PageRenderTime 39ms CodeModel.GetById 12ms RepoModel.GetById 1ms app.codeStats 0ms

/wp-admin/user-edit.php

https://github.com/jao/jpcamargo
PHP | 346 lines | 278 code | 49 blank | 19 comment | 43 complexity | 45e010148cec0ff7bf2b045672dccb2f MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Edit user administration panel.
    4. 

  4.  *
    5. 

  5.  * @package WordPress
    6. 

  6.  * @subpackage Administration
    7. 

  7.  */
    8. 

  8. 

  9. /** WordPress Administration Bootstrap */
    10. 

  10. require_once('admin.php');
    11. 

  11. 

  12. if ( !defined('IS_PROFILE_PAGE') )
    13. 

  13. 	define('IS_PROFILE_PAGE', false);
    14. 

  14. 

  15. wp_enqueue_script('user-profile');
    16. 

  16. wp_enqueue_script('password-strength-meter');
    17. 

  17. 

  18. $title = IS_PROFILE_PAGE ? __('Profile') : __('Edit User');
    19. 

  19. if ( current_user_can('edit_users') && !IS_PROFILE_PAGE )
    20. 

  20. 	$submenu_file = 'users.php';
    21. 

  21. else
    22. 

  22. 	$submenu_file = 'profile.php';
    23. 

  23. $parent_file = 'users.php';
    24. 

  24. 

  25. wp_reset_vars(array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer'));
    26. 

  26. 

  27. $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
    28. 

  28. 

  29. $user_id = (int) $user_id;
    30. 

  30. 

  31. if ( !$user_id ) {
    32. 

  32. 	if ( IS_PROFILE_PAGE ) {
    33. 

  33. 		$current_user = wp_get_current_user();
    34. 

  34. 		$user_id = $current_user->ID;
    35. 

  35. 	} else {
    36. 

  36. 		wp_die(__('Invalid user ID.'));
    37. 

  37. 	}
    38. 

  38. } elseif ( !get_userdata($user_id) ) {
    39. 

  39. 	wp_die( __('Invalid user ID.') );
    40. 

  40. }
    41. 

  41. 

  42. $all_post_caps = array('posts', 'pages');
    43. 

  43. $user_can_edit = false;
    44. 

  44. foreach ( $all_post_caps as $post_cap )
    45. 

  45. 	$user_can_edit |= current_user_can("edit_$post_cap");
    46. 

  46. 

  47. /**
    48. 

  48.  * Optional SSL preference that can be turned on by hooking to the 'personal_options' action.
    49. 

  49.  *
    50. 

  50.  * @since 2.7.0
    51. 

  51.  *
    52. 

  52.  * @param object $user User data object
    53. 

  53.  */
    54. 

  54. function use_ssl_preference($user) {
    55. 

  55. ?>
    56. 

  56. 	<tr>
    57. 

  57. 		<th scope="row"><?php _e('Use https')?></th>
    58. 

  58. 		<td><label for="use_ssl"><input name="use_ssl" type="checkbox" id="use_ssl" value="1" <?php checked('1', $user->use_ssl); ?> /> <?php _e('Always use https when visiting the admin'); ?></label></td>
    59. 

  59. 	</tr>
    60. 

  60. <?php
    61. 

  61. }
    62. 

  62. 

  63. switch ($action) {
    64. 

  64. case 'switchposts':
    65. 

  65. 

  66. check_admin_referer();
    67. 

  67. 

  68. /* TODO: Switch all posts from one user to another user */
    69. 

  69. 

  70. break;
    71. 

  71. 

  72. case 'update':
    73. 

  73. 

  74. check_admin_referer('update-user_' . $user_id);
    75. 

  75. 

  76. if ( !current_user_can('edit_user', $user_id) )
    77. 

  77. 	wp_die(__('You do not have permission to edit this user.'));
    78. 

  78. 

  79. if ( IS_PROFILE_PAGE )
    80. 

  80. 	do_action('personal_options_update', $user_id);
    81. 

  81. else
    82. 

  82. 	do_action('edit_user_profile_update', $user_id);
    83. 

  83. 

  84. $errors = edit_user($user_id);
    85. 

  85. 

  86. if ( !is_wp_error( $errors ) ) {
    87. 

