| [ Index ] |
PHP Cross Reference of WordPress Trunk (Updated Daily) |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Multisite users administration panel. 4 * 5 * @package WordPress 6 * @subpackage Multisite 7 * @since 3.0.0 8 */ 9 10 /** Load WordPress Administration Bootstrap */ 11 require_once __DIR__ . '/admin.php'; 12 13 if ( ! current_user_can( 'manage_network_users' ) ) { 14 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 15 } 16 17 if ( isset( $_GET['action'] ) ) { 18 /** This action is documented in wp-admin/network/edit.php */ 19 do_action( 'wpmuadminedit' ); 20 21 switch ( $_GET['action'] ) { 22 case 'deleteuser': 23 if ( ! current_user_can( 'manage_network_users' ) ) { 24 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 25 } 26 27 check_admin_referer( 'deleteuser' ); 28 29 $id = (int) $_GET['id']; 30 if ( $id > 1 ) { 31 $_POST['allusers'] = array( $id ); // confirm_delete_users() can only handle arrays. 32 33 // Used in the HTML title tag. 34 $title = __( 'Users' ); 35 $parent_file = 'users.php'; 36 37 require_once ABSPATH . 'wp-admin/admin-header.php'; 38 39 echo '<div class="wrap">'; 40 confirm_delete_users( $_POST['allusers'] ); 41 echo '</div>'; 42 43 require_once ABSPATH . 'wp-admin/admin-footer.php'; 44 } else { 45 wp_redirect( network_admin_url( 'users.php' ) ); 46 } 47 exit; 48 49 case 'allusers': 50 if ( ! current_user_can( 'manage_network_users' ) ) { 51 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 52 } 53 54 if ( isset( $_POST['action'] ) && isset( $_POST['allusers'] ) ) { 55 check_admin_referer( 'bulk-users-network' ); 56 57 $doaction = $_POST['action']; 58 $userfunction = ''; 59 60 foreach ( (array) $_POST['allusers'] as $user_id ) { 61 if ( ! empty( $user_id ) ) { 62 switch ( $doaction ) { 63 case 'delete': 64 if ( ! current_user_can( 'delete_users' ) ) { 65 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 66 } 67 68 // Used in the HTML title tag. 69 $title = __( 'Users' ); 70 $parent_file = 'users.php'; 71 72 require_once ABSPATH . 'wp-admin/admin-header.php'; 73 74 echo '<div class="wrap">'; 75 confirm_delete_users( $_POST['allusers'] ); 76 echo '</div>'; 77 78 require_once ABSPATH . 'wp-admin/admin-footer.php'; 79 exit; 80 81 case 'spam': 82 $user = get_userdata( $user_id ); 83 if ( is_super_admin( $user->ID ) ) { 84 wp_die( 85 sprintf( 86 /* translators: %s: User login. */ 87 __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), 88 esc_html( $user->user_login ) 89 ), 90 403 91 ); 92 } 93 94 $userfunction = 'all_spam'; 95 96 /** 97 * Filters whether to propagate the blog status when a user is marked as spam. 98 * 99 * @since 7.0.0 100 * 101 * @param bool $propagate Whether to propagate the blog status. Default false. 102 * @param int $user_id User ID. 103 */ 104 if ( apply_filters( 'propagate_network_user_spam_to_blogs', false, $user_id ) ) { 105 foreach ( get_blogs_of_user( $user_id, true ) as $details ) { 106 // Assuming the main site is not a spam. 107 if ( ! is_main_site( $details->userblog_id ) ) { 108 update_blog_status( $details->userblog_id, 'spam', '1' ); 109 } 110 } 111 } 112 113 $user_data = $user->to_array(); 114 $user_data['spam'] = '1'; 115 116 wp_update_user( $user_data ); 117 break; 118 119 case 'notspam': 120 $user = get_userdata( $user_id ); 121 122 if ( is_super_admin( $user->ID ) ) { 123 wp_die( 124 sprintf( 125 /* translators: %s: User login. */ 126 __( 'Warning! User cannot be modified. The user %s is a network administrator.' ), 127 esc_html( $user->user_login ) 128 ), 129 403 130 ); 131 } 132 133 $userfunction = 'all_notspam'; 134 $blogs = get_blogs_of_user( $user_id, true ); 135 136 /** This filter is documented in wp-admin/network/users.php */ 137 if ( apply_filters( 'propagate_network_user_spam_to_blogs', false, $user_id ) ) { 138 foreach ( get_blogs_of_user( $user_id, true ) as $details ) { 139 if ( ! is_main_site( $details->userblog_id ) && get_current_network_id() === $details->site_id ) { 140 // Assuming main site is never a spam and part of the current network. 