From 5e7c850484b527f7efaaf943a368512083df0d8f Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Thu, 8 Jun 2006 18:36:05 +0000
Subject: [PATCH] User management improvements from Mark Jaquith and David
 House.  #2793

git-svn-id: http://svn.automattic.com/wordpress/trunk@3857 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-admin/admin-functions.php |  12 +-
 wp-admin/menu.php            |  10 +-
 wp-admin/profile.php         |   5 +-
 wp-admin/user-edit.php       |  19 +-
 wp-admin/users.php           | 368 +++++++++++++++++++++++------------
 wp-admin/wp-admin.css        |   2 +-
 wp-includes/functions.php    |  35 +++-
 7 files changed, 310 insertions(+), 141 deletions(-)

diff --git a/wp-admin/admin-functions.php b/wp-admin/admin-functions.php
index 9f596fc7d..996765308 100644
--- a/wp-admin/admin-functions.php
+++ b/wp-admin/admin-functions.php
@@ -729,17 +729,21 @@ function user_row( $user_object, $style = '' ) {
 	if (strlen($short_url) > 35)
 		$short_url =  substr($short_url, 0, 32).'...';
 	$numposts = get_usernumposts($user_object->ID);
-	if (0 < $numposts) $numposts = "<a href='edit.php?author=$user_object->ID' title='" . __('View posts') . "'>$numposts</a>";
 	$r = "<tr id='user-$user_object->ID'$style>
 		<td><input type='checkbox' name='users[]' id='user_{$user_object->ID}' value='{$user_object->ID}' /> <label for='user_{$user_object->ID}'>{$user_object->ID}</label></td>
 		<td><label for='user_{$user_object->ID}'><strong>$user_object->user_login</strong></label></td>
 		<td><label for='user_{$user_object->ID}'>$user_object->first_name $user_object->last_name</label></td>
 		<td><a href='mailto:$email' title='" . sprintf(__('e-mail: %s'), $email) . "'>$email</a></td>
 		<td><a href='$url' title='website: $url'>$short_url</a></td>";
-	$r .= "\n\t\t<td align='center'>$numposts</td>";
-	$r .= "\n\t\t<td>";
+	$r .= "\n\t\t<td align='center'>";
+	if ($numposts > 0) {
+		$r .= "<a href='edit.php?author=$user_object->ID' title='" . __('View posts by this author') . "' class='edit'>";
+		$r .= sprintf(__('View %1$s %2$s'), $numposts, __ngettext('post', 'posts', $numposts));
+	}
+	$r .= "</td>\n\t\t<td>";
+	$edit_link = add_query_arg('wp_http_referer', wp_specialchars(urlencode(stripslashes($_SERVER['REQUEST_URI']))), "user-edit.php?user_id=$user_object->ID");
 	if ( current_user_can('edit_user', $user_object->ID) )
-		$r .= "<a href='user-edit.php?user_id=$user_object->ID' class='edit'>".__('Edit')."</a>";
+		$r .= "<a href='$edit_link' class='edit'>".__('Edit')."</a>";
 	$r .= "</td>\n\t</tr>";
 	return $r;
 }
diff --git a/wp-admin/menu.php b/wp-admin/menu.php
index fa5ee19a7..cbeb16ba4 100644
--- a/wp-admin/menu.php
+++ b/wp-admin/menu.php
@@ -11,7 +11,7 @@ $menu[20] = array(__('Bookmarks'), 'manage_links', 'link-manager.php');
 $menu[25] = array(__('Presentation'), 'switch_themes', 'themes.php');
 $menu[30] = array(__('Plugins'), 'activate_plugins', 'plugins.php');
 if ( current_user_can('edit_users') )
-	$menu[35] = array(__('Users'), 'read', 'profile.php');
+	$menu[35] = array(__('Users'), 'edit_users', 'users.php');
 else
 	$menu[35] = array(__('Profile'), 'read', 'profile.php');
 $menu[40] = array(__('Options'), 'manage_options', 'options-general.php');
@@ -34,8 +34,12 @@ $submenu['link-manager.php'][5] = array(__('Manage Bookmarks'), 'manage_links',
 $submenu['link-manager.php'][10] = array(__('Add Bookmark'), 'manage_links', 'link-add.php');
 $submenu['link-manager.php'][20] = array(__('Import Bookmarks'), 'manage_links', 'link-import.php');
 
