[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-admin/ -> users.php (source)

   1  <?php
   2  /**
   3   * User administration panel
   4   *
   5   * @package WordPress
   6   * @subpackage Administration
   7   * @since 1.0.0
   8   */
   9  
  10  /** WordPress Administration Bootstrap */
  11  require_once  __DIR__ . '/admin.php';
  12  
  13  if ( ! current_user_can( 'list_users' ) ) {
  14      wp_die(
  15          '<h1>' . __( 'You need a higher level of permission.' ) . '</h1>' .
  16          '<p>' . __( 'Sorry, you are not allowed to list users.' ) . '</p>',
  17          403
  18      );
  19  }
  20  
  21  $wp_list_table = _get_list_table( 'WP_Users_List_Table' );
  22  $pagenum       = $wp_list_table->get_pagenum();
  23  
  24  // Used in the HTML title tag.
  25  $title       = __( 'Users' );
  26  $parent_file = 'users.php';
  27  
  28  add_screen_option( 'per_page' );
  29  
  30  // Contextual help - choose Help on the top right of admin panel to preview this.
  31  get_current_screen()->add_help_tab(
  32      array(
  33          'id'      => 'overview',
  34          'title'   => __( 'Overview' ),
  35          'content' => '<p>' . __( 'This screen lists all the existing users for your site. Each user has one of five defined roles as set by the site admin: Site Administrator, Editor, Author, Contributor, or Subscriber. Users with roles other than Administrator will see fewer options in the dashboard navigation when they are logged in, based on their role.' ) . '</p>' .
  36          '<p>' . __( 'To add a new user for your site, click the Add User button at the top of the screen or Add User in the Users menu section.' ) . '</p>',
  37      )
  38  );
  39  
  40  get_current_screen()->add_help_tab(
  41      array(
  42          'id'      => 'screen-content',
  43          'title'   => __( 'Screen Content' ),
  44          'content' => '<p>' . __( 'You can customize the display of this screen in a number of ways:' ) . '</p>' .
  45                          '<ul>' .
  46                          '<li>' . __( 'You can hide/display columns based on your needs and decide how many users to list per screen using the Screen Options tab.' ) . '</li>' .
  47                          '<li>' . __( 'You can filter the list of users by User Role using the text links above the users list to show All, Administrator, Editor, Author, Contributor, or Subscriber. The default view is to show all users. Unused User Roles are not listed.' ) . '</li>' .
  48                          '<li>' . __( 'You can view all posts made by a user by clicking on the number under the Posts column.' ) . '</li>' .
  49                          '</ul>',
  50      )
  51  );
  52  
  53  $help = '<p>' . __( 'Hovering over a row in the users list will display action links that allow you to manage users. You can perform the following actions:' ) . '</p>' .
  54      '<ul>' .
  55      '<li>' . __( '<strong>Edit</strong> takes you to the editable profile screen for that user. You can also reach that screen by clicking on the username.' ) . '</li>';
  56  
  57  if ( is_multisite() ) {
  58      $help .= '<li>' . __( '<strong>Remove</strong> allows you to remove a user from your site. It does not delete their content. You can also remove multiple users at once by using bulk actions.' ) . '</li>';
  59  } else {
  60      $help .= '<li>' . __( '<strong>Delete</strong> brings you to the Delete Users screen for confirmation, where you can permanently remove a user from your site and delete their content. You can also delete multiple users at once by using bulk actions.' ) . '</li>';
  61  }
  62  
  63  $help .= '<li>' . __( '<strong>View</strong> takes you to a public author archive which lists all the posts published by the user.' ) . '</li>';
  64  
  65  if ( current_user_can( 'edit_users' ) ) {
  66      $help .= '<li>' . __( '<strong>Send password reset</strong> sends the user an email with a link to set a new password.' ) . '</li>';
  67  }
  68  
  69  $help .= '</ul>';
  70  
  71  get_current_screen()->add_help_tab(
  72      array(
  73          'id'      => 'action-links',
  74          'title'   => __( 'Available Actions' ),
  75          'content' => $help,
  76      )
  77  );
  78  unset( $help );
  79  
  80  get_current_screen()->set_help_sidebar(
  81      '<p><strong>' . __( 'For more information:' ) . '</strong></p>' .
