[ Index ]

PHP Cross Reference of WordPress

title

Body

[close]

/wp-admin/network/ -> site-users.php (source)

   1  <?php
   2  /**
   3   * Edit Site Users Administration Screen
   4   *
   5   * @package WordPress
   6   * @subpackage Multisite
   7   * @since 3.1.0
   8   */
   9  
  10  /** Load WordPress Administration Bootstrap */
  11  require_once  __DIR__ . '/admin.php';
  12  
  13  if ( ! current_user_can( 'manage_sites' ) ) {
  14      wp_die( __( 'Sorry, you are not allowed to edit this site.' ), 403 );
  15  }
  16  
  17  $wp_list_table = _get_list_table( 'WP_Users_List_Table' );
  18  $wp_list_table->prepare_items();
  19  
  20  get_current_screen()->add_help_tab( get_site_screen_help_tab_args() );
  21  get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() );
  22  
  23  get_current_screen()->set_screen_reader_content(
  24      array(
  25          'heading_views'      => __( 'Filter site users list' ),
  26          'heading_pagination' => __( 'Site users list navigation' ),
  27          'heading_list'       => __( 'Site users list' ),
  28      )
  29  );
  30  
  31  $_SERVER['REQUEST_URI'] = remove_query_arg( 'update', $_SERVER['REQUEST_URI'] );
  32  $referer                = remove_query_arg( 'update', wp_get_referer() );
  33  
  34  if ( ! empty( $_REQUEST['paged'] ) ) {
  35      $referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer );
  36  }
  37  
  38  $id = isset( $_REQUEST['id'] ) ? intval( $_REQUEST['id'] ) : 0;
  39  
  40  if ( ! $id ) {
  41      wp_die( __( 'Invalid site ID.' ) );
  42  }
  43  
  44  $details = get_site( $id );
  45  if ( ! $details ) {
  46      wp_die( __( 'The requested site does not exist.' ) );
  47  }
  48  
  49  if ( ! can_edit_network( $details->site_id ) ) {
  50      wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 );
  51  }
  52  
  53  $is_main_site = is_main_site( $id );
  54  
  55  switch_to_blog( $id );
  56  
  57  $action = $wp_list_table->current_action();
  58  
  59  if ( $action ) {
  60  
  61      switch ( $action ) {
  62          case 'newuser':
  63              check_admin_referer( 'add-user', '_wpnonce_add-new-user' );
  64              $user = $_POST['user'];
  65              if ( ! is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) {
  66                  $update = 'err_new';
  67              } else {
  68                  $password = wp_generate_password( 12, false );
  69                  $user_id  = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) );
  70  
  71                  if ( false === $user_id ) {
  72                      $update = 'err_new_dup';
  73                  } else {
  74                      $result = add_user_to_blog( $id, $user_id, $_POST['new_role'] );
  75  
  76                      if ( is_wp_error( $result ) ) {
  77                          $update = 'err_add_fail';
  78                      } else {
  79                          $update = 'newuser';
  80  
  81                          /**
  82                           * Fires after a user has been created via the network site-users.php page.
  83                           *
  84                           * @since 4.4.0
  85                           *
  86                           * @param int $user_id ID of the newly created user.
  87                           */
  88                          do_action( 'network_site_users_created_user', $user_id );
  89                      }
  90                  }
  91              }
  92              break;
  93  
  94          case 'adduser':
  95              check_admin_referer( 'add-user', '_wpnonce_add-user' );
  96              if ( ! empty( $_POST['newuser'] ) ) {
  97                  $update  = 'adduser';
  98                  $newuser = $_POST['newuser'];
  99                  $user    = get_user_by( 'login', $newuser );
 100                  if ( $user && $user->exists() ) {
 101                      if ( ! is_user_member_of_blog( $user->ID, $id ) ) {
 102                          $result = add_user_to_blog( $id, $user->ID, $_POST['new_role'] );
 103  
 104                          if ( is_wp_error( $result ) ) {
 105                              $update = 'err_add_fail';
 106                          }
 107                      } else {
 108                          $update = 'err_add_member';
 109                      }
 110                  } else {
 111                      $update = 'err_add_notfound';
 112                  }
 113              } else {
 114                  $update = 'err_add_notfound';
 115              }
 116              break;
 117  
 118          case 'remove':
 119              if ( ! current_user_can( 'remove_users' ) ) {
 120                  wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 );
 121              }
 122  
 123              check_admin_referer( 'bulk-users' );
 124  
 125              $update = 'remove';
 126              if ( isset( $_REQUEST['users'] ) ) {
 127                  $userids = $_REQUEST['users'];
 128  
 129                  foreach ( $userids as $user_id ) {
 130                      $user_id = (int) $user_id;