-$submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
-$submenu['profile.php'][10] = array(__('Authors &amp; Users'), 'edit_users', 'users.php');
+if ( current_user_can('edit_users') ) {
+	$submenu['users.php'][5] = array(__('Authors &amp; Users'), 'edit_users', 'users.php');
+	$submenu['users.php'][10] = array(__('Your Profile'), 'read', 'profile.php');
+} else {
+	$submenu['profile.php'][5] = array(__('Your Profile'), 'read', 'profile.php');
+}
 
 $submenu['options-general.php'][10] = array(__('General'), 'manage_options', 'options-general.php');
 $submenu['options-general.php'][15] = array(__('Writing'), 'manage_options', 'options-writing.php');
diff --git a/wp-admin/profile.php b/wp-admin/profile.php
index 04f2fc492..eb66e078a 100644
--- a/wp-admin/profile.php
+++ b/wp-admin/profile.php
@@ -3,7 +3,10 @@ require_once('admin.php');
 
 $title = __('Profile');
 
-$parent_file = 'profile.php';
+if ( current_user_can('edit_users') )
+	$parent_file = 'users.php';
+else
+	$parent_file = 'profile.php';
 include_once('admin-header.php');
 $profileuser = new WP_User($user_ID);
 
diff --git a/wp-admin/user-edit.php b/wp-admin/user-edit.php
index 362dbde09..851451ac0 100644
--- a/wp-admin/user-edit.php
+++ b/wp-admin/user-edit.php
@@ -2,10 +2,13 @@
 require_once('admin.php');
 
 $title = __('Edit User');
-$parent_file = 'profile.php';
+if ( current_user_can('edit_users') )
+	$parent_file = 'users.php';
+else
+	$parent_file = 'profile.php';
 $submenu_file = 'users.php';
 
-$wpvarstoreset = array('action', 'redirect', 'profile', 'user_id');
+$wpvarstoreset = array('action', 'redirect', 'profile', 'user_id', 'wp_http_referer');
 for ($i=0; $i<count($wpvarstoreset); $i += 1) {
 	$wpvar = $wpvarstoreset[$i];
 	if (!isset($$wpvar)) {
@@ -21,6 +24,8 @@ for ($i=0; $i<count($wpvarstoreset); $i += 1) {
 	}
 }
 
+$wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer));
+
 switch ($action) {
 case 'switchposts':
 
@@ -40,7 +45,9 @@ else
 	$errors = edit_user($user_id);
 
 if( !is_wp_error( $errors ) ) {
-	header("Location: user-edit.php?user_id=$user_id&updated=true");
+	$redirect = "user-edit.php?user_id=$user_id&updated=true";
+	$redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect);
+	header("Location: $redirect");
 	exit;
 }
 
@@ -57,6 +64,9 @@ if ( !current_user_can('edit_user', $user_id) )
 <?php if ( isset($_GET['updated']) ) : ?>
 <div id="message" class="updated fade">
 	<p><strong><?php _e('User updated.') ?></strong></p>
+	<?php if ( $wp_http_referer ) : ?>
+	<p><a href="<?php echo wp_specialchars($wp_http_referer); ?>"><?php _e('&laquo; Back to Authors and Users'); ?></a></p>
+	<?php endif; ?>
 </div>
 <?php endif; ?>
 <?php if ( is_wp_error( $errors ) ) : ?>
@@ -75,6 +85,9 @@ if ( !current_user_can('edit_user', $user_id) )
 
 <form name="profile" id="your-profile" action="user-edit.php" method="post">
 <?php wp_nonce_field('update-user_' . $user_id) ?>
+<?php if ( $wp_http_referer ) : ?>
+	<input type="hidden" name="wp_http_referer" value="<?php echo wp_specialchars($wp_http_referer); ?>" />
+<?php endif; ?>
 <p>
 <input type="hidden" name="from" value="profile" />
 <input type="hidden" name="checkuser_id" value="<?php echo $user_ID ?>" />
diff --git a/wp-admin/users.php b/wp-admin/users.php
index 86b2cf442..87a33e84c 100644
--- a/wp-admin/users.php
+++ b/wp-admin/users.php
@@ -3,39 +3,51 @@ require_once('admin.php');
 require_once( ABSPATH . WPINC . '/registration-functions.php');
 
