass1'), '$user_email', '$now', '$new_users_can_blog', '$user_nicename', '$user_uri')");
|
|
||||||
|
|
||||||
if ($result == false)
|
|
||||||
die (__('<strong>ERROR</strong>: Couldn’t register you!'));
|
|
||||||
|
|
||||||
$stars = '';
|
$stars = '';
|
||||||
for ($i = 0; $i < strlen($pass1); $i = $i + 1)
|
for ($i = 0; $i < strlen($pass1); $i = $i + 1)
|
||||||
$stars .= '*';
|
$stars .= '*';
|
||||||
|
@ -96,24 +72,22 @@ case 'promote':
|
||||||
header('Location: users.php');
|
header('Location: users.php');
|
||||||
}
|
}
|
||||||
|
|
||||||
$id = $_GET['id'];
|
$id = (int) $_GET['id'];
|
||||||
$prom = $_GET['prom'];
|
$prom = $_GET['prom'];
|
||||||
|
|
||||||
$user_data = get_userdata($id);
|
$user_data = get_userdata($id);
|
||||||
|
|
||||||
$usertopromote_level = $user_data->user_level;
|
$usertopromote_level = $user_data->user_level;
|
||||||
|
|
||||||
if ($user_level <= $usertopromote_level) {
|
if ( $user_level <= $usertopromote_level )
|
||||||
die(__('Can’t change the level of a user whose level is higher than yours.'));
|
die(__('Can’t change the level of a user whose level is higher than yours.'));
|
||||||
}
|
|
||||||
|
|
||||||
if ('up' == $prom) {
|
if ('up' == $prom) {
|
||||||
$new_level = $usertopromote_level + 1;
|
$new_level = $usertopromote_level + 1;
|
||||||
$sql="UPDATE $wpdb->users SET user_level=$new_level WHERE ID = $id AND $new_level < $user_level";
|
|
||||||
} elseif ('down' == $prom) {
|
} elseif ('down' == $prom) {
|
||||||
$new_level = $usertopromote_level - 1;
|
$new_level = $usertopromote_level - 1;
|
||||||
$sql="UPDATE $wpdb->users SET user_level=$new_level WHERE ID = $id AND $new_level < $user_level";
|
|
||||||
}
|
}
|
||||||
$result = $wpdb->query($sql);
|
update_usermeta( $id, $wpdb->prefix . 'user_level', $new_level);
|
||||||
|
|
||||||
header('Location: users.php');
|
header('Location: users.php');
|
||||||
|
|
||||||
|
@ -163,10 +137,11 @@ default:
|
||||||
<th> </th>
|
<th> </th>
|
||||||
</tr>
|
</tr>
|
||||||
<?php
|
<?php
|
||||||
$users = $wpdb->get_results("SELECT ID FROM $wpdb->users WHERE user_level > 0 ORDER BY ID");
|
$authors =
|
||||||
|
$users = get_author_user_ids();
|
||||||
$style = '';
|
$style = '';
|
||||||
foreach ($users as $user) {
|
foreach ($users as $user) {
|
||||||
$user_data = get_userdata($user->ID);
|
$user_data = get_userdata($user);
|
||||||
$email = $user_data->user_email;
|
$email = $user_data->user_email;
|
||||||
$url = $user_data->user_url;
|
$url = $user_data->user_url;
|
||||||
$short_url = str_replace('http://', '', $url);
|
$short_url = str_replace('http://', '', $url);
|
||||||
|
@ -176,7 +151,7 @@ default:
|
||||||
if (strlen($short_url) > 35)
|
if (strlen($short_url) > 35)
|
||||||
$short_url = substr($short_url, 0, 32).'...';
|
$short_url = substr($short_url, 0, 32).'...';
|
||||||
$style = ('class="alternate"' == $style) ? '' : 'class="alternate"';
|
$style = ('class="alternate"' == $style) ? '' : 'class="alternate"';
|
||||||
$numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_author = $user->ID and post_status = 'publish'");
|
$numposts = $wpdb->get_var("SELECT COUNT(*) FROM $wpdb->posts WHERE post_author = '$user' and post_status = 'publish'");
|
||||||