  82      '<p>' . __( '<a href="https://wordpress.org/documentation/article/users-screen/">Documentation on Managing Users</a>' ) . '</p>' .
  83      '<p>' . __( '<a href="https://wordpress.org/documentation/article/roles-and-capabilities/">Descriptions of Roles and Capabilities</a>' ) . '</p>' .
  84      '<p>' . __( '<a href="https://wordpress.org/support/forums/">Support forums</a>' ) . '</p>'
  85  );
  86  
  87  get_current_screen()->set_screen_reader_content(
  88      array(
  89          'heading_views'      => __( 'Filter users list' ),
  90          'heading_pagination' => __( 'Users list navigation' ),
  91          'heading_list'       => __( 'Users list' ),
  92      )
  93  );
  94  
  95  if ( empty( $_REQUEST ) ) {
  96      $referer = '<input type="hidden" name="wp_http_referer" value="' . esc_attr( wp_unslash( $_SERVER['REQUEST_URI'] ) ) . '" />';
  97  } elseif ( isset( $_REQUEST['wp_http_referer'] ) ) {
  98      $redirect = remove_query_arg( array( 'wp_http_referer', 'updated', 'delete_count' ), wp_unslash( $_REQUEST['wp_http_referer'] ) );
  99      $referer  = '<input type="hidden" name="wp_http_referer" value="' . esc_attr( $redirect ) . '" />';
 100  } else {
 101      $redirect = 'users.php';
 102      $referer  = '';
 103  }
 104  
 105  $update = '';
 106  
 107  switch ( $wp_list_table->current_action() ) {
 108  
 109      /* Bulk Dropdown menu Role changes */
 110      case 'promote':
 111          check_admin_referer( 'bulk-users' );
 112  
 113          if ( ! current_user_can( 'promote_users' ) ) {
 114              wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 );
 115          }
 116  
 117          if ( empty( $_REQUEST['users'] ) ) {
 118              wp_redirect( $redirect );
 119              exit;
 120          }
 121  
 122          $editable_roles = get_editable_roles();
 123          $role           = $_REQUEST['new_role'];
 124  
 125          // Mock `none` as editable role.
 126          $editable_roles['none'] = array(
 127              'name' => __( '&mdash; No role for this site &mdash;' ),
 128          );
 129  
 130          if ( ! $role || empty( $editable_roles[ $role ] ) ) {
 131              wp_die( __( 'Sorry, you are not allowed to give users that role.' ), 403 );
 132          }
 133  
 134          if ( 'none' === $role ) {
 135              $role = '';
 136          }
 137  
 138          $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 139          $update   = 'promote';
 140  
 141          foreach ( $user_ids as $id ) {
 142              if ( ! current_user_can( 'promote_user', $id ) ) {
 143                  wp_die( __( 'Sorry, you are not allowed to edit this user.' ), 403 );
 144              }
 145  
 146              // The new role of the current user must also have the promote_users cap, be a multisite super admin and must not be empty.
 147              if ( $id === $current_user->ID ) {
 148                  if ( '' === $role ) {
 149                      wp_die( __( 'Sorry, you cannot remove your own role.' ), 403 );
 150                  }
 151  
 152                  if ( $wp_roles->role_objects[ $role ]->has_cap( 'promote_users' ) || ( is_multisite() && current_user_can( 'manage_network_users' ) ) ) {
 153                      continue;
 154                  }
 155  
 156                  $update = 'err_admin_role';
 157                  continue;
 158              }
 159  
 160              // If the user doesn't already belong to the blog, bail.
 161              if ( is_multisite() && ! is_user_member_of_blog( $id ) ) {
 162                  wp_die(
 163                      '<h1>' . __( 'An error occurred.' ) . '</h1>' .
 164                      '<p>' . __( 'One of the selected users is not a member of this site.' ) . '</p>',
 165                      403
 166                  );
 167              }
 168  
 169              $user = get_userdata( $id );
 170  
 171              // If $role is empty, none will be set.