 $title = __('Users');
-$parent_file = 'profile.php';
+if ( current_user_can('edit_users') )
+	$parent_file = 'users.php';
+else
+	$parent_file = 'profile.php';
 
 $action = $_REQUEST['action'];
 $update = '';
 
+if ( empty($_POST) ) {
+	$referer = '<input type="hidden" name="wp_http_referer" value="'. wp_specialchars(stripslashes($_SERVER['REQUEST_URI'])) . '" />';
+} elseif ( isset($_POST['wp_http_referer']) ) {
+	$redirect = remove_query_arg(array('wp_http_referer', 'updated', 'delete_count'), urlencode(stripslashes($_POST['wp_http_referer'])));
+	$referer = '<input type="hidden" name="wp_http_referer" value="' . wp_specialchars($redirect) . '" />';
+} else {
+	$redirect = 'users.php';
+}
+
 switch ($action) {
 
 case 'promote':
 	check_admin_referer('bulk-users');
 
 	if (empty($_POST['users'])) {
-		header('Location: users.php');
+		header('Location: ' . $redirect);
 	}
 
 	if ( !current_user_can('edit_users') )
 		die(__('You can&#8217;t edit users.'));
 
- 	$userids = $_POST['users'];
+	$userids = $_POST['users'];
 	$update = 'promote';
- 	foreach($userids as $id) {
- 		if ( ! current_user_can('edit_user', $id) )
- 			die(__('You can&#8217;t edit that user.'));
+	foreach($userids as $id) {
+		if ( ! current_user_can('edit_user', $id) )
+			die(__('You can&#8217;t edit that user.'));
 		// The new role of the current user must also have edit_users caps
 		if($id == $current_user->id && !$wp_roles->role_objects[$_POST['new_role']]->has_cap('edit_users')) {
 			$update = 'err_admin_role';
 			continue;
 		}
 
- 		$user = new WP_User($id);
- 		$user->set_role($_POST['new_role']);
- 	}
+		$user = new WP_User($id);
+		$user->set_role($_POST['new_role']);
+	}
 
-	header('Location: users.php?update=' . $update);
+	header('Location: ' . add_query_arg('update', $update, $redirect));
 
 break;
 
@@ -44,24 +56,25 @@ case 'dodelete':
 	check_admin_referer('delete-users');
 
 	if ( empty($_POST['users']) ) {
-		header('Location: users.php');
+		header('Location: ' . $redirect);
 	}
 
 	if ( !current_user_can('delete_users') )
 		die(__('You can&#8217;t delete users.'));
 
 	$userids = $_POST['users'];
-
 	$update = 'del';
- 	foreach ($userids as $id) {
- 		if ( ! current_user_can('delete_user', $id) )
- 			die(__('You can&#8217;t delete that user.'));
- 
+	$delete_count = 0;
+
+	foreach ( (array) $userids as $id) {
+		if ( ! current_user_can('delete_user', $id) )
+			die(__('You can&#8217;t delete that user.'));
+
 		if($id == $current_user->id) {
 			$update = 'err_admin_del';
 			continue;
 		}
- 		switch($_POST['delete_option']) {
+		switch($_POST['delete_option']) {
 		case 'delete':
 			wp_delete_user($id);
 			break;
@@ -69,9 +82,12 @@ case 'dodelete':
 			wp_delete_user($id, $_POST['reassign_user']);
 			break;
 		}
+		++$delete_count;
 	}
 
-	header('Location: users.php?update=' . $update);
+	$redirect = add_query_arg('delete_count', $delete_count, $redirect);
+
+	header('Location: ' . add_query_arg('update', $update, $redirect));
 
 break;
 
@@ -79,12 +95,11 @@ case 'delete':
 
 	check_admin_referer('bulk-users');
 