if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_data->ID' title='" . __('View posts') . "'>$numposts</a>";
|
if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_data->ID' title='" . __('View posts') . "'>$numposts</a>";
|
||||||
echo "
|
echo "
|
||||||
<tr $style>
|
<tr $style>
|
||||||
|
@ -205,7 +180,7 @@ default:
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<?php
|
<?php
|
||||||
$users = $wpdb->get_results("SELECT * FROM $wpdb->users WHERE user_level = 0 ORDER BY ID");
|
$users = get_nonauthor_user_ids();
|
||||||
if ($users) {
|
if ($users) {
|
||||||
?>
|
?>
|
||||||
<div class="wrap">
|
<div class="wrap">
|
||||||
|
@ -224,7 +199,7 @@ if ($users) {
|
||||||
<?php
|
<?php
|
||||||
$style = '';
|
$style = '';
|
||||||
foreach ($users as $user) {
|
foreach ($users as $user) {
|
||||||
$user_data = get_userdata($user->ID);
|
$user_data = get_userdata($user);
|
||||||
$email = $user_data->user_email;
|
$email = $user_data->user_email;
|
||||||
$url = $user_data->user_url;
|
$url = $user_data->user_url;
|
||||||
$short_url = str_replace('http://', '', $url);
|
$short_url = str_replace('http://', '', $url);
|
||||||
|
|
|
@ -1225,13 +1225,19 @@ function update_category_cache() {
|
||||||
|
|
||||||
function update_user_cache() {
|
function update_user_cache() {
|
||||||
global $cache_userdata, $wpdb;
|
global $cache_userdata, $wpdb;
|
||||||
$query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE user_level > 0");
|
$level_key = $wpdb->prefix . 'user_level';
|
||||||
|
$user_ids = $wpdb->get_col("SELECT user_id FROM $wpdb->usermeta WHERE meta_key = '$level_key'");
|
||||||
|
$user_ids = join(',', $user_ids);
|
||||||
|
$query = apply_filters('user_cache_query', "SELECT * FROM $wpdb->users WHERE ID IN ($user_ids)");
|
||||||
if ( $users = $wpdb->get_results( $query ) ) :
|
if ( $users = $wpdb->get_results( $query ) ) :
|
||||||
foreach ($users as $user) :
|
foreach ($users as $user) :
|
||||||
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
|
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user->ID'");
|
||||||
if ( is_array($metavalues) )
|
foreach ( $metavalues as $meta ) {
|
||||||
foreach ( $metavalues as $meta )
|
$user->{$meta->meta_key} = $meta->meta_value;
|
||||||
$user->{$meta->meta_key} = $meta->meta_value;
|
// We need to set user_level from meta, not row
|
||||||
|
if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
|
||||||
|
$user->user_level = $meta->meta_value;
|
||||||
|
}
|
||||||
|
|
||||||
$cache_userdata[$user->ID] = $user;
|
$cache_userdata[$user->ID] = $user;
|
||||||
$cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
|
$cache_userdata[$user->user_login] =& $cache_userdata[$user->ID];
|
||||||
|
@ -1955,7 +1961,8 @@ function nocache_headers() {
|
||||||
|
|
||||||
function update_usermeta( $user_id, $meta_key, $meta_value ) {
|
function update_usermeta( $user_id, $meta_key, $meta_value ) {
|
||||||
global $wpdb;
|
global $wpdb;
|
||||||
$user_id = (int) $user_id;
|
if ( !is_numeric( $user_id ) )
|
||||||
|
return false;
|
||||||
$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
|
$meta_key = preg_replace('|a-z0-9_|i', '', $meta_key);
|
||||||
$cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
|