  87. 	$redirect = (IS_PROFILE_PAGE ? "profile.php?" : "user-edit.php?user_id=$user_id&"). "updated=true";
    88. 

  88. 	$redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
    89. 

  89. 	wp_redirect($redirect);
    90. 

  90. 	exit;
    91. 

  91. }
    92. 

  92. 

  93. default:
    94. 

  94. $profileuser = get_user_to_edit($user_id);
    95. 

  95. 

  96. if ( !current_user_can('edit_user', $user_id) )
    97. 

  97. 	wp_die(__('You do not have permission to edit this user.'));
    98. 

  98. 

  99. include ('admin-header.php');
    100. 

  100. ?>
    101. 

  101. 

  102. <?php if ( isset($_GET['updated']) ) : ?>
    103. 

  103. <div id="message" class="updated fade">
    104. 

  104. 	<p><strong><?php _e('User updated.') ?></strong></p>
    105. 

  105. 	<?php if ( $wp_http_referer && !IS_PROFILE_PAGE ) : ?>
    106. 

  106. 	<p><a href="users.php"><?php _e('&larr; Back to Authors and Users'); ?></a></p>
    107. 

  107. 	<?php endif; ?>
    108. 

  108. </div>
    109. 

  109. <?php endif; ?>
    110. 

  110. <?php if ( isset( $errors ) && is_wp_error( $errors ) ) : ?>
    111. 

  111. <div class="error">
    112. 

  112. 	<ul>
    113. 

  113. 	<?php
    114. 

  114. 	foreach( $errors->get_error_messages() as $message )
    115. 

  115. 		echo "<li>$message</li>";
    116. 

  116. 	?>
    117. 

  117. 	</ul>
    118. 

  118. </div>
    119. 

  119. <?php endif; ?>
    120. 

  120. 

  121. <div class="wrap" id="profile-page">
    122. 

  122. <?php screen_icon(); ?>
    123. 

  123. <h2><?php echo esc_html( $title ); ?></h2>
    124. 

  124. 

  125. <form id="your-profile" action="<?php if ( IS_PROFILE_PAGE ) { echo admin_url('profile.php'); } else { echo admin_url('user-edit.php'); } ?>" method="post">
    126. 

  126. <?php wp_nonce_field('update-user_' . $user_id) ?>
    127. 

  127. <?php if ( $wp_http_referer ) : ?>
    128. 

  128. 	<input type="hidden" name="wp_http_referer" value="<?php echo esc_url($wp_http_referer); ?>" />
    129. 

  129. <?php endif; ?>
    130. 

  130. <p>
    131. 

  131. <input type="hidden" name="from" value="profile" />
    132. 

  132. <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
    133. 

  133. </p>
    134. 

  134. 

  135. <h3><?php _e('Personal Options'); ?></h3>
    136. 

  136. 

  137. <table class="form-table">
    138. 

  138. <?php if ( rich_edit_exists() && !( IS_PROFILE_PAGE && !$user_can_edit ) ) : // don't bother showing the option if the editor has been removed ?>
    139. 

  139. 	<tr>
    140. 

  140. 		<th scope="row"><?php _e('Visual Editor')?></th>
    141. 

  141. 		<td><label for="rich_editing"><input name="rich_editing" type="checkbox" id="rich_editing" value="false" <?php checked('false', $profileuser->rich_editing); ?> /> <?php _e('Disable the visual editor when writing'); ?></label></td>
    142. 

  142. 	</tr>
    143. 

  143. <?php endif; ?>
    144. 

  144. <?php if (count($_wp_admin_css_colors) > 1 ) : ?>
    145. 

  145. <tr>
    146. 

  146. <th scope="row"><?php _e('Admin Color Scheme')?></th>
    147. 

  147. <td><fieldset><legend class="screen-reader-text"><span><?php _e('Admin Color Scheme')?></span></legend>
    148. 

  148. <?php
    149. 

  149. $current_color = get_user_option('admin_color', $user_id);
    150. 

  150. if ( empty($current_color) )
    151. 

  151. 	$current_color = 'fresh';
    152. 

  152. foreach ( $_wp_admin_css_colors as $color => $color_info ): ?>
    153. 