 131                      remove_user_from_blog( $user_id, $id );
 132                  }
 133              } elseif ( isset( $_GET['user'] ) ) {
 134                  remove_user_from_blog( $_GET['user'] );
 135              } else {
 136                  $update = 'err_remove';
 137              }
 138              break;
 139  
 140          case 'promote':
 141              check_admin_referer( 'bulk-users' );
 142              $editable_roles = get_editable_roles();
 143              $role           = false;
 144              if ( ! empty( $_REQUEST['new_role2'] ) ) {
 145                  $role = $_REQUEST['new_role2'];
 146              } elseif ( ! empty( $_REQUEST['new_role'] ) ) {
 147                  $role = $_REQUEST['new_role'];
 148              }
 149  
 150              if ( empty( $editable_roles[ $role ] ) ) {
 151                  wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
 152              }
 153  
 154              if ( isset( $_REQUEST['users'] ) ) {
 155                  $userids = $_REQUEST['users'];
 156                  $update  = 'promote';
 157                  foreach ( $userids as $user_id ) {
 158                      $user_id = (int) $user_id;
 159  
 160                      // If the user doesn't already belong to the blog, bail.
 161                      if ( ! is_user_member_of_blog( $user_id ) ) {
 162                          wp_die(
 163                              '<h1>' . __( 'Something went wrong.' ) . '</h1>' .
 164                              '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>',
 165                              403
 166                          );
 167                      }
 168  
 169                      $user = get_userdata( $user_id );
 170                      $user->set_role( $role );
 171                  }
 172              } else {
 173                  $update = 'err_promote';
 174              }
 175              break;
 176          default:
 177              if ( ! isset( $_REQUEST['users'] ) ) {
 178                  break;
 179              }
 180              check_admin_referer( 'bulk-users' );
 181              $userids = $_REQUEST['users'];
 182  
 183              /** This action is documented in wp-admin/network/site-themes.php */
 184              $referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $userids, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
 185  
 186              $update = $action;
 187              break;
 188      }
 189  
 190      wp_safe_redirect( add_query_arg( 'update', $update, $referer ) );
 191      exit;
 192  }
 193  
 194  restore_current_blog();
 195  
 196  if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) {
 197      wp_safe_redirect( $referer );
 198      exit;
 199  }
 200  
 201  add_screen_option( 'per_page' );
 202  
 203  /* translators: %s: Site title. */
 204  $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) );
 205  
 206  $parent_file  = 'sites.php';
 207  $submenu_file = 'sites.php';
 208  
 209  /**
 210   * Filters whether to show the Add Existing User form on the Multisite Users screen.
 211   *
 212   * @since 3.1.0
 213   *
 214   * @param bool $bool Whether to show the Add Existing User form. Default true.
 215   */
 216  if ( ! wp_is_large_network( 'users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) {
 217      wp_enqueue_script( 'user-suggest' );
 218  }
 219  
 220  require_once ABSPATH . 'wp-admin/admin-header.php'; ?>
 221  
 222  <script type="text/javascript">
 223  var current_site_id = <?php echo $id; ?>;
 224  </script>
 225  
 226  
 227  <div class="wrap">
 228  <h1 id="edit-site"><?php echo $title; ?></h1>
 229  <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p>
 230  <?php
 231  
 232  network_edit_site_nav(
 233      array(
 234          'blog_id'  => $id,
 235          'selected' => 'site-users',
 236      )
 237  );
 238  
 239  if ( isset( $_GET['update'] ) ) :
 240      switch ( $_GET['update'] ) {
 241          case 'adduser':
 242              echo '<div id="message" class="updated notice is-dismissible"><p>' . __( 'User added.' ) . '</p></div>';
 243              break;
 244          case 'err_add_member':
 245              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'User is already a member of this site.' ) . '</p></div>';
 246              break;
 247          case 'err_add_fail':
 248              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'User could not be added to this site.' ) . '</p></div>';
 249              break;
 250          case 'err_add_notfound':
 251              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'Enter the username of an existing user.' ) . '</p></div>';
 252              break;
 253          case 'promote':
 254              echo '<div id="message" class="updated notice is-dismissible"><p>' . __( 'Changed roles.' ) . '</p></div>';
 255              break;
 256          case 'err_promote':
 257              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'Select a user to change role.' ) . '</p></div>';
 258              break;
 259          case 'remove':
