| [ XREF Home ] [ Index ] |
PHP Cross Reference of WordPress TrunkProvided by Yoast |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * Edit user administration panel. 4 * 5 * @package WordPress 6 * @subpackage Administration 7 */ 8 9 /** WordPress Administration Bootstrap */ 10 require_once ('./admin.php'); 11 12 wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer')); 13 14 $user_id = (int) $user_id; 15 $current_user = wp_get_current_user(); 16 if ( ! defined( 'IS_PROFILE_PAGE' ) ) 17 define( 'IS_PROFILE_PAGE', ( $user_id == $current_user->ID ) ); 18 19 if ( ! $user_id && IS_PROFILE_PAGE ) 20 $user_id = $current_user->ID; 21 elseif ( ! $user_id && ! IS_PROFILE_PAGE ) 22 wp_die(__( 'Invalid user ID.' ) ); 23 elseif ( ! get_userdata( $user_id ) ) 24 wp_die( __('Invalid user ID.') ); 25 26 wp_enqueue_script('user-profile'); 27 28 $title = IS_PROFILE_PAGE ? __('Profile') : __('Edit User'); 29 if ( current_user_can('edit_users') && !IS_PROFILE_PAGE ) 30 $submenu_file = 'users.php'; 31 else 32 $submenu_file = 'profile.php'; 33 34 if ( current_user_can('edit_users') && !is_user_admin() ) 35 $parent_file = 'users.php'; 36 else 37 $parent_file = 'profile.php'; 38 39 // contextual help - choose Help on the top right of admin panel to preview this. 40 add_contextual_help($current_screen, 41 '<p>' . __('Your profile contains information about you (your “account”) as well as some personal options related to using WordPress.') . '</p>' . 42 '<p>' . __('You can change your password, turn on keyboard shortcuts, change the color scheme of your WordPress administration screens, and turn off the WYSIWYG (Visual) editor, among other things.') . '</p>' . 43 '<p>' . __('Your username cannot be changed, but you can use other fields to enter your real name or a nickname, and change which name to display on your posts.') . '</p>' . 44 '<p>' . __('Required fields are indicated; the rest are optional. Profile information will only be displayed if your theme is set up to do so.') . '</p>' . 45 '<p>' . __('Remember to click the Update Profile button when you are finished.') . '</p>' . 46 '<p><strong>' . __('For more information:') . '</strong></p>' . 47 '<p>' . __('<a href="http://codex.wordpress.org/Users_Your_Profile_Screen" target="_blank">Documentation on User Profiles</a>') . '</p>' . 48 '<p>' . __('<a href="http://wordpress.org/support/" target="_blank">Support Forums</a>') . '</p>' 49 ); 50 51 52 $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer)); 53 54 $user_can_edit = current_user_can( 'edit_posts' ) || current_user_can( 'edit_pages' ); 55 56 /** 57 * Optional SSL preference that can be turned on by hooking to the 'personal_options' action. 58 * 59 * @since 2.7.0 60 * 61 * @param object $user User data object 62 */ 63 function use_ssl_preference($user) { 64 ?> 65 <tr> 66 <th scope="row"><?php _e('Use https')?></th> 67 <td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td> 68 </tr> 69 <?php 70 } 71 72 73 // Only allow super admins on multisite to edit every user. 74 if ( is_multisite() && ! current_user_can( 'manage_network_users' ) && $user_id != $current_user->ID && ! apply_filters( 'enable_edit_any_user_configuration', true ) ) 75 wp_die( __( 'You do not have permission to edit this user.' ) ); 76 77 // Execute confirmed email change. See send_confirmation_on_profile_email(). 