 172              $user->set_role( $role );
 173          }
 174  
 175          wp_redirect( add_query_arg( 'update', $update, $redirect ) );
 176          exit;
 177  
 178      case 'dodelete':
 179          if ( is_multisite() ) {
 180              wp_die( __( 'User deletion is not allowed from this screen.' ), 400 );
 181          }
 182  
 183          check_admin_referer( 'delete-users' );
 184  
 185          if ( empty( $_REQUEST['users'] ) ) {
 186              wp_redirect( $redirect );
 187              exit;
 188          }
 189  
 190          $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 191  
 192          if ( empty( $_REQUEST['delete_option'] ) ) {
 193              $url = self_admin_url( 'users.php?action=delete&users[]=' . implode( '&users[]=', $user_ids ) . '&error=true' );
 194              $url = str_replace( '&amp;', '&', wp_nonce_url( $url, 'bulk-users' ) );
 195              wp_redirect( $url );
 196              exit;
 197          }
 198  
 199          if ( ! current_user_can( 'delete_users' ) ) {
 200              wp_die( __( 'Sorry, you are not allowed to delete users.' ), 403 );
 201          }
 202  
 203          $update       = 'del';
 204          $delete_count = 0;
 205  
 206          foreach ( $user_ids as $id ) {
 207              if ( ! current_user_can( 'delete_user', $id ) ) {
 208                  wp_die( __( 'Sorry, you are not allowed to delete that user.' ), 403 );
 209              }
 210  
 211              if ( $id === $current_user->ID ) {
 212                  $update = 'err_admin_del';
 213                  continue;
 214              }
 215  
 216              if ( 'reassign' === $_REQUEST['delete_option'][ $id ] && empty( $_REQUEST['reassign_user'][ $id ] ) ) {
 217                  $update = 'err_missing_reassign';
 218                  continue;
 219              }
 220  
 221              switch ( $_REQUEST['delete_option'][ $id ] ) {
 222                  case 'delete':
 223                      wp_delete_user( $id );
 224                      break;
 225                  case 'reassign':
 226                      wp_delete_user( $id, $_REQUEST['reassign_user'][ $id ] );
 227                      break;
 228              }
 229  
 230              ++$delete_count;
 231          }
 232  
 233          $redirect = add_query_arg(
 234              array(
 235                  'delete_count' => $delete_count,
 236                  'update'       => $update,
 237              ),
 238              $redirect
 239          );
 240          wp_redirect( $redirect );
 241          exit;
 242  
 243      case 'resetpassword':
 244          check_admin_referer( 'bulk-users' );
 245  
 246          if ( ! current_user_can( 'edit_users' ) ) {
 247              $errors = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to edit users.' ) );
 248          }
 249  
 250          if ( empty( $_REQUEST['users'] ) ) {
 251              wp_redirect( $redirect );
 252              exit();
 253          }
 254  
 255          $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 256  
 257          $reset_count = 0;
 258  
 259          foreach ( $user_ids as $id ) {
 260              if ( ! current_user_can( 'edit_user', $id ) ) {
 261                  wp_die( __( 'Sorry, you are not allowed to edit this user.' ) );
 262              }
 263  
 264              if ( $id === $current_user->ID ) {
 265                  $update = 'err_admin_reset';
 266                  continue;
 267              }
 268  
 269              // Send the password reset link.
 270              $user = get_userdata( $id );
 271              if ( true === retrieve_password( $user->user_login ) ) {
 272                  ++$reset_count;
 273              }
 274          }
 275  
 276          $redirect = add_query_arg(
 277              array(
 278                  'reset_count' => $reset_count,
 279                  'update'      => 'resetpassword',
 280              ),
 281              $redirect
 282          );
 283          wp_redirect( $redirect );
 284          exit;
 285  
 286      case 'delete':
 287          if ( is_multisite() ) {
 288              wp_die( __( 'User deletion is not allowed from this screen.' ), 400 );
 289          }
 290  
 291          check_admin_referer( 'bulk-users' );
 292  
 293          if ( empty( $_REQUEST['users'] ) && empty( $_REQUEST['user'] ) ) {
 294              wp_redirect( $redirect );
 295              exit;
 296          }
 297  
 298          if ( ! current_user_can( 'delete_users' ) ) {
 299              $errors = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to delete users.' ) );
 300          }
 301  
 302          if ( empty( $_REQUEST['users'] ) ) {
 303              $user_ids = array( (int) $_REQUEST['user'] );
 304          } else {
 305              $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 306          }
 307  
 308          $all_user_ids = $user_ids;
 309  
 310          if ( in_array( $current_user->ID, $user_ids, true ) ) {
 311              $user_ids = array_diff( $user_ids, array( $current_user->ID ) );
 312          }
 313  