-	if (empty($_POST['users'])) {
-		header('Location: users.php');
-	}
+	if ( empty($_POST['users']) )
+		header('Location: ' . $redirect);
 
 	if ( !current_user_can('delete_users') )
-		$error = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
+		$errors = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
 
 	$userids = $_POST['users'];
 
@@ -92,33 +107,32 @@ case 'delete':
 ?>
 <form action="" method="post" name="updateusers" id="updateusers">
 <?php wp_nonce_field('delete-users') ?>
+<?php echo $referer; ?>
 <div class="wrap">
 <h2><?php _e('Delete Users'); ?></h2>
 <p><?php _e('You have specified these users for deletion:'); ?></p>
 <ul>
 <?php
 	$go_delete = false;
- 	foreach ($userids as $id) {
- 		$user = new WP_User($id);
-		if ($id == $current_user->id) {
+	foreach ( (array) $userids as $id ) {
+		$user = new WP_User($id);
+		if ( $id == $current_user->id ) {
 			echo "<li>" . sprintf(__('ID #%1s: %2s <strong>The current user will not be deleted.</strong>'), $id, $user->user_login) . "</li>\n";
 		} else {
 			echo "<li><input type=\"hidden\" name=\"users[]\" value=\"{$id}\" />" . sprintf(__('ID #%1s: %2s'), $id, $user->user_login) . "</li>\n";
 			$go_delete = true;
 		}
- 	}
- 	$all_logins = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY user_login");
- 	$user_dropdown = '<select name="reassign_user">';
- 	foreach ($all_logins as $login) {
-		if ( $login->ID == $current_user->id || !in_array($login->ID, $userids) ) {
- 			$user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>";
- 		}
- 	}
- 	$user_dropdown .= '</select>';
- 	?>
- 	</ul>
-<?php if($go_delete) : ?>
- 	<p><?php _e('What should be done with posts and links owned by this user?'); ?></p>
+	}
+	$all_logins = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users ORDER BY user_login");
+	$user_dropdown = '<select name="reassign_user">';
+	foreach ( (array) $all_logins as $login )
+		if ( $login->ID == $current_user->id || !in_array($login->ID, $userids) )
+			$user_dropdown .= "<option value=\"{$login->ID}\">{$login->user_login}</option>";
+	$user_dropdown .= '</select>';
+	?>
+	</ul>
+<?php if ( $go_delete ) : ?>
+	<p><?php _e('What should be done with posts and links owned by this user?'); ?></p>
 	<ul style="list-style:none;">
 		<li><label><input type="radio" id="delete_option0" name="delete_option" value="delete" checked="checked" />
 		<?php _e('Delete all posts and links.'); ?></label></li>
@@ -143,35 +157,86 @@ case 'adduser':
 		die(__('You can&#8217;t create users.'));
 
 	$user_id = add_user();
+	$update = 'add';
 	if ( is_wp_error( $user_id ) )
-		$errors = $user_id;
+		$add_user_errors = $user_id;
 	else {
-		header('Location: users.php?update=add');
+		$new_user_login = apply_filters('pre_user_login', sanitize_user(stripslashes($_POST['user_login']), true));
+		$redirect = add_query_arg('usersearch', $new_user_login, $redirect);
+		header('Location: ' . add_query_arg('update', $update, $redirect) . '#user-' . $user_id);
 		die();
 	}
 
 default:
-	wp_enqueue_script( 'admin-users' );
+	wp_enqueue_script('admin-users');
 
-	include ('admin-header.php');
+	include('admin-header.php');
 
-	$userids = $wpdb->get_col("SELECT ID FROM $wpdb->users;");
+	/* Paging and Search by Mark Jaquith, June 6th, 2006 */
 
