| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Edit Site Users Administration Screen 4 * 5 * @package WordPress 6 * @subpackage Multisite 7 * @since 3.1.0 8 */ 9 10 /** Load WordPress Administration Bootstrap */ 11 require_once __DIR__ . '/admin.php'; 12 13 if ( ! current_user_can( 'manage_sites' ) ) { 14 wp_die( __( 'Sorry, you are not allowed to edit this site.' ), 403 ); 15 } 16 17 $wp_list_table = _get_list_table( 'WP_Users_List_Table' ); 18 $wp_list_table->prepare_items(); 19 20 get_current_screen()->add_help_tab( get_site_screen_help_tab_args() ); 21 get_current_screen()->set_help_sidebar( get_site_screen_help_sidebar_content() ); 22 23 get_current_screen()->set_screen_reader_content( 24 array( 25 'heading_views' => __( 'Filter site users list' ), 26 'heading_pagination' => __( 'Site users list navigation' ), 27 'heading_list' => __( 'Site users list' ), 28 ) 29 ); 30 31 $_SERVER['REQUEST_URI'] = remove_query_arg( 'update', $_SERVER['REQUEST_URI'] ); 32 $referer = remove_query_arg( 'update', wp_get_referer() ); 33 34 if ( ! empty( $_REQUEST['paged'] ) ) { 35 $referer = add_query_arg( 'paged', (int) $_REQUEST['paged'], $referer ); 36 } 37 38 $id = isset( $_REQUEST['id'] ) ? (int) $_REQUEST['id'] : 0; 39 40 if ( ! $id ) { 41 wp_die( __( 'Invalid site ID.' ) ); 42 } 43 44 $details = get_site( $id ); 45 if ( ! $details ) { 46 wp_die( __( 'The requested site does not exist.' ) ); 47 } 48 49 if ( ! can_edit_network( $details->site_id ) ) { 50 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 51 } 52 53 $is_main_site = is_main_site( $id ); 54 55 switch_to_blog( $id ); 56 57 $action = $wp_list_table->current_action(); 58 59 if ( $action ) { 60 61 switch ( $action ) { 62 case 'newuser': 63 check_admin_referer( 'add-user', '_wpnonce_add-new-user' ); 64 $user = $_POST['user']; 65 if ( ! is_array( $_POST['user'] ) || empty( $user['username'] ) || empty( $user['email'] ) ) { 66 $update = 'err_new'; 67 } else { 68 $password = wp_generate_password( 12, false ); 69 $user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) ); 70 71 if ( false === $user_id ) { 72 $update = 'err_new_dup'; 73 } else { 74 $result = add_user_to_blog( $id, $user_id, $_POST['new_role'] ); 75 76 if ( is_wp_error( $result ) ) { 77 $update = 'err_add_fail'; 78 } else { 79 $update = 'newuser'; 80 81 /** 82 * Fires after a user has been created via the network site-users.php page. 83 * 84 * @since 4.4.0 85 * 86 * @param int $user_id ID of the newly created user. 87 */ 88 do_action( 'network_site_users_created_user', $user_id ); 89 } 90 } 91 } 92 break; 93 94 case 'adduser': 95 check_admin_referer( 'add-user', '_wpnonce_add-user' ); 96 if ( ! empty( $_POST['newuser'] ) ) { 97 $update = 'adduser'; 98 $newuser = $_POST['newuser']; 99 $user = get_user_by( 'login', $newuser ); 100 if ( $user && $user->exists() ) { 101 if ( ! is_user_member_of_blog( $user->ID, $id ) ) { 102 $result = add_user_to_blog( $id, $user->ID, $_POST['new_role'] ); 103 104 if ( is_wp_error( $result ) ) { 105 $update = 'err_add_fail'; 106 } 107 } else { 108 $update = 'err_add_member'; 109 } 110 } else { 111 $update = 'err_add_notfound'; 112 } 113 } else { 114 $update = 'err_add_notfound'; 115 } 116 break; 117 118 case 'remove': 119 if ( ! current_user_can( 'remove_users' ) ) { 120 wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 ); 121 } 122 123 check_admin_referer( 'bulk-users' ); 124 125 $update = 'remove'; 126 if ( isset( $_REQUEST['users'] ) ) { 127 $userids = $_REQUEST['users']; 128 129 foreach ( $userids as $user_id ) { 130 $user_id = (int) $user_id; 131 remove_user_from_blog( $user_id, $id ); 132 } 133 } elseif ( isset( $_GET['user'] ) ) { 134 remove_user_from_blog( $_GET['user'] ); 135 } else { 136 $update = 'err_remove'; 137 } 138 break; 139 140 case 'promote': 141 check_admin_referer( 'bulk-users' ); 142 143 if ( ! current_user_can( 'promote_users' ) ) { 144 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 145 } 146 147 $editable_roles = get_editable_roles(); 148 $role = $_REQUEST['new_role']; 149 150 // Mock `none` as editable role. 151 $editable_roles['none'] = array( 152 'name' => __( '— No role for this site —' ), 153 ); 154 155 if ( empty( $editable_roles[ $role ] ) ) { 156 wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 ); 157 } 158 159 if ( 'none' === $role ) { 160 $role = ''; 161 } 162 163 if ( isset( $_REQUEST['users'] ) ) { 164 $userids = $_REQUEST['users']; 165 $update = 'promote'; 166 foreach ( $userids as $user_id ) { 167 $user_id = (int) $user_id; 168 169 if ( ! current_user_can( 'promote_user', $user_id ) ) { 170 wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 ); 171 } 172 173 // If the user doesn't already belong to the blog, bail. 174 if ( ! is_user_member_of_blog( $user_id ) ) { 175 wp_die( 176 '<h1>' . __( 'An error occurred.' ) . '</h1>' . 177 '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>', 178 403 179 ); 180 } 181 182 $user = get_userdata( $user_id ); 183 184 // If $role is empty, none will be set. 185 $user->set_role( $role ); 186 } 187 } else { 188 $update = 'err_promote'; 189 } 190 break; 191 default: 192 if ( ! isset( $_REQUEST['users'] ) ) { 193 break; 194 } 195 check_admin_referer( 'bulk-users' ); 196 $userids = $_REQUEST['users']; 197 198 /** This action is documented in wp-admin/network/site-themes.php */ 199 $referer = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $referer, $action, $userids, $id ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores 200 201 $update = $action; 202 break; 203 } 204 205 wp_safe_redirect( add_query_arg( 'update', $update, $referer ) ); 206 exit; 207 } 208 209 restore_current_blog(); 210 211 if ( isset( $_GET['action'] ) && 'update-site' === $_GET['action'] ) { 212 wp_safe_redirect( $referer ); 213 exit; 214 } 215 216 add_screen_option( 'per_page' ); 217 218 // Used in the HTML title tag. 219 /* translators: %s: Site title. */ 220 $title = sprintf( __( 'Edit Site: %s' ), esc_html( $details->blogname ) ); 221 222 $parent_file = 'sites.php'; 223 $submenu_file = 'sites.php'; 224 225 /** 226 * Filters whether to show the Add Existing User form on the Multisite Users screen. 227 * 228 * @since 3.1.0 229 * 230 * @param bool $bool Whether to show the Add Existing User form. Default true. 231 */ 232 if ( ! wp_is_large_network( 'users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) { 233 wp_enqueue_script( 'user-suggest' ); 234 } 235 236 require_once ABSPATH . 'wp-admin/admin-header.php'; 237 ?> 238 239 <script type="text/javascript"> 240 var current_site_id = <?php echo absint( $id ); ?>; 241 </script> 242 243 244 <div class="wrap"> 245 <h1 id="edit-site"><?php echo $title; ?></h1> 246 <p class="edit-site-actions"><a href="<?php echo esc_url( get_home_url( $id, '/' ) ); ?>"><?php _e( 'Visit' ); ?></a> | <a href="<?php echo esc_url( get_admin_url( $id ) ); ?>"><?php _e( 'Dashboard' ); ?></a></p> 247 <?php 248 249 network_edit_site_nav( 250 array( 251 'blog_id' => $id, 252 'selected' => 'site-users', 253 ) 254 ); 255 256 if ( isset( $_GET['update'] ) ) : 257 $message = ''; 258 $type = 'error'; 259 260 switch ( $_GET['update'] ) { 261 case 'adduser': 262 $type = 'success'; 263 $message = __( 'User added.' ); 264 break; 265 case 'err_add_member': 266 $message = __( 'User is already a member of this site.' ); 267 break; 268 case 'err_add_fail': 269 $message = __( 'User could not be added to this site.' ); 270 break; 271 case 'err_add_notfound': 272 $message = __( 'Enter the username of an existing user.' ); 273 break; 274 case 'promote': 275 $type = 'success'; 276 $message = __( 'Changed roles.' ); 277 break; 278 case 'err_promote': 279 $message = __( 'Select a user to change role.' ); 280 break; 281 case 'remove': 282 $type = 'success'; 283 $message = __( 'User removed from this site.' ); 284 break; 285 case 'err_remove': 286 $message = __( 'Select a user to remove.' ); 287 break; 288 case 'newuser': 289 $type = 'success'; 290 $message = __( 'User created.' ); 291 break; 292 case 'err_new': 293 $message = __( 'Enter the username and email.' ); 294 break; 295 case 'err_new_dup': 296 $message = __( 'Duplicated username or email address.' ); 297 break; 298 } 299 300 wp_admin_notice( 301 $message, 302 array( 303 'type' => $type, 304 'dismissible' => true, 305 'id' => 'message', 306 ) 307 ); 308 endif; 309 ?