78 if ( is_multisite() && IS_PROFILE_PAGE && isset( $_GET[ 'newuseremail' ] ) && $current_user->ID ) { 79 $new_email = get_option( $current_user->ID . '_new_email' ); 80 if ( $new_email[ 'hash' ] == $_GET[ 'newuseremail' ] ) { 81 $user->ID = $current_user->ID; 82 $user->user_email = esc_html( trim( $new_email[ 'newemail' ] ) ); 83 if ( $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $current_user->user_login ) ) ) 84 $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, $current_user->user_login ) ); 85 wp_update_user( get_object_vars( $user ) ); 86 delete_option( $current_user->ID . '_new_email' ); 87 wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) ); 88 die(); 89 } 90 } elseif ( is_multisite() && IS_PROFILE_PAGE && !empty( $_GET['dismiss'] ) && $current_user->ID . '_new_email' == $_GET['dismiss'] ) { 91 delete_option( $current_user->ID . '_new_email' ); 92 wp_redirect( add_query_arg( array('updated' => 'true'), self_admin_url( 'profile.php' ) ) ); 93 die(); 94 } 95 96 switch ($action) { 97 case 'update': 98 99 check_admin_referer('update-user_' . $user_id); 100 101 if ( !current_user_can('edit_user', $user_id) ) 102 wp_die(__('You do not have permission to edit this user.')); 103 104 if ( IS_PROFILE_PAGE ) 105 do_action('personal_options_update', $user_id); 106 else 107 do_action('edit_user_profile_update', $user_id); 108 109 if ( !is_multisite() ) { 110 $errors = edit_user($user_id); 111 } else { 112 $user = get_userdata( $user_id ); 113 114 // Update the email address in signups, if present. 115 if ( $user->user_login && isset( $_POST[ 'email' ] ) && is_email( $_POST[ 'email' ] ) && $wpdb->get_var( $wpdb->prepare( "SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login ) ) ) 116 $wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST[ 'email' ], $user_login ) ); 117 118 // WPMU must delete the user from the current blog if WP added him after editing. 119 $delete_role = false; 120 $blog_prefix = $wpdb->get_blog_prefix(); 121 if ( $user_id != $current_user->ID ) { 122 $cap = $wpdb->get_var( "SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'" ); 123 if ( !is_network_admin() && null == $cap && $_POST[ 'role' ] == '' ) { 124 $_POST[ 'role' ] = 'contributor'; 125 $delete_role = true; 126 } 127 } 128 if ( !isset( $errors ) || ( isset( $errors ) && is_object( $errors ) && false == $errors->get_error_codes() ) ) 129 $errors = edit_user($user_id); 130 if ( $delete_role ) // stops users being added to current blog when they are edited 131 delete_user_meta( $user_id, $blog_prefix . 'capabilities' ); 132 133 if ( is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) && empty( $_POST['super_admin'] ) == is_super_admin( $user_id ) ) 134 empty( $_POST['super_admin'] ) ? revoke_super_admin( $user_id ) : grant_super_admin( $user_id ); 135 } 136 137 if ( !is_wp_error( $errors ) ) { 138 $redirect = (IS_PROFILE_PAGE ? "profile.php?" : "user-edit.php?user_id=$user_id&"). "updated=true"; 139 if ( $wp_http_referer ) 140 $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); 141 wp_redirect($redirect); 142 exit; 143 } 144 145 default: 146 $profileuser = get_user_to_edit($user_id); 147 148 if ( !current_user_can('edit_user', $user_id) ) 149 wp_die(__('You do not have permission to edit this user.')); 150 151 include (ABSPATH . 'wp-admin/admin-header.php'); 152 ?> 153 154 <?php if ( !IS_PROFILE_PAGE && is_super_admin( $profileuser->ID ) && current_user_can( 'manage_network_options' ) ) { ?> 155 <div class="updated"><p><strong><?php _e('Important:'); ?></strong> <?php _e('This user has super admin privileges.'); ?></p></div> 156 <?php } ?> 157 <?php if ( isset($_GET['updated']) ) : ?> 158 <div id="message" class="updated"> 159 <p><strong><?php _e('User updated.') ?></strong></p> 160 <?php if ( $wp_http_referer && !IS_PROFILE_PAGE ) : ?> 161 <p><a href="<?php echo esc_url( $wp_http_referer ); ?>"><?php _e('← Back to Users'); ?></a></p> 162 <?php endif; ?> 163 </div> 164 <?php endif; ?> 165 <?php if ( isset( $errors ) && is_wp_error( $errors ) ) : ?> 166 <div class="error"><p><?php echo implode( "</p>\n<p>", $errors->get_error_messages() ); ?></p></div> 167 <?php endif; ?> 168 169 <div class="wrap" id="profile-page"> 170 <?php screen_icon(); ?> 171 <h2> 172 <?php 173 echo esc_html( $title ); 174 if ( ! IS_PROFILE_PAGE ) { 175 if ( current_user_can( 'create_users' ) ) { ?