-	foreach($userids as $userid) {
+	$users_per_page = 50;
+
+	$page = (int) $_GET['userspage'];
+	if ( !$page )
+		$page = 1;
+
+	$starton = ($page - 1) * $users_per_page;
+
+	$limit = 'LIMIT ' . $starton . ',' .  $users_per_page;
+
+	$search_term = $_GET['usersearch'];
+	if ( $search_term ) {
+		$searches = array();
+		$search_sql = 'AND (';
+		foreach ( array('user_login', 'user_nicename', 'user_email', 'user_url', 'display_name') as $col )
+			$searches[] = $col . " LIKE '%$search_term%'";
+		$search_sql .= implode(' OR ', $searches);
+		$search_sql .= ')';
+		$search_term = stripslashes($search_term); // done with DB, from now on we want slashes gone
+	}
+
+	if ( !$_GET['update'] && !$search_term && !$_GET['userspage'] && $wpdb->get_var("SELECT COUNT(ID) FROM $wpdb->users") > $users_per_page )
+		$too_many_users = sprintf(__('Because this blog has more than %s users, they cannot all be shown on one page.  Use the paging or search functionality in order to find the user you want to edit.'), $users_per_page);
+
+	$from_where = "FROM $wpdb->users WHERE 1=1 $search_sql";
+	$userids = $wpdb->get_col('SELECT ID ' . $from_where . $limit);
+
+	if ( $userids )
+		$total_users_for_this_query = $wpdb->get_var('SELECT COUNT(ID) ' . $from_where); // no limit
+	else
+		$errors = new WP_Error('no_matching_users_found', __('No matching users were found!'));
+
+	// Now for the paging
+	if ( $total_users_for_this_query > $users_per_page ) { // have to page the results
+		$prev_page = ( $page > 1) ? true : false;
+		$next_page = ( ($page * $users_per_page) < $total_users_for_this_query ) ? true : false;
+		$paging_text = '';
+		if ( $prev_page )
+			$paging_text .= '<p class="alignleft"><a href="' . add_query_arg(array('usersearch' => $search_term, 'userspage' => $page - 1), 'users.php?') . '">&laquo; Previous Page</a></p>';
+		if ( $next_page )
+			$paging_text .= '<p class="alignright"><a href="' . add_query_arg(array('usersearch' => $search_term, 'userspage' => $page + 1), 'users.php?') . '">Next Page &raquo;</a></p>';
+		if ( $prev_page || $next_page )
+			$paging_text .= '<br style="clear:both" />';
+	}
+
+	// Clean up, we're done with these variables
+	unset($prev_page, $next_page, $limit, $searches, $search_sql, $col);
+
+	// Make the user objects
+	foreach ( (array) $userids as $userid ) {
 		$tmp_user = new WP_User($userid);
 		$roles = $tmp_user->roles;
 		$role = array_shift($roles);
 		$roleclasses[$role][$tmp_user->user_login] = $tmp_user;
 	}
 
-	?>
-
-	<?php 
-	if (isset($_GET['update'])) : 
+	if ( isset($_GET['update']) ) :
 		switch($_GET['update']) {
 		case 'del':
+		case 'del_many':
 		?>
-			<div id="message" class="updated fade"><p><?php _e('User deleted.'); ?></p></div>
+			<?php $delete_count = (int) $_GET['delete_count']; ?>
+			<div id="message" class="updated fade"><p><?php printf(__('%1$s %2$s deleted.'), $delete_count, __ngettext('user', 'users', $delete_count) ); ?></p></div>
 		<?php
 			break;
 		case 'add':
@@ -197,24 +262,50 @@ default:
 		<?php
 			break;
 		}
-	endif; 
-	if ( is_wp_error( $errors ) ) : ?>
+	endif; ?>
+
+<?php if ( is_wp_error( $errors ) ) : ?>
 	<div class="error">
 		<ul>
 		<?php
 			foreach ( $errors->get_error_messages() as $message )
-				 echo "<li>$message</li>";
+				echo "<li>$message</li>";
 		?>
 		</ul>
 	</div>
-	<?php 
-	endif;
-	?>
+<?php endif; ?>
+
+<?php if ( $too_many_users ) : ?>
+	<div id="message" class="updated">
+		<p><?php echo $too_many_users; ?></p>
+	</div>
+<?php endif; ?>
+
+<div class="wrap">
+	<h2><?php _e('Search For Users'); ?></h2>
+	<form action="" method="get" name="search" id="search">
+		<p><input type="text" name="usersearch" id="usersearch" value="<?php echo wp_specialchars($search_term); ?>" /> <input type="submit" value="Search &raquo;" /></p>
+	</form>
+	<?php if ( $search_term ) : ?>
+		<p><a href="users.php"><?php _e('&laquo; Back to All Users'); ?></a></p>
+	<?php endif; ?>
+</div>
+
+<?php if ( $userids ) : ?>
 
