2010-01-06 05:02:57 +01:00
< ? php
require_once ( 'admin.php' );
2010-01-06 21:19:35 +01:00
if ( ! is_multisite () )
wp_die ( __ ( 'Multisite support is not enabled.' ) );
2010-01-06 05:02:57 +01:00
do_action ( 'wpmuadminedit' , '' );
2010-01-16 00:49:09 +01:00
if ( isset ( $_GET [ 'id' ]) )
2010-01-07 05:27:46 +01:00
$id = intval ( $_GET [ 'id' ] );
2010-01-16 00:49:09 +01:00
elseif ( isset ( $_POST [ 'id' ]) )
2010-01-07 05:27:46 +01:00
$id = intval ( $_POST [ 'id' ] );
2010-01-06 05:02:57 +01:00
2010-01-16 00:49:09 +01:00
if ( isset ( $_POST [ 'ref' ] ) == false && ! empty ( $_SERVER [ 'HTTP_REFERER' ]) )
2010-01-06 05:02:57 +01:00
$_POST [ 'ref' ] = $_SERVER [ 'HTTP_REFERER' ];
2010-01-16 00:49:09 +01:00
switch ( $_GET [ 'action' ] ) {
2010-01-06 05:02:57 +01:00
case " siteoptions " :
check_admin_referer ( 'siteoptions' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_network_options' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-16 00:49:09 +01:00
if ( empty ( $_POST ) )
2010-01-07 01:30:53 +01:00
wp_die ( __ ( " You probably need to go back to the <a href='ms-options.php'>options page</a> " ) );
2010-01-06 05:02:57 +01:00
2010-02-04 19:46:25 +01:00
if ( isset ( $_POST [ 'WPLANG' ]) && ( '' === $_POST [ 'WPLANG' ] || in_array ( $_POST [ 'WPLANG' ], get_available_languages ()) ) )
2010-02-04 19:19:21 +01:00
update_site_option ( " WPLANG " , $_POST [ 'WPLANG' ] );
2010-01-06 05:02:57 +01:00
2010-01-16 00:49:09 +01:00
if ( is_email ( $_POST [ 'admin_email' ] ) )
2010-01-06 05:02:57 +01:00
update_site_option ( " admin_email " , $_POST [ 'admin_email' ] );
$illegal_names = split ( ' ' , $_POST [ 'illegal_names' ] );
2010-01-16 00:49:09 +01:00
foreach ( ( array ) $illegal_names as $name ) {
2010-01-06 05:02:57 +01:00
$name = trim ( $name );
2010-01-16 00:49:09 +01:00
if ( $name != '' )
2010-01-06 05:02:57 +01:00
$names [] = trim ( $name );
}
update_site_option ( " illegal_names " , $names );
2010-01-16 00:49:09 +01:00
if ( $_POST [ 'limited_email_domains' ] != '' ) {
2010-01-06 05:02:57 +01:00
$limited_email_domains = str_replace ( ' ' , " \n " , $_POST [ 'limited_email_domains' ] );
$limited_email_domains = split ( " \n " , stripslashes ( $limited_email_domains ) );
2010-02-27 00:36:26 +01:00
$limited_email = array ();
2010-01-16 00:49:09 +01:00
foreach ( ( array ) $limited_email_domains as $domain ) {
2010-02-27 00:36:26 +01:00
$domain = trim ( $domain );
if ( ! preg_match ( '/(--|\.\.)/' , $domain ) && preg_match ( '|^([a-zA-Z0-9-\.])+$|' , $domain ) )
$limited_email [] = trim ( $domain );
2010-01-06 05:02:57 +01:00
}
update_site_option ( " limited_email_domains " , $limited_email );
} else {
update_site_option ( " limited_email_domains " , '' );
}
2010-01-16 00:49:09 +01:00
if ( $_POST [ 'banned_email_domains' ] != '' ) {
2010-01-06 05:02:57 +01:00
$banned_email_domains = split ( " \n " , stripslashes ( $_POST [ 'banned_email_domains' ] ) );
2010-02-27 00:36:26 +01:00
$banned = array ();
2010-01-16 00:49:09 +01:00
foreach ( ( array ) $banned_email_domains as $domain ) {
2010-02-27 00:36:26 +01:00
$domain = trim ( $domain );
if ( ! preg_match ( '/(--|\.\.)/' , $domain ) && preg_match ( '|^([a-zA-Z0-9-\.])+$|' , $domain ) )
$banned [] = trim ( $domain );
2010-01-06 05:02:57 +01:00
}
update_site_option ( " banned_email_domains " , $banned );
} else {
update_site_option ( " banned_email_domains " , '' );
}
update_site_option ( 'default_user_role' , $_POST [ 'default_user_role' ] );
2010-01-16 00:49:09 +01:00
if ( trim ( $_POST [ 'dashboard_blog_orig' ] ) == '' )