> 176 <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x( 'Add New', 'user' ); ?></a> 177 <?php } elseif ( is_multisite() && current_user_can( 'promote_users' ) ) { ?> 178 <a href="user-new.php" class="add-new-h2"><?php echo esc_html_x( 'Add Existing', 'user' ); ?></a> 179 <?php } 180 } ?> 181 </h2> 182 183 <form id="your-profile" action="<?php echo esc_url( self_admin_url( IS_PROFILE_PAGE ? 'profile.php' : 'user-edit.php' ) ); ?>" method="post"<?php do_action('user_edit_form_tag'); ?>> 184 <?php wp_nonce_field('update-user_' . $user_id) ?> 185 <?php if ( $wp_http_referer ) : ?> 186 <input type="hidden" name="wp_http_referer" value="<?php echo esc_url($wp_http_referer); ?>" /> 187 <?php endif; ?> 188 <p> 189 <input type="hidden" name="from" value="profile" /> 190 <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" /> 191 </p> 192 193 <h3><?php _e('Personal Options'); ?></h3> 194 195 <table class="form-table"> 196 <?php if ( rich_edit_exists() && !( IS_PROFILE_PAGE && !$user_can_edit ) ) : // don't bother showing the option if the editor has been removed ?> 197 <tr> 198 <th scope="row"><?php _e('Visual Editor')?></th> 199 <td><label for="rich_editing"><input name="rich_editing" type="checkbox" id="rich_editing" value="false" <?php checked('false', $profileuser->rich_editing); ?> /> <?php _e('Disable the visual editor when writing'); ?></label></td> 200 </tr> 201 <?php endif; ?> 202 <?php if ( count($_wp_admin_css_colors) > 1 && has_action('admin_color_scheme_picker') ) : ?> 203 <tr> 204 <th scope="row"><?php _e('Admin Color Scheme')?></th> 205 <td><?php do_action( 'admin_color_scheme_picker' ); ?></td> 206 </tr> 207 <?php 208 endif; // $_wp_admin_css_colors 209 if ( !( IS_PROFILE_PAGE && !$user_can_edit ) ) : ?> 210 <tr> 211 <th scope="row"><?php _e( 'Keyboard Shortcuts' ); ?></th> 212 <td><label for="comment_shortcuts"><input type="checkbox" name="comment_shortcuts" id="comment_shortcuts" value="true" <?php if ( !empty($profileuser->comment_shortcuts) ) checked('true', $profileuser->comment_shortcuts); ?> /> <?php _e('Enable keyboard shortcuts for comment moderation.'); ?></label> <?php _e('<a href="http://codex.wordpress.org/Keyboard_Shortcuts" target="_blank">More information</a>'); ?></td> 213 </tr> 214 <?php endif; ?> 215 <tr class="show-admin-bar"> 216 <th scope="row"><?php _e('Show Admin Bar')?></th> 217 <td><fieldset><legend class="screen-reader-text"><span><?php _e('Show Admin Bar') ?></span></legend> 218 <label for="admin_bar_front"> 219 <input name="admin_bar_front" type="checkbox" id="admin_bar_front" value="1" <?php checked( _get_admin_bar_pref( 'front', $profileuser->ID ) ); ?> /> 220 <?php /* translators: Show admin bar when viewing site */ _e( 'when viewing site' ); ?></label><br /> 221 <label for="admin_bar_admin"> 222 <input name="admin_bar_admin" type="checkbox" id="admin_bar_admin" value="1" <?php checked( _get_admin_bar_pref( 'admin', $profileuser->ID ) ); ?> /> 223 <?php /* translators: Show admin bar in dashboard */ _e( 'in dashboard' ); ?></label></fieldset> 224 </td> 225 </tr> 226 <?php do_action('personal_options', $profileuser); ?> 227 </table> 228 <?php 229 if ( IS_PROFILE_PAGE ) 230 do_action('profile_personal_options', $profileuser); 231 ?> 232 233 <h3><?php _e('Name') ?></h3> 234 235 <table class="form-table"> 236 <tr> 237 <th><label for="user_login"><?php _e('Username'); ?></label></th> 238 <td><input type="text" name="user_login" id="user_login" value="<?php echo esc_attr($profileuser->user_login); ?>" disabled="disabled" class="regular-text" /> <span class="description"><?php _e('Usernames cannot be changed.'); ?></span></td> 239 </tr> 240 241 <?php if ( !IS_PROFILE_PAGE && !is_network_admin() ) : ?> 242 <tr><th><label for="role"><?php _e('Role:') ?