> 310 311 <form class="search-form" method="get"> 312 <?php $wp_list_table->search_box( __( 'Search Users' ), 'user' ); ?> 313 <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> 314 </form> 315 316 <?php $wp_list_table->views(); ?> 317 318 <form method="post" action="site-users.php?action=update-site"> 319 <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> 320 321 <?php $wp_list_table->display(); ?> 322 323 </form> 324 325 <?php 326 /** 327 * Fires after the list table on the Users screen in the Multisite Network Admin. 328 * 329 * @since 3.1.0 330 */ 331 do_action( 'network_site_users_after_list_table' ); 332 333 /** This filter is documented in wp-admin/network/site-users.php */ 334 if ( current_user_can( 'promote_users' ) && apply_filters( 'show_network_site_users_add_existing_form', true ) ) : 335 ?> 336 <h2 id="add-existing-user"><?php _e( 'Add Existing User' ); ?></h2> 337 <form action="site-users.php?action=adduser" id="adduser" method="post"> 338 <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> 339 <table class="form-table" role="presentation"> 340 <tr> 341 <th scope="row"><label for="newuser"><?php _e( 'Username' ); ?></label></th> 342 <td><input type="text" class="regular-text wp-suggest-user" name="newuser" id="newuser" /></td> 343 </tr> 344 <tr> 345 <th scope="row"><label for="new_role_adduser"><?php _e( 'Role' ); ?></label></th> 346 <td><select name="new_role" id="new_role_adduser"> 347 <?php 348 switch_to_blog( $id ); 349 wp_dropdown_roles( get_option( 'default_role' ) ); 350 restore_current_blog(); 351 ?> 352 </select></td> 353 </tr> 354 </table> 355 <?php wp_nonce_field( 'add-user', '_wpnonce_add-user' ); ?> 356 <?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-existing-user' ) ); ?> 357 </form> 358 <?php endif; ?> 359 360 <?php 361 /** 362 * Filters whether to show the Add New User form on the Multisite Users screen. 363 * 364 * Note: While WordPress is moving towards simplifying labels by removing "New" from "Add New X" labels, 365 * we keep "Add New User" here to maintain a clear distinction from the "Add Existing User" section above. 366 * 367 * @since 3.1.0 368 * 369 * @param bool $bool Whether to show the Add New User form. Default true. 370 */ 371 if ( current_user_can( 'create_users' ) && apply_filters( 'show_network_site_users_add_new_form', true ) ) : 372 ?> 373 <h2 id="add-new-user"><?php _e( 'Add New User' ); ?></h2> 374 <form action="<?php echo esc_url( network_admin_url( 'site-users.php?action=newuser' ) ); ?>" id="newuser" method="post"> 375 <input type="hidden" name="id" value="<?php echo esc_attr( $id ); ?>" /> 376 <table class="form-table" role="presentation"> 377 <tr> 378 <th scope="row"><label for="user_username"><?php _e( 'Username' ); ?></label></th> 379 <td><input type="text" class="regular-text" name="user[username]" id="user_username" /></td> 380 </tr> 381 <tr> 382 <th scope="row"><label for="user_email"><?php _e( 'Email' ); ?></label></th> 383 <td><input type="text" class="regular-text" name="user[email]" id="user_email" /></td> 384 </tr> 385 <tr> 386 <th scope="row"><label for="new_role_newuser"><?php _e( 'Role' ); ?></label></th> 387 <td><select name="new_role" id="new_role_newuser"> 388 <?php 389 switch_to_blog( $id ); 390 wp_dropdown_roles( get_option( 'default_role' ) ); 391 restore_current_blog(); 392 ?> 393 </select></td> 394 </tr> 395 <tr class="form-field"> 396 <td colspan="2" class="td-full"><?php _e( 'A password reset link will be sent to the user via email.' ); ?></td> 397 </tr> 398 </table> 399 <?php wp_nonce_field( 'add-user', '_wpnonce_add-new-user' ); ?> 400 <?php submit_button( __( 'Add User' ), 'primary', 'add-user', true, array( 'id' => 'submit-add-user' ) ); ?> 401 </form> 402 <?php endif; ?> 403 </div> 404 <?php 405 require_once ABSPATH . 'wp-admin/admin-footer.php';
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Mon Oct 20 08:20:05 2025 | Cross-referenced by PHPXref |