 314          require_once  ABSPATH . 'wp-admin/admin-header.php';
 315          ?>
 316          <form method="post" name="updateusers" id="updateusers" class="delete-and-reassign-users-form">
 317          <?php wp_nonce_field( 'delete-users' ); ?>
 318          <?php echo $referer; ?>
 319  
 320          <div class="wrap">
 321          <h1><?php _e( 'Delete Users' ); ?></h1>
 322  
 323          <?php
 324          if ( isset( $_REQUEST['error'] ) ) :
 325              wp_admin_notice(
 326                  '<strong>' . __( 'Error:' ) . '</strong> ' . __( 'Please select an option.' ),
 327                  array(
 328                      'additional_classes' => array( 'error' ),
 329                  )
 330              );
 331          endif;
 332          ?>
 333  
 334          <?php if ( 1 === count( $all_user_ids ) ) : ?>
 335              <p><?php _e( 'You have specified this user for deletion:' ); ?></p>
 336          <?php else : ?>
 337              <p><?php _e( 'You have specified these users for deletion:' ); ?></p>
 338          <?php endif; ?>
 339  
 340          <ul>
 341          <?php
 342          $go_delete          = 0;
 343          $users_have_content = false;
 344  
 345          foreach ( $all_user_ids as $id ) {
 346              $user = get_userdata( $id );
 347  
 348              if ( $id === $current_user->ID ) {
 349                  echo '<li>';
 350                  printf(
 351                      /* translators: 1: User ID, 2: User login. */
 352                      __( 'ID #%1$s: %2$s <strong>The current user will not be deleted.</strong>' ),
 353                      $id,
 354                      $user->user_login
 355                  );
 356                  echo "</li>\n";
 357              } else {
 358                  echo '<li>';
 359                  printf(
 360                      '<input type="hidden" name="users[]" value="%s" />',
 361                      esc_attr( $id )
 362                  );
 363  
 364                  /**
 365                   * Filters whether the users being deleted have additional content
 366                   * associated with them outside of the `post_author` and `link_owner` relationships.
 367                   *
 368                   * @since 5.2.0
 369                   *
 370                   * @param bool  $users_have_additional_content Whether the users have additional content. Default false.
 371                   * @param int[] $user_ids                      Array of IDs for users being deleted.
 372                   */
 373                  $user_has_content = (bool) apply_filters( 'users_have_additional_content', false, array( $id ) );
 374  
 375                  if ( ! $user_has_content ) {
 376                      if ( $wpdb->get_var(
 377                          $wpdb->prepare(
 378                              "SELECT ID FROM {$wpdb->posts}
 379                              WHERE post_author = %d
 380                              LIMIT 1",
 381                              $id
 382                          )
 383                      ) ) {
 384                          $user_has_content = true;
 385                      } elseif ( $wpdb->get_var(
 386                          $wpdb->prepare(
 387                              "SELECT link_id FROM {$wpdb->links}
 388                              WHERE link_owner = %d
 389                              LIMIT 1",
 390                              $id
 391                          )
 392                      ) ) {
 393                          $user_has_content = true;
 394                      }
 395                  }
 396  
 397                  if ( ! $user_has_content ) {
 398                      ?>
 399                      <input type="hidden" name="delete_option[<?php echo esc_attr( $id ); ?>]" value="delete" required />
 400                      <p>
 401                      <?php
 402                      printf(
 403                          /* translators: 1: User login. 2: User ID */
 404                          __( '%1$s (ID #%2$s): This user does not have any content.' ),
 405                          '<strong>' . $user->user_login . '</strong>',
 406                          $id
 407                      );
 408                      ?>
 409                      </p>
 410                      <?php
 411                  } else {
 412                      ?>
 413                      <fieldset>
 414                      <legend>
 415                      <?php
 416                      printf(
 417                          /* translators: 1: User login, 2: User ID. */
 418                          __( '%1$s (ID #%2$s): What should be done with the content owned by this user?' ),
 419                          '<strong>' . $user->user_login . '</strong>',
 420                          $id
 421                      );
 422                      ?>
 423                      </legend>
 424  
 425                      <ul>
 426                          <li>
 427                              <input type="radio" id="delete_option_<?php echo esc_attr( $id ); ?>" name="delete_option[<?php echo esc_attr( $id ); ?>]" value="delete" required />