 <form action="" method="post" name="updateusers" id="updateusers">
 <?php wp_nonce_field('bulk-users') ?>
 <div class="wrap">
-	<h2><?php _e('User List by Role'); ?></h2>
+	<?php if ( $search_term ) : ?>
+		<h2><?php printf(__('Users Matching "%s" by Role'), $search_term); ?></h2>
+		<div class="user-paging-text"><?php echo $paging_text; ?></div>
+	<?php else : ?>
+		<h2><?php _e('User List by Role'); ?></h2>
+		<?php if ( $paging_text ) : ?>
+			<div class="user-paging-text"><?php echo $paging_text; ?></p></div>
+		<?php endif; ?>
+	<?php endif; ?>
+	<h3><?php printf(__('Results %1$s - %2$s of %3$s shown below'), $starton + 1, min($starton + $users_per_page, $total_users_for_this_query), $total_users_for_this_query); ?></h3>
 <table class="widefat">
 <?php
 foreach($roleclasses as $role => $roleclass) {
@@ -222,100 +313,131 @@ foreach($roleclasses as $role => $roleclass) {
 ?>
 
 <tr>
-	<th colspan="8" align="left"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th>
+	<th colspan="7" align="left"><h3><?php echo $wp_roles->role_names[$role]; ?></h3></th>
 </tr>
-<thead>
-<tr>
+<tr class="thead">
 	<th style="text-align: left"><?php _e('ID') ?></th>
 	<th style="text-align: left"><?php _e('Username') ?></th>
 	<th style="text-align: left"><?php _e('Name') ?></th>
 	<th style="text-align: left"><?php _e('E-mail') ?></th>
 	<th style="text-align: left"><?php _e('Website') ?></th>
-	<th><?php _e('Posts') ?></th>
-	<th>&nbsp;</th>
+	<th colspan="2"><?php _e('Actions') ?></th>
 </tr>
 </thead>
 <tbody id="role-<?php echo $role; ?>"><?php
 $style = '';
-foreach ($roleclass as $user_object) {
-	$style = (' class="alternate"' == $style) ? '' : ' class="alternate"';
-	echo "\n\t" . user_row( $user_object, $style );
+foreach ( (array) $roleclass as $user_object ) {
+	$style = ( ' class="alternate"' == $style ) ? '' : ' class="alternate"';
+	echo "\n\t" . user_row($user_object, $style);
 }
-
 ?>
 
 </tbody>
-<?php
-}
-?>
+<?php } ?>
 </table>
 
+<?php if ( $paging_text ) : ?>
+	<div class="user-paging-text"><?php echo $paging_text; ?></div>
+<?php endif; ?>
 
 	<h2><?php _e('Update Users'); ?></h2>
-  <ul style="list-style:none;">
-  	<li><input type="radio" name="action" id="action0" value="delete" /> <label for="action0"><?php _e('Delete checked users.'); ?></label></li>
-  	<li>
-		<input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label>
-		<select name="new_role"><?php wp_dropdown_roles(); ?></select>
-	</li>
-  </ul>
-	<p class="submit"><input type="submit" value="<?php _e('Update &raquo;'); ?>" /></p>
+	<ul style="list-style:none;">
+		<li><input type="radio" name="action" id="action0" value="delete" /> <label for="action0"><?php _e('Delete checked users.'); ?></label></li>
+		<li>
+			<input type="radio" name="action" id="action1" value="promote" /> <label for="action1"><?php _e('Set the Role of checked users to:'); ?></label>
+			<select name="new_role"><?php wp_dropdown_roles(); ?></select>
+		</li>
+	</ul>
+	<p class="submit">
+		<?php echo $referer; ?>
+		<input type="submit" value="<?php _e('Update &raquo;'); ?>" />
+	</p>
 </div>
 </form>
 