141 update_blog_status( $details->userblog_id, 'spam', '0' ); 142 } 143 } 144 } 145 146 $user_data = $user->to_array(); 147 $user_data['spam'] = '0'; 148 149 wp_update_user( $user_data ); 150 break; 151 } 152 } 153 } 154 155 if ( ! in_array( $doaction, array( 'delete', 'spam', 'notspam' ), true ) ) { 156 $sendback = wp_get_referer(); 157 $user_ids = (array) $_POST['allusers']; 158 159 /** This action is documented in wp-admin/network/site-themes.php */ 160 $sendback = apply_filters( 'handle_network_bulk_actions-' . get_current_screen()->id, $sendback, $doaction, $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores 161 162 wp_safe_redirect( $sendback ); 163 exit; 164 } 165 166 wp_safe_redirect( 167 add_query_arg( 168 array( 169 'updated' => 'true', 170 'action' => $userfunction, 171 ), 172 wp_get_referer() 173 ) 174 ); 175 } else { 176 $location = network_admin_url( 'users.php' ); 177 178 if ( ! empty( $_REQUEST['paged'] ) ) { 179 $location = add_query_arg( 'paged', (int) $_REQUEST['paged'], $location ); 180 } 181 wp_redirect( $location ); 182 } 183 exit; 184 185 case 'dodelete': 186 check_admin_referer( 'ms-users-delete' ); 187 if ( ! ( current_user_can( 'manage_network_users' ) && current_user_can( 'delete_users' ) ) ) { 188 wp_die( __( 'Sorry, you are not allowed to access this page.' ), 403 ); 189 } 190 191 if ( ! empty( $_POST['blog'] ) && is_array( $_POST['blog'] ) ) { 192 foreach ( $_POST['blog'] as $id => $users ) { 193 foreach ( $users as $blogid => $user_id ) { 194 if ( ! current_user_can( 'delete_user', $id ) ) { 195 continue; 196 } 197 198 if ( ! empty( $_POST['delete'] ) && 'reassign' === $_POST['delete'][ $blogid ][ $id ] ) { 199 remove_user_from_blog( $id, $blogid, (int) $user_id ); 200 } else { 201 remove_user_from_blog( $id, $blogid ); 202 } 203 } 204 } 205 } 206 207 $i = 0; 208 209 if ( is_array( $_POST['user'] ) && ! empty( $_POST['user'] ) ) { 210 foreach ( $_POST['user'] as $id ) { 211 if ( ! current_user_can( 'delete_user', $id ) ) { 212 continue; 213 } 214 wpmu_delete_user( $id ); 215 ++$i; 216 } 217 } 218 219 if ( 1 === $i ) { 220 $deletefunction = 'delete'; 221 } else { 222 $deletefunction = 'all_delete'; 223 } 224 225 wp_redirect( 226 add_query_arg( 227 array( 228 'updated' => 'true', 229 'action' => $deletefunction, 230 ), 231 network_admin_url( 'users.php' ) 232 ) 233 ); 234 exit; 235 } 236 } 237 238 $wp_list_table = _get_list_table( 'WP_MS_Users_List_Table' ); 239 $pagenum = $wp_list_table->get_pagenum(); 240 $wp_list_table->prepare_items(); 241 $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' ); 242 243 if ( $pagenum > $total_pages && $total_pages > 0 ) { 244 wp_redirect( add_query_arg( 'paged', $total_pages ) ); 245 exit; 246 } 247 248 // Used in the HTML title tag. 249 $title = __( 'Users' ); 250 $parent_file = 'users.php'; 251 252 add_screen_option( 'per_page' ); 253 254 get_current_screen()->add_help_tab( 255 array( 256 'id' => 'overview', 257 'title' => __( 'Overview' ), 258 'content' => 259 '<p>' . __( 'This table shows all users across the network and the sites to which they are assigned.' ) . '</p>' . 