  153. <div class="color-option"><input name="admin_color" id="admin_color_<?php echo $color; ?>" type="radio" value="<?php echo esc_attr($color) ?>" class="tog" <?php checked($color, $current_color); ?> />
    154. 

  154. 	<table class="color-palette">
    155. 

  155. 	<tr>
    156. 

  156. 	<?php foreach ( $color_info->colors as $html_color ): ?>
    157. 

  157. 	<td style="background-color: <?php echo $html_color ?>" title="<?php echo $color ?>">&nbsp;</td>
    158. 

  158. 	<?php endforeach; ?>
    159. 

  159. 	</tr>
    160. 

  160. 	</table>
    161. 

  161. 

  162. 	<label for="admin_color_<?php echo $color; ?>"><?php echo $color_info->name ?></label>
    163. 

  163. </div>
    164. 

  164. 	<?php endforeach; ?>
    165. 

  165. </fieldset></td>
    166. 

  166. </tr>
    167. 

  167. <?php if ( !( IS_PROFILE_PAGE && !$user_can_edit ) ) : ?>
    168. 

  168. <tr>
    169. 

  169. <th scope="row"><?php _e( 'Keyboard Shortcuts' ); ?></th>
    170. 

  170. <td><label for="comment_shortcuts"><input type="checkbox" name="comment_shortcuts" id="comment_shortcuts" value="true" <?php if ( !empty($profileuser->comment_shortcuts) ) checked('true', $profileuser->comment_shortcuts); ?> /> <?php _e('Enable keyboard shortcuts for comment moderation.'); ?></label> <?php _e('<a href="http://codex.wordpress.org/Keyboard_Shortcuts">More information</a>'); ?></td>
    171. 

  171. </tr>
    172. 

  172. <?php
    173. 

  173. endif;
    174. 

  174. endif;
    175. 

  175. do_action('personal_options', $profileuser);
    176. 

  176. ?>
    177. 

  177. </table>
    178. 

  178. <?php
    179. 

  179. 	if ( IS_PROFILE_PAGE )
    180. 

  180. 		do_action('profile_personal_options', $profileuser);
    181. 

  181. ?>
    182. 

  182. 

  183. <h3><?php _e('Name') ?></h3>
    184. 

  184. 

  185. <table class="form-table">
    186. 

  186. 	<tr>
    187. 

  187. 		<th><label for="user_login"><?php _e('Username'); ?></label></th>
    188. 

  188. 		<td><input type="text" name="user_login" id="user_login" value="<?php echo esc_attr($profileuser->user_login); ?>" disabled="disabled" class="regular-text" /> <span class="description"><?php _e('Your username cannot be changed.'); ?></span></td>
    189. 

  189. 	</tr>
    190. 

  190. 

  191. <?php if ( !IS_PROFILE_PAGE ): ?>
    192. 

  192. <tr><th><label for="role"><?php _e('Role:') ?></label></th>
    193. 

  193. <td><select name="role" id="role">
    194. 

  194. <?php
    195. 

  195. // Get the highest/primary role for this user
    196. 

  196. // TODO: create a function that does this: wp_get_user_role()
    197. 

  197. $user_roles = $profileuser->roles;
    198. 

  198. $user_role = array_shift($user_roles);
    199. 

  199. 

  200. // print the full list of roles with the primary one selected.
    201. 

  201. wp_dropdown_roles($user_role);
    202. 

  202. 

  203. // print the 'no role' option. Make it selected if the user has no role yet.
    204. 

  204. if ( $user_role )
    205. 

  205. 	echo '<option value="">' . __('&mdash; No role for this blog &mdash;') . '</option>';
    206. 

  206. else
    207. 

  207. 	echo '<option value="" selected="selected">' . __('&mdash; No role for this blog &mdash;') . '</option>';
    208. 

  208. ?>
    209. 

  209. </select></td></tr>
    210. 

  210. <?php endif; //!IS_PROFILE_PAGE ?>
    211. 

  211. 

  212. <tr>
    213. 

  213. 	<th><label for="first_name"><?php _e('First name') ?></label></th>
    214. 

  214. 	<td><input type="text" name="first_name" id="first_name" value="<?php echo esc_attr($profileuser->first_name) ?>" class="regular-text" /></td>
    215. 

  215. </tr>
    216. 

  216. 