-<div class="wrap">
-<h2><?php _e('Add New User') ?></h2>
-<?php echo '<p>'.sprintf(__('Users can <a href="%1$s">register themselves</a> or you can manually create users here.'), get_settings('siteurl').'/wp-register.php').'</p>'; ?>
-<form action="" method="post" name="adduser" id="adduser">
-  <?php wp_nonce_field('add-user') ?>
-  <table class="editform" width="100%" cellspacing="2" cellpadding="5">
-    <tr>
-      <th scope="row" width="33%"><?php _e('Nickname') ?>
-      <input name="action" type="hidden" id="action" value="adduser" /></th>
-      <td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('First Name') ?> </th>
-      <td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Last Name') ?> </th>
-      <td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('E-mail') ?></th>
-      <td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
-    </tr>
-    <tr>
-      <th scope="row"><?php _e('Website') ?></th>
-      <td><input name="url" type="text" id="url" value="<?php echo $new_user_uri; ?>" /></td>
-    </tr>
+<?php endif; // if users were returned ?>
+
 <?php
-$show_password_fields = apply_filters('show_password_fields', true);
-if ( $show_password_fields ) :
+	if ( is_wp_error($add_user_errors) ) {
+		foreach ( array('user_login' => 'user_login', 'first_name' => 'user_firstname', 'last_name' => 'user_lastname', 'email' => 'user_email', 'url' => 'user_uri', 'role' => 'user_role') as $formpost => $var ) {
+			$var = 'new_' . $var;
+			$$var = wp_specialchars(stripslashes($_POST[$formpost]));
+		}
+		unset($name);
+	}
 ?>
-    <tr>
-      <th scope="row"><?php _e('Password (twice)') ?> </th>
-      <td><input name="pass1" type="password" id="pass1" />
-      <br />
-      <input name="pass2" type="password" id="pass2" /></td>
-    </tr>
+
+<div class="wrap">
+<h2 id="add-new-user"><?php _e('Add New User') ?></h2>
+<?php echo '<p>'.sprintf(__('Users can <a href="%1$s">register themselves</a> or you can manually create users here.'), get_settings('siteurl').'/wp-register.php').'</p>'; ?>
+<form action="#add-new-user" method="post" name="adduser" id="adduser">
+<?php wp_nonce_field('add-user') ?>
+<table class="editform" width="100%" cellspacing="2" cellpadding="5">
+	<tr>
+		<th scope="row" width="33%"><?php _e('Nickname') ?><input name="action" type="hidden" id="action" value="adduser" /></th>
+		<td width="66%"><input name="user_login" type="text" id="user_login" value="<?php echo $new_user_login; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('First Name') ?> </th>
+		<td><input name="first_name" type="text" id="first_name" value="<?php echo $new_user_firstname; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Last Name') ?> </th>
+		<td><input name="last_name" type="text" id="last_name" value="<?php echo $new_user_lastname; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('E-mail') ?></th>
+		<td><input name="email" type="text" id="email" value="<?php echo $new_user_email; ?>" /></td>
+	</tr>
+	<tr>
+		<th scope="row"><?php _e('Website') ?></th>
+		<td><input name="url" type="text" id="url" value="<?php echo $new_user_uri; ?>" /></td>
+	</tr>
+
+<?php if ( apply_filters('show_password_fields', true) ) : ?>
+	<tr>
+		<th scope="row"><?php _e('Password (twice)') ?> </th>
+		<td><input name="pass1" type="password" id="pass1" />
+		<br />
+		<input name="pass2" type="password" id="pass2" /></td>
+	</tr>
+<?php endif; ?>
+
+	<tr>
+		<th scope="row"><?php _e('Role'); ?></th>
+		<td><select name="role" id="role">
+			<?php
+			if ( !$new_user_role )
+				$new_user_role = get_settings('default_role');
+			wp_dropdown_roles($new_user_role);
+			?>
+			</select>
+		</td>
+	</tr>
+</table>
+<p class="submit">
+	<?php echo $referer; ?>
+	<input name="adduser" type="submit" id="addusersub" value="<?php _e('Add User &raquo;') ?>" />
+</p>
+</form>
+
+<?php if ( is_wp_error( $add_user_errors ) ) : ?>
+	<div class="error">
+		<ul>
+		<?php
+			foreach ( $add_user_errors->get_error_messages() as $message )
+				echo "$message<br />";
+		?>
+		</ul>
+	</div>
 <?php endif; ?>
-    <tr>
-      <th scope="row"><?php _e('Role'); ?></th>
-      <td><select name="role" id="role"><?php wp_dropdown_roles( get_settings('default_role') ); ?></select></td>
-    </tr>
-  </table>
-  <p class="submit">
-    <input name="adduser" type="submit" id="addusersub" value="<?php _e('Add User &raquo;') ?>" />
-  </p>
-  </form>
 <div id="ajax-response"></div>
 </div>
-	<?php
 