2010-01-06 05:02:57 +01:00
$_POST [ 'dashboard_blog_orig' ] = $current_site -> blog_id ;
2010-01-16 00:49:09 +01:00
if ( trim ( $_POST [ 'dashboard_blog' ] ) == '' ) {
2010-01-06 05:02:57 +01:00
$_POST [ 'dashboard_blog' ] = $current_site -> blog_id ;
$dashboard_blog_id = $current_site -> blog_id ;
} else {
$dashboard_blog = untrailingslashit ( sanitize_user ( str_replace ( '.' , '' , str_replace ( $current_site -> domain . $current_site -> path , '' , $_POST [ 'dashboard_blog' ] ) ) ) );
$blog_details = get_blog_details ( $dashboard_blog );
if ( false === $blog_details ) {
if ( is_numeric ( $dashboard_blog ) )
wp_die ( __ ( 'Dashboard blog_id must be a blog that already exists' ) );
2010-01-08 22:25:01 +01:00
if ( is_subdomain_install () ) {
2010-01-06 05:02:57 +01:00
$domain = $dashboard_blog . '.' . $current_site -> domain ;
$path = $current_site -> path ;
} else {
$domain = $current_site -> domain ;
$path = trailingslashit ( $current_site -> path . $dashboard_blog );
}
$wpdb -> hide_errors ();
$dashboard_blog_id = wpmu_create_blog ( $domain , $path , __ ( 'My Dashboard' ), $current_user -> id , array ( " public " => 0 ), $current_site -> id );
$wpdb -> show_errors ();
} else {
$dashboard_blog_id = $blog_details -> blog_id ;
}
}
2010-01-16 00:49:09 +01:00
if ( is_wp_error ( $dashboard_blog_id ) )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'Problem creating dashboard blog: ' ) . $dashboard_blog_id -> get_error_message () );
2010-01-16 00:49:09 +01:00
if ( $_POST [ 'dashboard_blog_orig' ] != $_POST [ 'dashboard_blog' ] ) {
2010-01-06 05:02:57 +01:00
$users = get_users_of_blog ( get_site_option ( 'dashboard_blog' ) );
$move_users = array ();
foreach ( ( array ) $users as $user ) {
2010-01-16 00:49:09 +01:00
if ( array_pop ( array_keys ( unserialize ( $user -> meta_value ) ) ) == 'subscriber' )
2010-01-06 05:02:57 +01:00
$move_users [] = $user -> user_id ;
}
if ( false == empty ( $move_users ) ) {
foreach ( ( array ) $move_users as $user_id ) {
remove_user_from_blog ( $user_id , get_site_option ( 'dashboard_blog' ) );
add_user_to_blog ( $dashboard_blog_id , $user_id , get_site_option ( 'default_user_role' , 'subscriber' ) );
2010-02-22 22:25:32 +01:00
update_user_meta ( $user_id , 'primary_blog' , $dashboard_blog_id );
2010-01-06 05:02:57 +01:00
}
}
}
update_site_option ( " dashboard_blog " , $dashboard_blog_id );
$options = array ( 'registrationnotification' , 'registration' , 'add_new_users' , 'menu_items' , 'mu_media_buttons' , 'upload_space_check_disabled' , 'blog_upload_space' , 'upload_filetypes' , 'site_name' , 'first_post' , 'first_page' , 'first_comment' , 'first_comment_url' , 'first_comment_author' , 'welcome_email' , 'welcome_user_email' , 'fileupload_maxk' , 'admin_notice_feed' );
2010-02-13 08:09:04 +01:00
$checked_options = array ( 'mu_media_buttons' , 'menu_items' );
foreach ( $checked_options as $option_name ) {
if ( ! isset ( $_POST [ $option_name ]) )
$_POST [ $option_name ] = array ();
}
2010-01-16 00:49:09 +01:00
foreach ( $options as $option_name ) {
2010-02-04 19:19:21 +01:00
if ( ! isset ( $_POST [ $option_name ]) )
continue ;
2010-01-06 05:02:57 +01:00
$value = stripslashes_deep ( $_POST [ $option_name ] );
update_site_option ( $option_name , $value );
}
// Update more options here
do_action ( 'update_wpmu_options' );
2010-01-07 01:30:53 +01:00
wp_redirect ( add_query_arg ( " updated " , " true " , 'ms-options.php' ) );
2010-01-06 05:02:57 +01:00
exit ();
break ;
case " addblog " :
check_admin_referer ( 'add-blog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-16 00:49:09 +01:00
if ( is_array ( $_POST [ 'blog' ] ) == false )
2010-02-24 20:56:10 +01:00
wp_die ( " Can't create an empty site. " );
2010-01-06 05:02:57 +01:00
$blog = $_POST [ 'blog' ];
$domain = sanitize_user ( str_replace ( '/' , '' , $blog [ 'domain' ] ) );
$email = sanitize_email ( $blog [ 'email' ] );
$title = $blog [ 'title' ];
2010-01-16 00:49:09 +01:00
if ( empty ( $domain ) || empty ( $email ) )
2010-02-24 20:56:10 +01:00
wp_die ( __ ( 'Missing site address or email address.' ) );
2010-01-16 00:49:09 +01:00
if ( ! is_email ( $email ) )
2010-01-07 05:27:46 +01:00
wp_die ( __ ( 'Invalid email address' ) );
2010-01-06 05:02:57 +01:00
2010-01-16 00:49:09 +01:00
if ( is_subdomain_install () ) {
2010-01-06 05:02:57 +01:00
$newdomain = $domain . " . " . $current_site -> domain ;
$path = $base ;
} else {
$newdomain = $current_site -> domain ;
$path = $base . $domain . '/' ;
}
$password = 'N/A' ;
$user_id = email_exists ( $email );
2010-01-16 00:49:09 +01:00
if ( ! $user_id ) { // Create a new user with a random password
2010-01-07 03:22:51 +01:00
$password = wp_generate_password ();
2010-01-06 05:02:57 +01:00
$user_id = wpmu_create_user ( $domain , $password , $email );
2010-01-16 00:49:09 +01:00
if ( false == $user_id )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'There was an error creating the user' ) );
2010-01-16 00:49:09 +01:00
else
2010-01-06 05:02:57 +01:00
wp_new_user_notification ( $user_id , $password );
}
$wpdb -> hide_errors ();
$id = wpmu_create_blog ( $newdomain , $path , $title , $user_id , array ( " public " => 1 ), $current_site -> id );
$wpdb -> show_errors ();
2010-01-16 00:49:09 +01:00
if ( ! is_wp_error ( $id ) ) {
2010-01-06 05:02:57 +01:00
$dashboard_blog = get_dashboard_blog ();
2010-01-16 00:49:09 +01:00
if ( get_user_option ( 'primary_blog' , $user_id ) == $dashboard_blog -> blog_id )
2010-01-06 05:02:57 +01:00
update_user_option ( $user_id , 'primary_blog' , $id , true );
2010-02-24 20:56:10 +01:00
$content_mail = sprintf ( __ ( " New site created by %1s \n \n Address: http://%2s \n Name: %3s " ), $current_user -> user_login , $newdomain . $path , stripslashes ( $title ) );
wp_mail ( get_site_option ( 'admin_email' ), sprintf ( __ ( '[%s] New Site Created' ), $current_site -> site_name ), $content_mail , 'From: "Site Admin" <' . get_site_option ( 'admin_email' ) . '>' );
2010-01-06 05:02:57 +01:00
wpmu_welcome_notification ( $id , $user_id , $password , $title , array ( " public " => 1 ) );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'add-blog' ), $_SERVER [ 'HTTP_REFERER' ] ) );
exit ();
} else {
wp_die ( $id -> get_error_message () );
}
break ;
case " updateblog " :
check_admin_referer ( 'editblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-16 00:49:09 +01:00
if ( empty ( $_POST ) )
2010-01-14 20:42:55 +01:00
wp_die ( __ ( 'You probably need to go back to the <a href="ms-sites.php">sites page</a>' ) );
2010-01-06 05:02:57 +01:00
// themes
2010-01-23 00:35:59 +01:00
if ( isset ( $_POST [ 'theme' ]) && is_array ( $_POST [ 'theme' ] ) )
2010-01-06 05:02:57 +01:00
$_POST [ 'option' ][ 'allowedthemes' ] = $_POST [ 'theme' ];
2010-01-16 00:49:09 +01:00
else
2010-01-06 05:02:57 +01:00
$_POST [ 'option' ][ 'allowedthemes' ] = '' ;
switch_to_blog ( $id );
2010-01-16 00:49:09 +01:00
if ( is_array ( $_POST [ 'option' ] ) ) {
2010-01-06 05:02:57 +01:00
$c = 1 ;
$count = count ( $_POST [ 'option' ] );
foreach ( ( array ) $_POST [ 'option' ] as $key => $val ) {
2010-02-13 18:49:38 +01:00
if ( $key === 0 || is_array ( $val ) )
2010-01-06 05:02:57 +01:00
continue ; // Avoids "0 is a protected WP option and may not be modified" error when edit blog options
2010-01-16 00:49:09 +01:00
if ( $c == $count )
2010-02-13 18:49:38 +01:00
update_option ( $key , stripslashes ( $val ) );
2010-01-16 00:49:09 +01:00
else
2010-02-13 18:49:38 +01:00
update_option ( $key , stripslashes ( $val ), false ); // no need to refresh blog details yet
2010-01-06 05:02:57 +01:00
$c ++ ;
}
}
2010-02-28 19:41:45 +01:00
if ( isset ( $_POST [ 'update_home_url' ] ) && $_POST [ 'update_home_url' ] == 'update' ) {
2010-02-05 22:49:19 +01:00
$blog_address = get_blogaddress_by_domain ( $_POST [ 'blog' ][ 'domain' ], $_POST [ 'blog' ][ 'path' ]);
if ( get_option ( 'siteurl' ) != $blog_address )
update_option ( 'siteurl' , $blog_address );
2010-01-06 05:02:57 +01:00
2010-02-05 22:49:19 +01:00
if ( get_option ( 'home' ) != $blog_address )
update_option ( 'home' , $blog_address );
2010-01-06 05:02:57 +01:00
}
2010-01-07 05:27:46 +01:00
2010-01-06 05:02:57 +01:00
$wp_rewrite -> flush_rules ();
// update blogs table
2010-01-20 17:50:09 +01:00
$blog_data = stripslashes_deep ( $_POST [ 'blog' ]);
2010-01-23 00:35:59 +01:00
update_blog_details ( $id , $blog_data );
2010-01-06 05:02:57 +01:00
// get blog prefix
$blog_prefix = $wpdb -> get_blog_prefix ( $id );
2010-01-22 18:27:28 +01:00
2010-01-06 05:02:57 +01:00
// user roles
2010-02-28 19:41:45 +01:00
if ( isset ( $_POST [ 'role' ] ) && is_array ( $_POST [ 'role' ] ) == true ) {
2010-01-06 05:02:57 +01:00
$newroles = $_POST [ 'role' ];
reset ( $newroles );
foreach ( ( array ) $newroles as $userid => $role ) {
2010-01-19 21:12:04 +01:00
$user = new WP_User ( $userid );
if ( ! $user )
continue ;
2010-01-22 18:27:28 +01:00
$user -> for_blog ( $id );
2010-01-19 21:12:04 +01:00
$user -> set_role ( $role );
2010-01-06 05:02:57 +01:00
}
}
// remove user
2010-02-28 19:41:45 +01:00
if ( isset ( $_POST [ 'blogusers' ] ) && is_array ( $_POST [ 'blogusers' ] ) ) {
2010-01-06 05:02:57 +01:00
reset ( $_POST [ 'blogusers' ] );
foreach ( ( array ) $_POST [ 'blogusers' ] as $key => $val )
remove_user_from_blog ( $key , $id );
}
// change password
2010-02-28 19:41:45 +01:00
if ( isset ( $_POST [ 'user_password' ] ) && is_array ( $_POST [ 'user_password' ] ) ) {
2010-01-06 05:02:57 +01:00
reset ( $_POST [ 'user_password' ] );
$newroles = $_POST [ 'role' ];
foreach ( ( array ) $_POST [ 'user_password' ] as $userid => $pass ) {
unset ( $_POST [ 'role' ] );
$_POST [ 'role' ] = $newroles [ $userid ];
2010-01-16 00:49:09 +01:00
if ( $pass != '' ) {
2010-01-06 05:02:57 +01:00
$cap = $wpdb -> get_var ( " SELECT meta_value FROM { $wpdb -> usermeta } WHERE user_id = ' { $userid } ' AND meta_key = ' { $blog_prefix } capabilities' AND meta_value = 'a:0: { }' " );
$userdata = get_userdata ( $userid );
$_POST [ 'pass1' ] = $_POST [ 'pass2' ] = $pass ;
$_POST [ 'email' ] = $userdata -> user_email ;
$_POST [ 'rich_editing' ] = $userdata -> rich_editing ;
edit_user ( $userid );
2010-01-16 00:49:09 +01:00
if ( $cap == null )
2010-01-06 05:02:57 +01:00
$wpdb -> query ( " DELETE FROM { $wpdb -> usermeta } WHERE user_id = ' { $userid } ' AND meta_key = ' { $blog_prefix } capabilities' AND meta_value = 'a:0: { }' " );
}
}
unset ( $_POST [ 'role' ] );
$_POST [ 'role' ] = $newroles ;
}
// add user?
2010-02-28 19:41:45 +01:00
if ( isset ( $_POST [ 'user_password' ] ) && ! empty ( $_POST [ 'newuser' ] ) ) {
2010-01-06 05:02:57 +01:00
$newuser = $_POST [ 'newuser' ];
$userid = $wpdb -> get_var ( $wpdb -> prepare ( " SELECT ID FROM " . $wpdb -> users . " WHERE user_login = %s " , $newuser ) );
2010-01-16 00:49:09 +01:00
if ( $userid ) {
2010-01-06 05:02:57 +01:00
$user = $wpdb -> get_var ( " SELECT user_id FROM " . $wpdb -> usermeta . " WHERE user_id=' $userid ' AND meta_key='wp_ " . $id . " _capabilities' " );
2010-01-16 00:49:09 +01:00
if ( $user == false )
2010-01-06 05:02:57 +01:00
add_user_to_blog ( $id , $userid , $_POST [ 'new_role' ]);
}
}
do_action ( 'wpmu_update_blog_options' );
restore_current_blog ();
2010-01-14 20:42:55 +01:00
wpmu_admin_do_redirect ( " ms-sites.php?action=editblog&updated=true&id= " . $id );
2010-01-06 05:02:57 +01:00
break ;
case " deleteblog " :
check_admin_referer ( 'deleteblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-16 00:49:09 +01:00
if ( $id != '0' && $id != $current_site -> blog_id )
2010-01-06 05:02:57 +01:00
wpmu_delete_blog ( $id , true );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'delete' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " allblogs " :
check_admin_referer ( 'allblogs' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
foreach ( ( array ) $_POST [ 'allblogs' ] as $key => $val ) {
2010-01-16 00:49:09 +01:00
if ( $val != '0' && $val != $current_site -> blog_id ) {
2010-01-06 05:02:57 +01:00
if ( isset ( $_POST [ 'allblog_delete' ]) ) {
$blogfunction = 'all_delete' ;
wpmu_delete_blog ( $val , true );
} elseif ( isset ( $_POST [ 'allblog_spam' ]) ) {
$blogfunction = 'all_spam' ;
update_blog_status ( $val , " spam " , '1' , 0 );
2010-01-07 05:27:46 +01:00
set_time_limit ( 60 );
2010-01-06 05:02:57 +01:00
} elseif ( isset ( $_POST [ 'allblog_notspam' ]) ) {
$blogfunction = 'all_notspam' ;
update_blog_status ( $val , " spam " , '0' , 0 );
2010-01-07 05:27:46 +01:00
set_time_limit ( 60 );
2010-01-06 05:02:57 +01:00
}
}
}
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => $blogfunction ), $_SERVER [ 'HTTP_REFERER' ] ) );
exit ();
break ;
case " archiveblog " :
check_admin_referer ( 'archiveblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
update_blog_status ( $id , " archived " , '1' );
do_action ( " archive_blog " , $id );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'archive' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " unarchiveblog " :
check_admin_referer ( 'unarchiveblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
do_action ( " unarchive_blog " , $id );
update_blog_status ( $id , " archived " , '0' );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'unarchive' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " activateblog " :
check_admin_referer ( 'activateblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
update_blog_status ( $id , " deleted " , '0' );
do_action ( " activate_blog " , $id );
wp_redirect ( add_query_arg ( " updated " , array ( 'updated' => 'true' , 'action' => 'activate' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " deactivateblog " :
check_admin_referer ( 'deactivateblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
do_action ( " deactivate_blog " , $id );
update_blog_status ( $id , " deleted " , '1' );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'deactivate' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " unspamblog " :
check_admin_referer ( 'unspamblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
update_blog_status ( $id , " spam " , '0' );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'unspam' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " spamblog " :