 428                              <label for="delete_option_<?php echo esc_attr( $id ); ?>"><?php _e( 'Delete all content.' ); ?></label>
 429                          </li>
 430                          <li>
 431                              <input type="radio" id="reassign_option_<?php echo esc_attr( $id ); ?>" name="delete_option[<?php echo esc_attr( $id ); ?>]" value="reassign" required />
 432                              <label for="reassign_option_<?php echo esc_attr( $id ); ?>"><?php _e( 'Attribute all content to another user.' ); ?></label>
 433  
 434                              <label for="reassign_user_<?php echo esc_attr( $id ); ?>" class="screen-reader-text"><?php _e( 'Select a user to attribute the content to.' ); ?></label>
 435                              <?php
 436                              wp_dropdown_users(
 437                                  array(
 438                                      'show_option_none'  => __( 'Select a user' ),
 439                                      'option_none_value' => '',
 440                                      'name'              => 'reassign_user[' . $id . ']',
 441                                      'id'                => 'reassign_user_' . $id,
 442                                      'exclude'           => $user_ids,
 443                                      'show'              => 'display_name_with_login',
 444                                  )
 445                              );
 446                              ?>
 447                          </li>
 448                      </ul>
 449                      </fieldset>
 450                      <?php
 451                      $users_have_content = true;
 452                  }
 453  
 454                  echo "</li>\n";
 455  
 456                  ++$go_delete;
 457              }
 458          }
 459          ?>
 460          </ul>
 461  
 462          <?php
 463          if ( $go_delete ) :
 464              /**
 465               * Fires at the end of the delete users form prior to the confirm button.
 466               *
 467               * @since 4.0.0
 468               * @since 4.5.0 The `$user_ids` parameter was added.
 469               *
 470               * @param WP_User $current_user WP_User object for the current user.
 471               * @param int[]   $user_ids     Array of IDs for users being deleted.
 472               */
 473              do_action( 'delete_user_form', $current_user, $user_ids );
 474              ?>
 475              <input type="hidden" name="action" value="dodelete" />
 476              <?php submit_button( __( 'Confirm Deletion' ), 'primary' ); ?>
 477  
 478          <?php else : ?>
 479  
 480              <p><?php _e( 'There are no valid users selected for deletion.' ); ?></p>
 481  
 482          <?php endif; ?>
 483          </div><!-- .wrap -->
 484          </form><!-- #updateusers -->
 485          <?php
 486  
 487          break;
 488  
 489      case 'doremove':
 490          check_admin_referer( 'remove-users' );
 491  
 492          if ( ! is_multisite() ) {
 493              wp_die( __( 'You cannot remove users.' ), 400 );
 494          }
 495  
 496          if ( empty( $_REQUEST['users'] ) ) {
 497              wp_redirect( $redirect );
 498              exit;
 499          }
 500  
 501          if ( ! current_user_can( 'remove_users' ) ) {
 502              wp_die( __( 'Sorry, you are not allowed to remove users.' ), 403 );
 503          }
 504  
 505          $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 506          $update   = 'remove';
 507  
 508          foreach ( $user_ids as $id ) {
 509              if ( ! current_user_can( 'remove_user', $id ) ) {
 510                  $update = 'err_admin_remove';
 511                  continue;
 512              }
 513  
 514              remove_user_from_blog( $id, $blog_id );
 515          }
 516  
 517          $redirect = add_query_arg( array( 'update' => $update ), $redirect );
 518          wp_redirect( $redirect );
 519          exit;
 520  
 521      case 'remove':
 522          check_admin_referer( 'bulk-users' );
 523  
 524          if ( ! is_multisite() ) {
 525              wp_die( __( 'You cannot remove users.' ), 400 );
 526          }
 527  
 528          if ( empty( $_REQUEST['users'] ) && empty( $_REQUEST['user'] ) ) {
 529              wp_redirect( $redirect );
 530              exit;
 531          }
 532  
 533          if ( ! current_user_can( 'remove_users' ) ) {
 534              $error = new WP_Error( 'edit_users', __( 'Sorry, you are not allowed to remove users.' ) );
 535          }
 536  
 537          if ( empty( $_REQUEST['users'] ) ) {
 538              $user_ids = array( (int) $_REQUEST['user'] );
 539          } else {
 540              $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 541          }
 542  
 543          require_once  ABSPATH . 'wp-admin/admin-header.php';
 544          ?>
 545          <form method="post" name="updateusers" id="updateusers">
 546          <?php wp_nonce_field( 'remove-users' ); ?>