  217. <tr>
    218. 

  218. 	<th><label for="last_name"><?php _e('Last name') ?></label></th>
    219. 

  219. 	<td><input type="text" name="last_name" id="last_name" value="<?php echo esc_attr($profileuser->last_name) ?>" class="regular-text" /></td>
    220. 

  220. </tr>
    221. 

  221. 

  222. <tr>
    223. 

  223. 	<th><label for="nickname"><?php _e('Nickname'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th>
    224. 

  224. 	<td><input type="text" name="nickname" id="nickname" value="<?php echo esc_attr($profileuser->nickname) ?>" class="regular-text" /></td>
    225. 

  225. </tr>
    226. 

  226. 

  227. <tr>
    228. 

  228. 	<th><label for="display_name"><?php _e('Display name publicly as') ?></label></th>
    229. 

  229. 	<td>
    230. 

  230. 		<select name="display_name" id="display_name">
    231. 

  231. 		<?php
    232. 

  232. 			$public_display = array();
    233. 

  233. 			$public_display['display_nickname']  = $profileuser->nickname;
    234. 

  234. 			$public_display['display_username']  = $profileuser->user_login;
    235. 

  235. 			if ( !empty($profileuser->first_name) )
    236. 

  236. 				$public_display['display_firstname'] = $profileuser->first_name;
    237. 

  237. 			if ( !empty($profileuser->last_name) )
    238. 

  238. 				$public_display['display_lastname'] = $profileuser->last_name;
    239. 

  239. 			if ( !empty($profileuser->first_name) && !empty($profileuser->last_name) ) {
    240. 

  240. 				$public_display['display_firstlast'] = $profileuser->first_name . ' ' . $profileuser->last_name;
    241. 

  241. 				$public_display['display_lastfirst'] = $profileuser->last_name . ' ' . $profileuser->first_name;
    242. 

  242. 			}
    243. 

  243. 			if ( !in_array( $profileuser->display_name, $public_display ) )// Only add this if it isn't duplicated elsewhere
    244. 

  244. 				$public_display = array( 'display_displayname' => $profileuser->display_name ) + $public_display;
    245. 

  245. 			$public_display = array_map( 'trim', $public_display );
    246. 

  246. 			foreach ( $public_display as $id => $item ) {
    247. 

  247. 		?>
    248. 

  248. 			<option id="<?php echo $id; ?>" value="<?php echo esc_attr($item); ?>"<?php selected( $profileuser->display_name, $item ); ?>><?php echo $item; ?></option>
    249. 

  249. 		<?php
    250. 

  250. 			}
    251. 

  251. 		?>
    252. 

  252. 		</select>
    253. 

  253. 	</td>
    254. 

  254. </tr>
    255. 

  255. </table>
    256. 

  256. 

  257. <h3><?php _e('Contact Info') ?></h3>
    258. 

  258. 

  259. <table class="form-table">
    260. 

  260. <tr>
    261. 

  261. 	<th><label for="email"><?php _e('E-mail'); ?> <span class="description"><?php _e('(required)'); ?></span></label></th>
    262. 

  262. 	<td><input type="text" name="email" id="email" value="<?php echo esc_attr($profileuser->user_email) ?>" class="regular-text" /></td>
    263. 

  263. </tr>
    264. 

  264. 

  265. <tr>
    266. 

  266. 	<th><label for="url"><?php _e('Website') ?></label></th>
    267. 

  267. 	<td><input type="text" name="url" id="url" value="<?php echo esc_attr($profileuser->user_url) ?>" class="regular-text code" /></td>
    268. 

  268. </tr>
    269. 

  269. 

  270. <?php
    271. 

  271. 	foreach (_wp_get_user_contactmethods() as $name => $desc) {
    272. 

  272. ?>
    273. 

  273. <tr>
    274. 

  274. 	<th><label for="<?php echo $name; ?>"><?php echo apply_filters('user_'.$name.'_label', $desc); ?></label></th>
    275. 

  275. 	<td><input type="text" name="<?php echo $name; ?>" id="<?php echo $name; ?>" value="<?php echo esc_attr($profileuser->$name) ?>" class="regular-text" /></td>
    276. 

  276. </tr>
    277. 

  277. <?php
    278. 

  278. 	}
    279. 