 260              echo '<div id="message" class="updated notice is-dismissible"><p>' . __( 'User removed from this site.' ) . '</p></div>';
 261              break;
 262          case 'err_remove':
 263              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'Select a user to remove.' ) . '</p></div>';
 264              break;
 265          case 'newuser':
 266              echo '<div id="message" class="updated notice is-dismissible"><p>' . __( 'User created.' ) . '</p></div>';
 267              break;
 268          case 'err_new':
 269              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'Enter the username and email.' ) . '</p></div>';
 270              break;
 271          case 'err_new_dup':
 272              echo '<div id="message" class="error notice is-dismissible"><p>' . __( 'Duplicated username or email address.' ) . '</p></div>';
 273              break;
 274      }
 275  endif;
 276  ?>
 277  
 278  <form class="search-form" method="get">
 279  <?php $wp_list_table->search_box( __( 'Search Users' ), 'user' ); ?>
 280  <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
 281  </form>
 282  
 283  <?php $wp_list_table->views(); ?>
 284  
 285  <form method="post" action="site-users.php?action=update-site">
 286      <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
 287  
 288  <?php $wp_list_table->display(); ?>
 289  
 290  </form>
 291  
 292  <?php
 293  /**
 294   * Fires after the list table on the Users screen in the Multisite Network Admin.
 295   *
 296   * @since 3.1.0
 297   */
 298  do_action( 'network_site_users_after_list_table' );
 299  
 300  /** This filter is documented in wp-admin/network/site-users.php */
 301  if ( current_user_can( 'promote_users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) :
 302      ?>
 303  <h2 id="add-existing-user"><?php _e( 'Add Existing User' ); ?></h2>
 304  <form action="site-users.php?action=adduser" id="adduser" method="post">
 305      <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
 306      <table class="form-table" role="presentation">
 307          <tr>
 308              <th scope="row"><label for="newuser"><?php _e( 'Username' ); ?></label></th>
 309              <td><input type="text" class="regular-text wp-suggest-user" name="newuser" id="newuser" /></td>
 310          </tr>
 311          <tr>
 312              <th scope="row"><label for="new_role_adduser"><?php _e( 'Role' ); ?></label></th>
 313              <td><select name="new_role" id="new_role_adduser">
 314              <?php
 315              switch_to_blog( $id );
 316              wp_dropdown_roles( get_option( 'default_role' ) );
 317              restore_current_blog();
 318              ?>
 319              </select></td>
 320          </tr>
 321      </table>
 322      <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?>
 323      <?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-existing-user' ) ); ?>
 324  </form>
 325  <?php endif; ?>
 326  
 327  <?php
 328  /**
 329   * Filters whether to show the Add New User form on the Multisite Users screen.
 330   *
 331   * @since 3.1.0
 332   *
 333   * @param bool $bool Whether to show the Add New User form. Default true.
 334   */
 335  if ( current_user_can( 'create_users' ) && apply_filters( 'show_network_site_users_add_new_form', true ) ) :
 336      ?>
 337  <h2 id="add-new-user"><?php _e( 'Add New User' ); ?></h2>
 338  <form action="<?php echo network_admin_url( 'site-users.php?action=newuser' ); ?>" id="newuser" method="post">
 339      <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" />
 340      <table class="form-table" role="presentation">
 341          <tr>
 342              <th scope="row"><label for="user_username"><?php _e( 'Username' ); ?></label></th>
 343              <td><input type="text" class="regular-text" name="user[username]" id="user_username" /></td>
 344          </tr>
 345          <tr>
 346              <th scope="row"><label for="user_email"><?php _e( 'Email' ); ?></label></th>
 347              <td><input type="text" class="regular-text" name="user[email]" id="user_email" /></td>
 348          </tr>
 349          <tr>
 350              <th scope="row"><label for="new_role_newuser"><?php _e( 'Role' ); ?></label></th>
 351              <td><select name="new_role" id="new_role_newuser">
 352              <?php
 353              switch_to_blog( $id );
 354              wp_dropdown_roles( get_option( 'default_role' ) );
 355              restore_current_blog();
 356              ?>
 357              </select></td>
 358          </tr>
 359          <tr class="form-field">
 360              <td colspan="2" class="td-full"><?php _e( 'A password reset link will be sent to the user via email.' ); ?></td>
 361          </tr>
 362      </table>
 363      <?php wp_nonce_field( 'add-user', '_wpnonce_add-new-user' ); ?>
 364      <?php submit_button( __( 'Add New User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-user' ) ); ?>
 365  </form>
 366  <?php endif; ?>
 367  </div>
 368  <?php
 369  require_once ABSPATH . 'wp-admin/admin-footer.php';


Generated: Tue Jul 7 01:00:03 2020 Cross-referenced by PHPXref 0.7.1