$cur = $wpdb->get_row("SELECT * FROM $wpdb->usermeta WHERE user_id = '$user_id' AND meta_key = '$meta_key'");
|
||||||
if ( !$cur ) {
|
if ( !$cur ) {
|
||||||
|
|
|
@ -6,7 +6,7 @@
|
||||||
|
|
||||||
if ( !function_exists('get_currentuserinfo') ) :
|
if ( !function_exists('get_currentuserinfo') ) :
|
||||||
function get_currentuserinfo() {
|
function get_currentuserinfo() {
|
||||||
global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity;
|
global $user_login, $userdata, $user_level, $user_ID, $user_email, $user_url, $user_pass_md5, $user_identity, $current_user;
|
||||||
|
|
||||||
if ( !isset($_COOKIE['wordpressuser_' . COOKIEHASH]))
|
if ( !isset($_COOKIE['wordpressuser_' . COOKIEHASH]))
|
||||||
return false;
|
return false;
|
||||||
|
@ -17,10 +17,9 @@ function get_currentuserinfo() {
|
||||||
$user_ID = $userdata->ID;
|
$user_ID = $userdata->ID;
|
||||||
$user_email = $userdata->user_email;
|
$user_email = $userdata->user_email;
|
||||||
$user_url = $userdata->user_url;
|
$user_url = $userdata->user_url;
|
||||||
|
|
||||||
$user_pass_md5 = md5($userdata->user_pass);
|
$user_pass_md5 = md5($userdata->user_pass);
|
||||||
|
|
||||||
$user_identity = $userdata->display_name;
|
$user_identity = $userdata->display_name;
|
||||||
|
$current_user = $userdata;
|
||||||
}
|
}
|
||||||
endif;
|
endif;
|
||||||
|
|
||||||
|
@ -39,8 +38,12 @@ function get_userdata( $user_id ) {
|
||||||
|
|
||||||
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
|
$metavalues = $wpdb->get_results("SELECT meta_key, meta_value FROM $wpdb->usermeta WHERE user_id = '$user_id'");
|
||||||
|
|
||||||
foreach ( $metavalues as $meta )
|
foreach ( $metavalues as $meta ) {
|
||||||
$user->{$meta->meta_key} = $meta->meta_value;
|
$user->{$meta->meta_key} = $meta->meta_value;
|
||||||
|
// We need to set user_level from meta, not row
|
||||||
|
if ( $wpdb->prefix . 'user_level' == $meta->meta_key )
|
||||||
|
$user->user_level = $meta->meta_value;
|
||||||
|
}
|
||||||
|
|
||||||
$cache_userdata[$user_id] = $user;
|
$cache_userdata[$user_id] = $user;
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,32 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
function username_exists( $username ) {
|
||||||
|
global $wpdb;
|
||||||
|
$username = sanitize_user( $username );
|
||||||
|
$query = "SELECT user_login FROM $wpdb->users WHERE user_login = '$username'";
|
||||||
|
$query = apply_filters('username_exists', $query);
|
||||||
|
return $wpdb->get_var( $query );
|
||||||
|
}
|
||||||
|
|
||||||
|
function create_user( $username, $password, $email, $user_level ) {
|
||||||
|
global $wpdb;
|
||||||
|
$username = $wpdb->escape( $username );
|
||||||
|
$email = $wpdb->escape( $email );
|
||||||
|
$password = md5( $password );
|
||||||
|
$user_nicename = sanitize_title( $username );
|
||||||
|
$now = gmdate('Y-m-d H:i:s');
|
||||||
|
|
||||||
|
$query = "INSERT INTO $wpdb->users
|
||||||
|
(user_login, user_pass, user_email, user_registered, user_nicename, display_name)
|
||||||
|
VALUES
|
||||||
|
('$username', '$password', '$email', '$now', '$user_nicename', '$username')";
|
||||||
|
$query = apply_filters('create_user_query', $query);
|
||||||
|
$wpdb->query( $query );
|
||||||
|
$user_id = $wpdb->insert_id;
|
||||||
|
|