  279. ?>
    280. 

  280. </table>
    281. 

  281. 

  282. <h3><?php IS_PROFILE_PAGE ? _e('About Yourself') : _e('About the user'); ?></h3>
    283. 

  283. 

  284. <table class="form-table">
    285. 

  285. <tr>
    286. 

  286. 	<th><label for="description"><?php _e('Biographical Info'); ?></label></th>
    287. 

  287. 	<td><textarea name="description" id="description" rows="5" cols="30"><?php echo esc_html($profileuser->description); ?></textarea><br />
    288. 

  288. 	<span class="description"><?php _e('Share a little biographical information to fill out your profile. This may be shown publicly.'); ?></span></td>
    289. 

  289. </tr>
    290. 

  290. 

  291. <?php
    292. 

  292. $show_password_fields = apply_filters('show_password_fields', true, $profileuser);
    293. 

  293. if ( $show_password_fields ) :
    294. 

  294. ?>
    295. 

  295. <tr id="password">
    296. 

  296. 	<th><label for="pass1"><?php _e('New Password'); ?></label></th>
    297. 

  297. 	<td><input type="password" name="pass1" id="pass1" size="16" value="" autocomplete="off" /> <span class="description"><?php _e("If you would like to change the password type a new one. Otherwise leave this blank."); ?></span><br />
    298. 

  298. 		<input type="password" name="pass2" id="pass2" size="16" value="" autocomplete="off" /> <span class="description"><?php _e("Type your new password again."); ?></span><br />
    299. 

  299. 		<div id="pass-strength-result"><?php _e('Strength indicator'); ?></div>
    300. 

  300. 		<p class="description indicator-hint"><?php _e('Hint: The password should be at least seven characters long. To make it stronger, use upper and lower case letters, numbers and symbols like ! " ? $ % ^ &amp; ).'); ?></p>
    301. 

  301. 	</td>
    302. 

  302. </tr>
    303. 

  303. <?php endif; ?>
    304. 

  304. </table>
    305. 

  305. 

  306. <?php
    307. 

  307. 	if ( IS_PROFILE_PAGE ) {
    308. 

  308. 		do_action('show_user_profile', $profileuser);
    309. 

  309. 	} else {
    310. 

  310. 		do_action('edit_user_profile', $profileuser);
    311. 

  311. 	}
    312. 

  312. ?>
    313. 

  313. 

  314. <?php if ( count($profileuser->caps) > count($profileuser->roles) && apply_filters('additional_capabilities_display', true, $profileuser) ) { ?>
    315. 

  315. <br class="clear" />
    316. 

  316. 	<table width="99%" style="border: none;" cellspacing="2" cellpadding="3" class="editform">
    317. 

  317. 		<tr>
    318. 

  318. 			<th scope="row"><?php _e('Additional Capabilities') ?></th>
    319. 

  319. 			<td><?php
    320. 

  320. 			$output = '';
    321. 

  321. 			foreach ( $profileuser->caps as $cap => $value ) {
    322. 

  322. 				if ( !$wp_roles->is_role($cap) ) {
    323. 

  323. 					if ( $output != '' )
    324. 

  324. 						$output .= ', ';
    325. 

  325. 					$output .= $value ? $cap : "Denied: {$cap}";
    326. 

  326. 				}
    327. 

  327. 			}
    328. 

  328. 			echo $output;
    329. 

  329. 			?></td>
    330. 

  330. 		</tr>
    331. 

  331. 	</table>
    332. 

  332. <?php } ?>
    333. 

  333. 

  334. <p class="submit">
    335. 

  335. 	<input type="hidden" name="action" value="update" />
    336. 

  336. 	<input type="hidden" name="user_id" id="user_id" value="<?php echo esc_attr($user_id); ?>" />
    337. 

  337. 	<input type="submit" class="button-primary" value="<?php IS_PROFILE_PAGE ? esc_attr_e('Update Profile') : esc_attr_e('Update User') ?>" name="submit" />
    338. 

  338. </p>
    339. 

  339. </form>
    340. 

  340. </div>
    341. 

  341. <?php
    342. 

  342. break;
    343. 

  343. }
    344. 

  344. 

  345. include('admin-footer.php');
    346. 

  346. ?>
    347. 

  347.