></label></th> 243 <td><select name="role" id="role"> 244 <?php 245 // Get the highest/primary role for this user 246 // TODO: create a function that does this: wp_get_user_role() 247 $user_roles = $profileuser->roles; 248 $user_role = array_shift($user_roles); 249 250 // print the full list of roles with the primary one selected. 251 wp_dropdown_roles($user_role); 252 253 // print the 'no role' option. Make it selected if the user has no role yet. 254 if ( $user_role ) 255 echo '<option value="">' . __('— No role for this site —') . '</option>'; 256 else 257 echo '<option value="" selected="selected">' . __('— No role for this site —') . '</option>'; 258 ?> 259 </select> 260 <?php endif; //!IS_PROFILE_PAGE 261 262 if ( is_multisite() && is_network_admin() && ! IS_PROFILE_PAGE && current_user_can( 'manage_network_options' ) && !isset($super_admins) ) { ?> 263 <tr><th><label for="role"><?php _e('Super Admin'); ?></label></th> 264 <td> 265 <?php if ( $profileuser->user_email != get_site_option( 'admin_email' ) ) : ?> 266 <p><label><input type="checkbox" id="super_admin" name="super_admin"<?php checked( is_super_admin( $profileuser->ID ) ); ?> /> <?php _e( 'Grant this user super admin privileges for the Network.' ); ?></label></p> 267 <?php else : ?> 268 <p><?php _e( 'Super admin privileges cannot be removed because this user has the network admin email.' ); ?></p> 269 <?php endif; ?> 270 </td></tr> 271 <?php } ?> 272 273 <tr> 274 <th><label for="first_name"><?php _e('First Name') ?></label></th> 275 <td><input type="text" name="first_name" id="first_name" value="<?php echo esc_attr($profileuser->first_name) ?>" class="regular-text" /></td> 276 </tr> 277 278 <tr> 279 <th><label for="last_name"><?php _e('Last Name') ?></label></th> 280 <td><input type="text" name="last_name" id="last_name" value="<?php echo esc_attr($profileuser->last_name) ?>" class="regular-text" /></td> 281 </tr> 282 283 <tr> 284 <th><label for="nickname"><?php _e('Nickname'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th> 285 <td><input type="text" name="nickname" id="nickname" value="<?php echo esc_attr($profileuser->nickname) ?>" class="regular-text" /></td> 286 </tr> 287 288 <tr> 289 <th><label for="display_name"><?php _e('Display name publicly as') ?></label></th> 290 <td> 291 <select name="display_name" id="display_name"> 292 <?php 293 $public_display = array(); 294 $public_display['display_nickname'] = $profileuser->nickname; 295 $public_display['display_username'] = $profileuser->user_login; 296 297 if ( !empty($profileuser->first_name) ) 298 $public_display['display_firstname'] = $profileuser->first_name; 299 300 if ( !empty($profileuser->last_name) ) 301 $public_display['display_lastname'] = $profileuser->last_name; 302 303 if ( !empty($profileuser->first_name) && !empty($profileuser->last_name) ) { 304 $public_display['display_firstlast'] = $profileuser->first_name . ' ' . $profileuser->last_name; 305 $public_display['display_lastfirst'] = $profileuser->last_name . ' ' . $profileuser->first_name; 306 } 307 308 if ( !in_array( $profileuser->display_name, $public_display ) ) // Only add this if it isn't duplicated elsewhere 309 $public_display = array( 'display_displayname' => $profileuser->display_name ) + $public_display; 310 311 $public_display = array_map( 'trim', $public_display ); 312 $public_display = array_unique( $public_display ); 313 314 foreach ( $public_display as $id => $item ) { 315 ?> 316 <option id="<?php echo $id; ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option> 317 <?php 318 } 319 ?> 320 </select> 321 </td> 322 </tr> 323 </table> 324 325 <h3><?php _e('Contact Info') ?></h3> 326 327 <table class="form-table"> 328 <tr> 329 <th><label for="email"><?php _e('E-mail'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th> 330 <td><input type="text" name="email" id="email" value="<?php echo esc_attr($profileuser->user_email) ?>" class="regular-text" /> 331 <?php 332 $new_email = get_option( $current_user->ID . '_new_email' ); 333 if ( $new_email && $new_email != $current_user->user_email ) : ?