 547          <?php echo $referer; ?>
 548  
 549          <div class="wrap">
 550          <h1><?php _e( 'Remove Users from Site' ); ?></h1>
 551  
 552          <?php if ( 1 === count( $user_ids ) ) : ?>
 553              <p><?php _e( 'You have specified this user for removal:' ); ?></p>
 554          <?php else : ?>
 555              <p><?php _e( 'You have specified these users for removal:' ); ?></p>
 556          <?php endif; ?>
 557  
 558          <ul>
 559          <?php
 560          $go_remove = false;
 561  
 562          foreach ( $user_ids as $id ) {
 563              $user = get_userdata( $id );
 564  
 565              if ( ! current_user_can( 'remove_user', $id ) ) {
 566                  echo '<li>';
 567                  printf(
 568                      /* translators: 1: User ID, 2: User login. */
 569                      __( 'ID #%1$s: %2$s <strong>Sorry, you are not allowed to remove this user.</strong>' ),
 570                      $id,
 571                      $user->user_login
 572                  );
 573                  echo "</li>\n";
 574              } else {
 575                  echo '<li>';
 576                  printf(
 577                      '<input type="hidden" name="users[]" value="%s" />',
 578                      esc_attr( $id )
 579                  );
 580                  printf(
 581                      /* translators: 1: User ID, 2: User login. */
 582                      __( 'ID #%1$s: %2$s' ),
 583                      $id,
 584                      $user->user_login
 585                  );
 586                  echo "</li>\n";
 587  
 588                  $go_remove = true;
 589              }
 590          }
 591          ?>
 592          </ul>
 593  
 594          <?php if ( $go_remove ) : ?>
 595  
 596              <input type="hidden" name="action" value="doremove" />
 597              <?php submit_button( __( 'Confirm Removal' ), 'primary' ); ?>
 598  
 599          <?php else : ?>
 600  
 601              <p><?php _e( 'There are no valid users selected for removal.' ); ?></p>
 602  
 603          <?php endif; ?>
 604          </div><!-- .wrap -->
 605          </form><!-- #updateusers -->
 606          <?php
 607  
 608          break;
 609  
 610      default:
 611          if ( ! empty( $_GET['_wp_http_referer'] ) ) {
 612              wp_redirect( remove_query_arg( array( '_wp_http_referer', '_wpnonce' ), wp_unslash( $_SERVER['REQUEST_URI'] ) ) );
 613              exit;
 614          }
 615  
 616          if ( $wp_list_table->current_action() && ! empty( $_REQUEST['users'] ) ) {
 617              $screen   = get_current_screen()->id;
 618              $sendback = wp_get_referer();
 619              $user_ids = array_map( 'intval', (array) $_REQUEST['users'] );
 620  
 621              /** This action is documented in wp-admin/edit.php */
 622              $sendback = apply_filters( "handle_bulk_actions-{$screen}", $sendback, $wp_list_table->current_action(), $user_ids ); // phpcs:ignore WordPress.NamingConventions.ValidHookName.UseUnderscores
 623  
 624              wp_safe_redirect( $sendback );
 625              exit;
 626          }
 627  
 628          $wp_list_table->prepare_items();
 629          $total_pages = $wp_list_table->get_pagination_arg( 'total_pages' );
 630  
 631          if ( $pagenum > $total_pages && $total_pages > 0 ) {
 632              wp_redirect( add_query_arg( 'paged', $total_pages ) );
 633              exit;
 634          }
 635  
 636          require_once  ABSPATH . 'wp-admin/admin-header.php';
 637  
 638          $messages = array();
 639          if ( isset( $_GET['update'] ) ) :
 640              $delete_count = isset( $_GET['delete_count'] ) ? (int) $_GET['delete_count'] : 0;
 641  
 642              switch ( $_GET['update'] ) {
 643                  case 'del':
 644                  case 'del_many':
 645                      if ( 1 === $delete_count ) {
 646                          $message = __( 'User deleted.' );
 647                      } else {
 648                          /* translators: %s: Number of users. */
 649                          $message = _n( '%s user deleted.', '%s users deleted.', $delete_count );
 650                      }
 651                      $message    = sprintf( $message, number_format_i18n( $delete_count ) );
 652                      $messages[] = wp_get_admin_notice(
 653                          $message,
 654                          array(
 655                              'id'                 => 'message',
 656                              'additional_classes' => array( 'updated' ),
 657                              'dismissible'        => true,
 658                          )
 659                      );
 660                      break;
 661                  case 'add':
 662                      $message = __( 'New user created.' );
 663                      $user_id = $_GET['id'] ?? false;
 664                      if ( $user_id && current_user_can( 'edit_user', $user_id ) ) {
 665                          $message .= sprintf(
 666                              ' <a href="%1$s">%2$s</a>',