||||||
|
$user_level = (int) $user_level;
|
||||||
|
update_usermeta( $user_id, $wpdb->prefix . 'user_level', $user_level);
|
||||||
|
return $user_id;
|
||||||
|
}
|
||||||
|
|
||||||
|
?>
|
|
@ -1,28 +1,14 @@
|
||||||
<?php
|
<?php
|
||||||
require('./wp-config.php');
|
require('./wp-config.php');
|
||||||
|
require_once( ABSPATH . WPINC . '/registration-functions.php');
|
||||||
|
|
||||||
$wpvarstoreset = array('action');
|
$action = $_REQUEST['action'];
|
||||||
for ($i=0; $i<count($wpvarstoreset); $i += 1) {
|
|
||||||
$wpvar = $wpvarstoreset[$i];
|
|
||||||
if (!isset($$wpvar)) {
|
|
||||||
if (empty($_POST["$wpvar"])) {
|
|
||||||
if (empty($_GET["$wpvar"])) {
|
|
||||||
$$wpvar = '';
|
|
||||||
} else {
|
|
||||||
$$wpvar = $_GET["$wpvar"];
|
|
||||||
}
|
|
||||||
} else {
|
|
||||||
$$wpvar = $_POST["$wpvar"];
|
|
||||||
}
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if ( !get_settings('users_can_register') )
|
if ( !get_settings('users_can_register') )
|
||||||
$action = 'disabled';
|
$action = 'disabled';
|
||||||
|
|
||||||
header( 'Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset') );
|
header( 'Content-Type: ' . get_bloginfo('html_type') . '; charset=' . get_bloginfo('charset') );
|
||||||
|
|
||||||
switch($action) {
|
switch( $action ) {
|
||||||
|
|
||||||
case 'register':
|
case 'register':
|
||||||
|
|
||||||
|
@ -39,23 +25,17 @@ case 'register':
|
||||||
die (__('<strong>ERROR</strong>: The email address isn’t correct.'));
|
die (__('<strong>ERROR</strong>: The email address isn’t correct.'));
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( $result = $wpdb->get_row("SELECT user_login FROM $wpdb->users WHERE user_login = '$user_login'") )
|
if ( username_exists( $user_login ) )
|
||||||
die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
|
die (__('<strong>ERROR</strong>: This username is already registered, please choose another one.'));
|
||||||
|
|
||||||
$user_login = $wpdb->escape( sanitize_user($user_login) ) );
|
|
||||||
$user_nicename = sanitize_title($user_nickname);
|
|
||||||
$now = gmdate('Y-m-d H:i:s');
|
|
||||||
$user_level = get_settings('new_users_can_blog');
|
$user_level = get_settings('new_users_can_blog');
|
||||||
$password = substr( md5( uniqid( microtime() ) ), 0, 7);
|
$password = substr( md5( uniqid( microtime() ) ), 0, 7);
|
||||||
|
|
||||||
$result = $wpdb->query("INSERT INTO $wpdb->users
|
$user_id = create_user( $user_login, $password, $user_email, $user_level );
|
||||||
(user_login, user_pass, user_email, user_registered, user_level, user_nicename)
|
|
||||||
VALUES
|
|
||||||
('$user_login', MD5('$password'), '$user_email', '$now', '$user_level', '$user_nicename')");
|
|
||||||
|
|
||||||
do_action('user_register', $wpdb->insert_id);
|
do_action('user_register', $user_id);
|
||||||
|
|
||||||
if ($result == false) {
|
if ( !$user_id ) {
|
||||||
die (sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
|
die (sprintf(__('<strong>ERROR</strong>: Couldn’t register you... please contact the <a href="mailto:%s">webmaster</a> !'), get_settings('admin_email')));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -171,4 +151,4 @@ default:
|
||||||
|
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue