Add better handling for actions and messaging in MS Sites List Table row actions

* Simplify URLs used for row actions to remove messaging and site domain/path.
* Use confirmation messaging from a managed list of actions when handling the request.
* Find the site address from the site ID rather than using information passed in the URL.

Fixes #32963.

Built from https://develop.svn.wordpress.org/trunk@33173


git-svn-id: http://core.svn.wordpress.org/trunk@33145 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Jeremy Felt 2015-07-12 02:36:26 +00:00
parent 72e83d6aec
commit 9f0506e3b2
3 changed files with 48 additions and 18 deletions

View File

@ -501,25 +501,25 @@ class WP_MS_Sites_List_Table extends WP_List_Table {
$actions['backend'] = "<span class='backend'><a href='" . esc_url( get_admin_url( $blog['blog_id'] ) ) . "' class='edit'>" . __( 'Dashboard' ) . '</a></span>';
if ( get_current_site()->blog_id != $blog['blog_id'] ) {
if ( $blog['deleted'] == '1' ) {
$actions['activate'] = '<span class="activate"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=activateblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to activate the site %s' ), $blogname ) ) ), 'confirm' ) ) . '">' . __( 'Activate' ) . '</a></span>';
$actions['activate'] = '<span class="activate"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=activateblog&amp;id=' . $blog['blog_id'] ), 'activateblog_' . $blog['blog_id'] ) ) . '">' . __( 'Activate' ) . '</a></span>';
} else {
$actions['deactivate'] = '<span class="activate"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=deactivateblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to deactivate the site %s' ), $blogname ) ) ), 'confirm' ) ) . '">' . __( 'Deactivate' ) . '</a></span>';
$actions['deactivate'] = '<span class="activate"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=deactivateblog&amp;id=' . $blog['blog_id'] ), 'deactivateblog_' . $blog['blog_id'] ) ) . '">' . __( 'Deactivate' ) . '</a></span>';
}
if ( $blog['archived'] == '1' ) {
$actions['unarchive'] = '<span class="archive"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=unarchiveblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to unarchive the site %s.' ), $blogname ) ) ), 'confirm' ) ) . '">' . __( 'Unarchive' ) . '</a></span>';
$actions['unarchive'] = '<span class="archive"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=unarchiveblog&amp;id=' . $blog['blog_id'] ), 'unarchiveblog_' . $blog['blog_id'] ) ) . '">' . __( 'Unarchive' ) . '</a></span>';
} else {
$actions['archive'] = '<span class="archive"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=archiveblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to archive the site %s.' ), $blogname ) ) ), 'confirm' ) ) . '">' . _x( 'Archive', 'verb; site' ) . '</a></span>';
$actions['archive'] = '<span class="archive"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=archiveblog&amp;id=' . $blog['blog_id'] ), 'archiveblog_' . $blog['blog_id'] ) ) . '">' . _x( 'Archive', 'verb; site' ) . '</a></span>';
}
if ( $blog['spam'] == '1' ) {
$actions['unspam'] = '<span class="spam"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=unspamblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to unspam the site %s.' ), $blogname ) ) ), 'confirm' ) ) . '">' . _x( 'Not Spam', 'site' ) . '</a></span>';
$actions['unspam'] = '<span class="spam"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=unspamblog&amp;id=' . $blog['blog_id'] ), 'unspamblog_' . $blog['blog_id'] ) ) . '">' . _x( 'Not Spam', 'site' ) . '</a></span>';
} else {
$actions['spam'] = '<span class="spam"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=spamblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to mark the site %s as spam.' ), $blogname ) ) ), 'confirm' ) ) . '">' . _x( 'Spam', 'site' ) . '</a></span>';
$actions['spam'] = '<span class="spam"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=spamblog&amp;id=' . $blog['blog_id'] ), 'spamblog_' . $blog['blog_id'] ) ) . '">' . _x( 'Spam', 'site' ) . '</a></span>';
}
if ( current_user_can( 'delete_site', $blog['blog_id'] ) ) {
$actions['delete'] = '<span class="delete"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=deleteblog&amp;id=' . $blog['blog_id'] . '&amp;msg=' . urlencode( sprintf( __( 'You are about to delete the site %s.' ), $blogname ) ) ), 'confirm' ) ) . '">' . __( 'Delete' ) . '</a></span>';
$actions['delete'] = '<span class="delete"><a href="' . esc_url( wp_nonce_url( network_admin_url( 'sites.php?action=confirm&amp;action2=deleteblog&amp;id=' . $blog['blog_id'] ), 'deleteblog_' . $blog['blog_id'] ) ) . '">' . __( 'Delete' ) . '</a></span>';
}
}

View File

@ -52,8 +52,34 @@ if ( isset( $_GET['action'] ) ) {
/** This action is documented in wp-admin/network/edit.php */
do_action( 'wpmuadminedit' );
// A list of valid actions and their associated messaging for confirmation output.
$manage_actions = array(
'activateblog' => __( 'You are about to activate the site %s' ),
'deactivateblog' => __( 'You are about to deactivate the site %s' ),
'unarchiveblog' => __( 'You are about to unarchive the site %s.' ),
'archiveblog' => __( 'You are about to archive the site %s.' ),
'unspamblog' => __( 'You are about to unspam the site %s.' ),
'spamblog' => __( 'You are about to mark the site %s as spam.' ),
'deleteblog' => __( 'You are about to delete the site %s.' ),
'unmatureblog' => __( 'You are about to mark the site %s as mature.' ),
'matureblog' => __( 'You are about to mark the site %s as not mature.' ),
'allblogs' => '',
);
if ( 'confirm' === $_GET['action'] ) {
check_admin_referer( 'confirm' );
// The action2 parameter contains the action being taken on the site.
$site_action = $_GET['action2'];
if ( ! array_key_exists( $site_action, $manage_actions ) ) {
wp_die( __( 'The requested action is not valid.' ) );
}
// The mature/unmature UI exists only as external code. Check the "confirm" nonce for backward compatibility.
if ( 'matureblog' === $site_action || 'unmatureblog' === $site_action ) {
check_admin_referer( 'confirm' );
} else {
check_admin_referer( $site_action . '_' . $id );
}
if ( ! headers_sent() ) {
nocache_headers();
@ -64,16 +90,19 @@ if ( isset( $_GET['action'] ) ) {
wp_die( __( 'You are not allowed to change the current site.' ) );
}
$site_details = get_blog_details( $id );
$site_address = untrailingslashit( $site_details->domain . $site_details->path );
require_once( ABSPATH . 'wp-admin/admin-header.php' );
?>
<div class="wrap">
<h1><?php _e( 'Confirm your action' ); ?></h1>
<form action="sites.php?action=<?php echo esc_attr( $_GET['action2'] ) ?>" method="post">
<input type="hidden" name="action" value="<?php echo esc_attr( $_GET['action2'] ) ?>" />
<form action="sites.php?action=<?php echo esc_attr( $site_action ); ?>" method="post">
<input type="hidden" name="action" value="<?php echo esc_attr( $site_action ); ?>" />
<input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
<input type="hidden" name="_wp_http_referer" value="<?php echo esc_attr( wp_get_referer() ); ?>" />
<?php wp_nonce_field( $_GET['action2'], '_wpnonce', false ); ?>
<p><?php echo esc_html( wp_unslash( $_GET['msg'] ) ); ?></p>
<?php wp_nonce_field( $site_action . '_' . $id, '_wpnonce', false ); ?>
<p><?php echo sprintf( $manage_actions[ $site_action ], $site_address ); ?></p>
<?php submit_button( __( 'Confirm' ), 'button' ); ?>
</form>
</div>
@ -84,13 +113,13 @@ if ( isset( $_GET['action'] ) ) {
$updated_action = '';
$manage_actions = array( 'deleteblog', 'allblogs', 'archiveblog', 'unarchiveblog', 'activateblog', 'deactivateblog', 'unspamblog', 'spamblog', 'unmatureblog', 'matureblog' );
if ( in_array( $_GET['action'], $manage_actions ) ) {
if ( array_key_exists( $_GET['action'], $manage_actions ) ) {
$action = $_GET['action'];
if ( 'allblogs' === $action )
if ( 'allblogs' === $action ) {
$action = 'bulk-sites';
}
check_admin_referer( $action );
check_admin_referer( $action . '_' . $id );
}
switch ( $_GET['action'] ) {
@ -178,8 +207,9 @@ if ( isset( $_GET['action'] ) ) {
break;
}
if ( empty( $updated_action ) && in_array( $_GET['action'], $manage_actions ) )
if ( empty( $updated_action ) && array_key_exists( $_GET['action'], $manage_actions ) ) {
$updated_action = $_GET['action'];
}
if ( ! empty( $updated_action ) ) {
wp_safe_redirect( add_query_arg( array( 'updated' => $updated_action ), wp_get_referer() ) );

View File

@ -4,7 +4,7 @@
*
* @global string $wp_version
*/
$wp_version = '4.3-beta2-33172';
$wp_version = '4.3-beta2-33173';
/**
* Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.