260 '<p>' . __( 'Hover over any user on the list to make the edit links appear. The Edit link on the left will take you to their Edit User profile page; the Edit link on the right by any site name goes to an Edit Site screen for that site.' ) . '</p>' . 261 '<p>' . __( 'You can also go to the user’s profile page by clicking on the individual username.' ) . '</p>' . 262 '<p>' . __( 'You can sort the table by clicking on any of the table headings and switch between list and excerpt views by using the icons above the users list.' ) . '</p>' . 263 '<p>' . __( 'The bulk action will permanently delete selected users, or mark/unmark those selected as spam. Spam users will have posts removed and will be unable to sign up again with the same email addresses.' ) . '</p>' . 264 '<p>' . __( 'You can make an existing user an additional super admin by going to the Edit User profile page and checking the box to grant that privilege.' ) . '</p>', 265 ) 266 ); 267 268 get_current_screen()->set_help_sidebar( 269 '<p><strong>' . __( 'For more information:' ) . '</strong></p>' . 270 '<p>' . __( '<a href="https://codex.wordpress.org/Network_Admin_Users_Screen">Documentation on Network Users</a>' ) . '</p>' . 271 '<p>' . __( '<a href="https://wordpress.org/support/forum/multisite/">Support forums</a>' ) . '</p>' 272 ); 273 274 get_current_screen()->set_screen_reader_content( 275 array( 276 'heading_views' => __( 'Filter users list' ), 277 'heading_pagination' => __( 'Users list navigation' ), 278 'heading_list' => __( 'Users list' ), 279 ) 280 ); 281 282 require_once ABSPATH . 'wp-admin/admin-header.php'; 283 284 if ( isset( $_REQUEST['updated'] ) && 'true' === $_REQUEST['updated'] && ! empty( $_REQUEST['action'] ) ) { 285 $message = ''; 286 switch ( $_REQUEST['action'] ) { 287 case 'delete': 288 $message = __( 'User deleted.' ); 289 break; 290 case 'all_spam': 291 $message = __( 'Users marked as spam.' ); 292 break; 293 case 'all_notspam': 294 $message = __( 'Users removed from spam.' ); 295 break; 296 case 'all_delete': 297 $message = __( 'Users deleted.' ); 298 break; 299 case 'add': 300 $message = __( 'User added.' ); 301 break; 302 } 303 304 wp_admin_notice( 305 $message, 306 array( 307 'type' => 'success', 308 'dismissible' => true, 309 'id' => 'message', 310 ) 311 ); 312 } 313 ?> 314 <div class="wrap"> 315 <h1 class="wp-heading-inline"><?php esc_html_e( 'Users' ); ?></h1> 316 317 <?php 318 if ( current_user_can( 'create_users' ) ) : 319 ?> 320 <a href="<?php echo esc_url( network_admin_url( 'user-new.php' ) ); ?>" class="page-title-action"><?php echo esc_html__( 'Add User' ); ?></a> 321 <?php 322 endif; 323 324 if ( strlen( $usersearch ) ) { 325 echo '<span class="subtitle">'; 326 printf( 327 /* translators: %s: Search query. */ 328 __( 'Search results for: %s' ), 329 '<strong>' . esc_html( $usersearch ) . '</strong>' 330 ); 331 echo '</span>'; 332 } 333 ?> 334 335 <hr class="wp-header-end"> 336 337 <?php $wp_list_table->views(); ?> 338 339 <form method="get" class="search-form"> 340 <?php $wp_list_table->search_box( __( 'Search Users' ), 'all-user' ); ?> 341 </form> 342 343 <form id="form-user-list" action="users.php?action=allusers" method="post"> 344 <?php $wp_list_table->display(); ?> 345 </form> 346 </div> 347 348 <?php require_once ABSPATH . 'wp-admin/admin-footer.php'; ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated : Tue May 5 08:20:14 2026 | Cross-referenced by PHPXref |