check_admin_referer ( 'spamblog' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_sites' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
update_blog_status ( $id , " spam " , '1' );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'spam' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " mature " :
update_blog_status ( $id , 'mature' , '1' );
do_action ( 'mature_blog' , $id );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'mature' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " unmature " :
update_blog_status ( $id , 'mature' , '0' );
do_action ( 'unmature_blog' , $id );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'umature' ), $_POST [ 'ref' ] ) );
exit ();
break ;
// Themes
case " updatethemes " :
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_network_themes' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-16 00:49:09 +01:00
if ( is_array ( $_POST [ 'theme' ] ) ) {
2010-01-06 05:02:57 +01:00
$themes = get_themes ();
reset ( $themes );
2010-01-16 00:49:09 +01:00
foreach ( ( array ) $themes as $key => $theme ) {
2010-02-13 11:35:10 +01:00
if ( $_POST [ 'theme' ][ esc_html ( $theme [ 'Stylesheet' ] ) ] == 'enabled' )
$allowed_themes [ esc_html ( $theme [ 'Stylesheet' ] ) ] = true ;
2010-01-06 05:02:57 +01:00
}
update_site_option ( 'allowedthemes' , $allowed_themes );
}
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'themes' ), $_SERVER [ 'HTTP_REFERER' ] ) );
exit ();
break ;
// Common
case " confirm " :
$referrer = ( isset ( $_GET [ 'ref' ]) ) ? stripslashes ( $_GET [ 'ref' ]) : $_SERVER [ 'HTTP_REFERER' ];
2010-02-22 19:15:10 +01:00
$referrer = esc_url ( $referrer );
2010-01-16 00:49:09 +01:00
if ( ! headers_sent () ) {
2010-01-06 05:02:57 +01:00
nocache_headers ();
header ( 'Content-Type: text/html; charset=utf-8' );
}
?>
<! DOCTYPE html PUBLIC " -//W3C//DTD XHTML 1.0 Transitional//EN " " http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd " >
< html xmlns = " http://www.w3.org/1999/xhtml " < ? php if ( function_exists ( 'language_attributes' ) ) language_attributes (); ?> >
< head >
2010-02-24 20:56:10 +01:00
< title >< ? php _e ( " WordPress › Confirm your action " ); ?> </title>
2010-01-06 05:02:57 +01:00
< meta http - equiv = " Content-Type " content = " text/html; charset=utf-8 " />
< ? php wp_admin_css ( 'install' , true ); ?>
</ head >
< body id = " error-page " >
2010-02-20 22:09:49 +01:00
< h1 id = " logo " >< img alt = " WordPress " src = " <?php echo esc_url( admin_url( 'images/wordpress-logo.png' ) ); ?> " /></ h1 >
2010-02-13 11:35:10 +01:00
< form action = 'ms-edit.php?action=<?php echo esc_attr( $_GET[ ' action2 ' ] ) ?>' method = 'post' >
< input type = 'hidden' name = 'action' value = '<?php echo esc_attr( $_GET[' action2 '] ) ?>' />
< input type = 'hidden' name = 'id' value = '<?php echo esc_attr( $id ); ?>' />
2010-01-06 05:02:57 +01:00
< input type = 'hidden' name = 'ref' value = '<?php echo $referrer; ?>' />
< ? php wp_nonce_field ( $_GET [ 'action2' ] ) ?>
2010-02-13 11:35:10 +01:00
< p >< ? php echo esc_html ( stripslashes ( $_GET [ 'msg' ]) ); ?> </p>
2010-01-07 05:27:46 +01:00
< p class = " submit " >< input class = " button " type = 'submit' value = '<?php _e("Confirm"); ?>' /></ p >
2010-01-06 05:02:57 +01:00
</ form >
</ body >
</ html >
< ? php
break ;
// Users (not used any more)
case " deleteuser " :
check_admin_referer ( 'deleteuser' );
2010-01-16 00:49:09 +01:00
if ( $id != '0' && $id != '1' )
2010-01-06 05:02:57 +01:00
wpmu_delete_user ( $id );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'delete' ), $_POST [ 'ref' ] ) );