 667                              esc_url(
 668                                  add_query_arg(
 669                                      'wp_http_referer',
 670                                      urlencode( wp_unslash( $_SERVER['REQUEST_URI'] ) ),
 671                                      self_admin_url( 'user-edit.php?user_id=' . $user_id )
 672                                  )
 673                              ),
 674                              __( 'Edit user' )
 675                          );
 676                      }
 677  
 678                      $messages[] = wp_get_admin_notice(
 679                          $message,
 680                          array(
 681                              'id'                 => 'message',
 682                              'additional_classes' => array( 'updated' ),
 683                              'dismissible'        => true,
 684                          )
 685                      );
 686                      break;
 687                  case 'resetpassword':
 688                      $reset_count = isset( $_GET['reset_count'] ) ? (int) $_GET['reset_count'] : 0;
 689                      if ( 1 === $reset_count ) {
 690                          $message = __( 'Password reset link sent.' );
 691                      } else {
 692                          /* translators: %s: Number of users. */
 693                          $message = _n( 'Password reset links sent to %s user.', 'Password reset links sent to %s users.', $reset_count );
 694                      }
 695                      $message    = sprintf( $message, number_format_i18n( $reset_count ) );
 696                      $messages[] = wp_get_admin_notice(
 697                          $message,
 698                          array(
 699                              'id'                 => 'message',
 700                              'additional_classes' => array( 'updated' ),
 701                              'dismissible'        => true,
 702                          )
 703                      );
 704                      break;
 705                  case 'promote':
 706                      $messages[] = wp_get_admin_notice(
 707                          __( 'Changed roles.' ),
 708                          array(
 709                              'id'                 => 'message',
 710                              'additional_classes' => array( 'updated' ),
 711                              'dismissible'        => true,
 712                          )
 713                      );
 714                      break;
 715                  case 'err_admin_role':
 716                      $messages[] = wp_get_admin_notice(
 717                          __( 'You cannot change your own role to one that does not allow managing other users. Your role was not changed.' ),
 718                          array(
 719                              'id'                 => 'message',
 720                              'additional_classes' => array( 'error' ),
 721                              'dismissible'        => true,
 722                          )
 723                      );
 724                      if ( $delete_count > 0 ) {
 725                          $messages[] = wp_get_admin_notice(
 726                              __( 'Other user roles have been changed.' ),
 727                              array(
 728                                  'id'                 => 'message',
 729                                  'additional_classes' => array( 'updated' ),
 730                                  'dismissible'        => true,
 731                              )
 732                          );
 733                      }
 734                      break;
 735                  case 'err_admin_del':
 736                      $messages[] = wp_get_admin_notice(
 737                          __( 'You cannot delete the current user.' ),
 738                          array(
 739                              'id'                 => 'message',
 740                              'additional_classes' => array( 'error' ),
 741                              'dismissible'        => true,
 742                          )
 743                      );
 744                      if ( $delete_count > 0 ) {
 745                          $messages[] = wp_get_admin_notice(
 746                              __( 'Other users have been deleted.' ),
 747                              array(
 748                                  'id'                 => 'message',
 749                                  'additional_classes' => array( 'updated' ),
 750                                  'dismissible'        => true,
 751                              )
 752                          );
 753                      }
 754                      break;
 755                  case 'err_missing_reassign':
 756                      $messages[] = wp_get_admin_notice(
 757                          __( 'Users could not be deleted because no user was selected for content reassignment.' ),
 758                          array(