> 334 <div class="updated inline"> 335 <p><?php printf( __('There is a pending change of your e-mail to <code>%1$s</code>. <a href="%2$s">Cancel</a>'), $new_email['newemail'], esc_url( self_admin_url( 'profile.php?dismiss=' . $current_user->ID . '_new_email' ) ) ); ?></p> 336 </div> 337 <?php endif; ?> 338 </td> 339 </tr> 340 341 <tr> 342 <th><label for="url"><?php _e('Website') ?></label></th> 343 <td><input type="text" name="url" id="url" value="<?php echo esc_attr($profileuser->user_url) ?>" class="regular-text code" /></td> 344 </tr> 345 346 <?php 347 foreach (_wp_get_user_contactmethods( $profileuser ) as $name => $desc) { 348 ?> 349 <tr> 350 <th><label for="<?php echo $name; ?>"><?php echo apply_filters('user_'.$name.'_label', $desc); ?></label></th> 351 <td><input type="text" name="<?php echo $name; ?>" id="<?php echo $name; ?>" value="<?php echo esc_attr($profileuser->$name) ?>" class="regular-text" /></td> 352 </tr> 353 <?php 354 } 355 ?> 356 </table> 357 358 <h3><?php IS_PROFILE_PAGE ? _e('About Yourself') : _e('About the user'); ?></h3> 359 360 <table class="form-table"> 361 <tr> 362 <th><label for="description"><?php _e('Biographical Info'); ?></label></th> 363 <td><textarea name="description" id="description" rows="5" cols="30"><?php echo $profileuser->description; // textarea_escaped ?></textarea><br /> 364 <span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?></span></td> 365 </tr> 366 367 <?php 368 $show_password_fields = apply_filters('show_password_fields', true, $profileuser); 369 if ( $show_password_fields ) : 370 ?> 371 <tr id="password"> 372 <th><label for="pass1"><?php _e('New Password'); ?></label></th> 373 <td><input type="password" name="pass1" id="pass1" size="16" value="" autocomplete="off" /> <span class="description"><?php _e("If you would like to change the password type a new one. Otherwise leave this blank."); ?></span><br /> 374 <input type="password" name="pass2" id="pass2" size="16" value="" autocomplete="off" /> <span class="description"><?php _e("Type your new password again."); ?></span><br /> 375 <div id="pass-strength-result"><?php _e('Strength indicator'); ?></div> 376 <p class="description indicator-hint"><?php _e('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ & ).'); ?></p> 377 </td> 378 </tr> 379 <?php endif; ?> 380 </table> 381 382 <?php 383 if ( IS_PROFILE_PAGE ) 384 do_action( 'show_user_profile', $profileuser ); 385 else 386 do_action( 'edit_user_profile', $profileuser ); 387 ?> 388 389 <?php if ( count($profileuser->caps) > count($profileuser->roles) && apply_filters('additional_capabilities_display', true, $profileuser) ) { ?> 390 <br class="clear" /> 391 <table width="99%" style="border: none;" cellspacing="2" cellpadding="3" class="editform"> 392 <tr> 393 <th scope="row"><?php _e('Additional Capabilities') ?></th> 394 <td><?php 395 $output = ''; 396 foreach ( $profileuser->caps as $cap => $value ) { 397 if ( !$wp_roles->is_role($cap) ) { 398 if ( $output != '' ) 399 $output .= ', '; 400 $output .= $value ? $cap : "Denied: {$cap}"; 401 } 402 } 403 echo $output; 404 ?></td> 405 </tr> 406 </table> 407 <?php } ?> 408 409 <input type="hidden" name="action" value="update" /> 410 <input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr($user_id); ?>" /> 411 412 <?php submit_button( IS_PROFILE_PAGE ? __('Update Profile') : __('Update User') ); ?> 413 414 </form> 415 </div> 416 <?php 417 break; 418 } 419 ?> 420 <script type="text/javascript" charset="utf-8"> 421 if (window.location.hash == '#password') { 422 document.getElementById('pass1').focus(); 423 } 424 </script> 425 <?php 426 include ( ABSPATH . 'wp-admin/admin-footer.php'); 427 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Jun 1 08:30:02 2011 |
Cross-referenced by PHPXref 0.7 Provided by Yoast and awesome WordPress Hosting |