+<?php
 break;
-}
+
+} // end of the $action switch
 
 include('admin-footer.php');
-?>
+?>
\ No newline at end of file
diff --git a/wp-admin/wp-admin.css b/wp-admin/wp-admin.css
index b73b73ec0..eb7052dd6 100644
--- a/wp-admin/wp-admin.css
+++ b/wp-admin/wp-admin.css
@@ -52,7 +52,7 @@ a.delete:hover {
 	font-size: 16px;
 }
 
-thead {
+thead, .thead {
 	background: #dfdfdf
 }
 
diff --git a/wp-includes/functions.php b/wp-includes/functions.php
index 17fcfbd10..e3dae435f 100644
--- a/wp-includes/functions.php
+++ b/wp-includes/functions.php
@@ -809,17 +809,24 @@ add_query_arg(associative_array, oldquery_or_uri)
 function add_query_arg() {
 	$ret = '';
 	if ( is_array(func_get_arg(0)) ) {
-		if ( @func_num_args() < 2 )
+		if ( @func_num_args() < 2 || '' == @func_get_arg(1) )
 			$uri = $_SERVER['REQUEST_URI'];
 		else
 			$uri = @func_get_arg(1);
 	} else {
-		if ( @func_num_args() < 3 )
+		if ( @func_num_args() < 3 || '' == @func_get_arg(2) )
 			$uri = $_SERVER['REQUEST_URI'];
 		else
 			$uri = @func_get_arg(2);
 	}
 
+	if ( preg_match('|^https?://|i', $uri, $matches) ) {
+		$protocol = $matches[0];
+		$uri = substr($uri, strlen($protocol));
+	} else {
+		$protocol = '';
+	}
+
 	if ( strstr($uri, '?') ) {
 		$parts = explode('?', $uri, 2);
 		if ( 1 == count($parts) ) {
@@ -829,8 +836,7 @@ function add_query_arg() {
 			$base = $parts[0] . '?';
 			$query = $parts[1];
 		}
-	}
-	else if ( strstr($uri, '/') ) {
+	} else if ( strstr($uri, '/') ) {
 		$base = $uri . '?';
 		$query = '';
 	} else {
@@ -853,11 +859,28 @@ function add_query_arg() {
 			$ret .= "$k=$v";
 		}
 	}
-	$ret = $base . $ret;
+	$ret = $protocol . $base . $ret;
+	if ( get_magic_quotes_gpc() )
+		$ret = stripslashes($ret); // parse_str() adds slashes if magicquotes is on.  See: http://php.net/parse_str
 	return trim($ret, '?');
 }
 
-function remove_query_arg($key, $query) {
+/*
+remove_query_arg: Returns a modified querystring by removing
+a single key or an array of keys.
+Omitting oldquery_or_uri uses the $_SERVER value.
+
+Parameters:
+remove_query_arg(removekey, [oldquery_or_uri]) or
+remove_query_arg(removekeyarray, [oldquery_or_uri])
+*/
+
+function remove_query_arg($key, $query='') {
+	if ( is_array($key) ) { // removing multiple keys
+		foreach ( (array) $key as $k )
+			$query = add_query_arg($k, '', $query);
+		return $query;
+	}
 	return add_query_arg($key, '', $query);
 }