 759                              'id'                 => 'message',
 760                              'additional_classes' => array( 'error' ),
 761                              'dismissible'        => true,
 762                          )
 763                      );
 764                      if ( $delete_count > 0 ) {
 765                          $messages[] = wp_get_admin_notice(
 766                              __( 'Other users have been deleted.' ),
 767                              array(
 768                                  'id'                 => 'message',
 769                                  'additional_classes' => array( 'updated' ),
 770                                  'dismissible'        => true,
 771                              )
 772                          );
 773                      }
 774                      break;
 775                  case 'remove':
 776                      $messages[] = wp_get_admin_notice(
 777                          __( 'User removed from this site.' ),
 778                          array(
 779                              'id'                 => 'message',
 780                              'additional_classes' => array( 'updated', 'fade' ),
 781                              'dismissible'        => true,
 782                          )
 783                      );
 784                      break;
 785                  case 'err_admin_remove':
 786                      $messages[] = wp_get_admin_notice(
 787                          __( 'You cannot remove the current user.' ),
 788                          array(
 789                              'id'                 => 'message',
 790                              'additional_classes' => array( 'error' ),
 791                              'dismissible'        => true,
 792                          )
 793                      );
 794                      $messages[] = wp_get_admin_notice(
 795                          __( 'Other users have been removed.' ),
 796                          array(
 797                              'id'                 => 'message',
 798                              'additional_classes' => array( 'updated', 'fade' ),
 799                              'dismissible'        => true,
 800                          )
 801                      );
 802                      break;
 803              }
 804          endif;
 805          ?>
 806  
 807          <?php
 808          if ( isset( $errors ) && is_wp_error( $errors ) ) :
 809              $error_message = '';
 810              foreach ( $errors->get_error_messages() as $err ) {
 811                  $error_message .= "<li>$err</li>\n";
 812              }
 813              wp_admin_notice(
 814                  '<ul>' . $error_message . '</ul>',
 815                  array(
 816                      'additional_classes' => array( 'error' ),
 817                  )
 818              );
 819          endif;
 820  
 821          if ( ! empty( $messages ) ) {
 822              foreach ( $messages as $msg ) {
 823                  echo $msg;
 824              }
 825          }
 826          ?>
 827  
 828          <div class="wrap">
 829          <h1 class="wp-heading-inline">
 830              <?php echo esc_html( $title ); ?>
 831          </h1>
 832  
 833          <?php
 834          if ( current_user_can( 'create_users' ) ) {
 835              printf(
 836                  '<a href="%1$s" class="page-title-action">%2$s</a>',
 837                  esc_url( admin_url( 'user-new.php' ) ),
 838                  esc_html__( 'Add User' )
 839              );
 840          } elseif ( is_multisite() && current_user_can( 'promote_users' ) ) {
 841              printf(
 842                  '<a href="%1$s" class="page-title-action">%2$s</a>',
 843                  esc_url( admin_url( 'user-new.php' ) ),
 844                  esc_html__( 'Add Existing User' )
 845              );
 846          }
 847  
 848          if ( strlen( $usersearch ) ) {
 849              echo '<span class="subtitle">';
 850              printf(
 851                  /* translators: %s: Search query. */
 852                  __( 'Search results for: %s' ),
 853                  '<strong>' . esc_html( $usersearch ) . '</strong>'
 854              );
 855              echo '</span>';
 856          }
 857          ?>
 858  
 859          <hr class="wp-header-end">
 860  
 861          <?php $wp_list_table->views(); ?>
 862  
 863          <form method="get">
 864  
 865          <?php $wp_list_table->search_box( __( 'Search Users' ), 'user' ); ?>
 866  
 867          <?php if ( ! empty( $_REQUEST['role'] ) ) { ?>
 868              <input type="hidden" name="role" value="<?php echo esc_attr( $_REQUEST['role'] ); ?>" />
 869          <?php } ?>
 870  
 871          <?php $wp_list_table->display(); ?>
 872  
 873          </form>
 874  
 875          <div class="clear"></div>
 876          </div><!-- .wrap -->
 877          <?php
 878          break;
 879  
 880  } // End of the $doaction switch.
 881  
 882  require_once  ABSPATH . 'wp-admin/admin-footer.php';


Generated : Sun Jul 12 08:20:14 2026 Cross-referenced by PHPXref