exit ();
break ;
case " allusers " :
check_admin_referer ( 'allusers' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_network_users' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
if ( isset ( $_POST [ 'alluser_delete' ]) ) {
require_once ( 'admin-header.php' );
echo '<div class="wrap" style="position:relative;">' ;
confirm_delete_users ( $_POST [ 'allusers' ] );
echo '</div>' ;
2010-02-28 17:58:17 +01:00
require_once ( 'admin-footer.php' );
2010-01-16 00:49:09 +01:00
} elseif ( isset ( $_POST [ 'alluser_transfer_delete' ] ) ) {
if ( is_array ( $_POST [ 'blog' ] ) && ! empty ( $_POST [ 'blog' ] ) ) {
foreach ( $_POST [ 'blog' ] as $id => $users ) {
foreach ( $users as $blogid => $user_id ) {
2010-01-06 05:02:57 +01:00
remove_user_from_blog ( $id , $blogid , $user_id );
}
}
}
2010-01-16 00:49:09 +01:00
if ( is_array ( $_POST [ 'user' ] ) && ! empty ( $_POST [ 'user' ] ) )
2010-01-06 05:02:57 +01:00
foreach ( $_POST [ 'user' ] as $id )
wpmu_delete_user ( $id );
2010-01-07 01:30:53 +01:00
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'all_delete' ), 'ms-users.php' ) );
2010-02-25 23:11:54 +01:00
} elseif ( isset ( $_POST [ 'add_superadmin' ] ) ) {
$super_admins = get_site_option ( 'site_admins' , array ( 'admin' ) );
$mainblog_id = $wpdb -> get_var ( " SELECT blog_id FROM { $wpdb -> blogs } WHERE domain=' { $current_site -> domain } ' AND path=' { $current_site -> path } ' " );
foreach ( ( array ) $_POST [ 'allusers' ] as $key => $val ) {
if ( $val == '' || $val == '0' )
continue ;
$user = new WP_User ( $val );
if ( in_array ( $user -> user_login , $super_admins ) )
continue ;
if ( $mainblog_id )
add_user_to_blog ( $mainblog_id , $user -> ID , 'administrator' );
$super_admins [] = $user -> user_login ;
}
update_site_option ( 'site_admins' , $super_admins );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'add_superadmin' ), $_SERVER [ 'HTTP_REFERER' ] ) );
} elseif ( isset ( $_POST [ 'remove_superadmin' ] ) ) {
$super_admins = get_site_option ( 'site_admins' , array ( 'admin' ) );
2010-02-26 18:16:31 +01:00
$admin_email = get_site_option ( 'admin_email' );
2010-02-25 23:11:54 +01:00
foreach ( ( array ) $_POST [ 'allusers' ] as $key => $val ) {
if ( $val == '' || $val == '0' )
continue ;
$user = new WP_User ( $val );
2010-02-26 18:16:31 +01:00
if ( $user -> ID == $current_user -> ID || $user -> user_email == $admin_email )
continue ;
2010-02-25 23:11:54 +01:00
foreach ( $super_admins as $key => $username ) {
if ( $username == $user -> user_login ) {
unset ( $super_admins [ $key ] );
break ;
}
}
}
update_site_option ( 'site_admins' , $super_admins );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'remove_superadmin' ), $_SERVER [ 'HTTP_REFERER' ] ) );
2010-01-06 05:02:57 +01:00
} else {
foreach ( ( array ) $_POST [ 'allusers' ] as $key => $val ) {
2010-01-16 00:49:09 +01:00
if ( $val == '' || $val == '0' )
2010-01-06 05:02:57 +01:00
continue ;
$user = new WP_User ( $val );
2010-01-16 00:49:09 +01:00
if ( in_array ( $user -> user_login , get_site_option ( 'site_admins' , array ( 'admin' ) ) ) )
2010-02-24 20:56:10 +01:00
wp_die ( sprintf ( __ ( 'Warning! User cannot be modified. The user %s is a network admnistrator.' ), $user -> user_login ) );
2010-01-06 05:02:57 +01:00
if ( isset ( $_POST [ 'alluser_spam' ]) ) {
$userfunction = 'all_spam' ;
$blogs = get_blogs_of_user ( $val , true );
foreach ( ( array ) $blogs as $key => $details ) {
if ( $details -> userblog_id == $current_site -> blog_id ) { continue ; } // main blog not a spam !
update_blog_status ( $details -> userblog_id , " spam " , '1' );
}
update_user_status ( $val , " spam " , '1' , 1 );
} elseif ( isset ( $_POST [ 'alluser_notspam' ]) ) {
$userfunction = 'all_notspam' ;
$blogs = get_blogs_of_user ( $val , true );
foreach ( ( array ) $blogs as $key => $details ) {
update_blog_status ( $details -> userblog_id , " spam " , '0' );
}
update_user_status ( $val , " spam " , '0' , 1 );
}
}
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => $userfunction ), $_SERVER [ 'HTTP_REFERER' ] ) );
}
exit ();
break ;
case " adduser " :
check_admin_referer ( 'add-user' );
2010-02-22 19:41:38 +01:00
if ( ! current_user_can ( 'manage_network_users' ) )
wp_die ( __ ( 'You do not have permission to access this page.' ) );
2010-01-06 05:02:57 +01:00
2010-01-16 00:49:09 +01:00
if ( is_array ( $_POST [ 'user' ] ) == false )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( " Cannot create an empty user. " ) );
$user = $_POST [ 'user' ];
2010-01-16 00:49:09 +01:00
if ( empty ( $user [ 'username' ]) && empty ( $user [ 'email' ]) )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'Missing username and email.' ) );
2010-01-16 00:49:09 +01:00
elseif ( empty ( $user [ 'username' ]) )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'Missing username.' ) );
2010-01-16 00:49:09 +01:00
elseif ( empty ( $user [ 'email' ]) )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'Missing email.' ) );
2010-01-27 18:55:39 +01:00
$password = wp_generate_password ();
2010-02-26 01:41:23 +01:00
$user_id = wpmu_create_user ( esc_html ( strtolower ( $user [ 'username' ] ) ), $password , esc_html ( $user [ 'email' ] ) );
2010-01-06 05:02:57 +01:00
2010-01-16 00:49:09 +01:00
if ( false == $user_id )
2010-01-06 05:02:57 +01:00
wp_die ( __ ( 'Duplicated username or email address.' ) );
2010-01-16 00:49:09 +01:00
else
2010-01-06 05:02:57 +01:00
wp_new_user_notification ( $user_id , $password );
2010-01-16 00:49:09 +01:00
if ( get_site_option ( 'dashboard_blog' ) == false )
2010-01-06 05:02:57 +01:00
add_user_to_blog ( $current_site -> blog_id , $user_id , get_site_option ( 'default_user_role' , 'subscriber' ) );
2010-01-16 00:49:09 +01:00
else
2010-01-06 05:02:57 +01:00
add_user_to_blog ( get_site_option ( 'dashboard_blog' ), $user_id , get_site_option ( 'default_user_role' , 'subscriber' ) );
wp_redirect ( add_query_arg ( array ( 'updated' => 'true' , 'action' => 'add' ), $_SERVER [ 'HTTP_REFERER' ] ) );
exit ();
break ;
default :
2010-01-07 01:30:53 +01:00
wpmu_admin_do_redirect ( " ms-admin.php " );
2010-01-06 05:02:57 +01:00
break ;
}
?>