Use cap checks instead of multisite and super admin checks. Add some new caps. Merge cleanup. see #11644.

git-svn-id: http://svn.automattic.com/wordpress/trunk@12753 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
ryan 2010-01-18 22:21:36 +00:00
parent 8760e7da1b
commit f7d7bc2dd0
15 changed files with 137 additions and 112 deletions

View File

@ -198,9 +198,9 @@ if ( isset($plugin_page) ) {
require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); require_once(ABSPATH . 'wp-admin/includes/upgrade.php');
define('WP_IMPORTING', true); define('WP_IMPORTING', true);
if ( is_multisite() ) {
if ( is_multisite() )
kses_init_filters(); // Always filter imported data with kses. kses_init_filters(); // Always filter imported data with kses.
}
call_user_func($wp_importers[$importer][2]); call_user_func($wp_importers[$importer][2]);

View File

@ -369,6 +369,7 @@ function populate_roles() {
populate_roles_260(); populate_roles_260();
populate_roles_270(); populate_roles_270();
populate_roles_280(); populate_roles_280();
populate_roles_300();
} }
/** /**
@ -590,4 +591,19 @@ function populate_roles_280() {
} }
} }
/**
* Create and modify WordPress roles for WordPress 2.8.
*
* @since 2.8.0
*/
function populate_roles_300() {
$role =& get_role( 'administrator' );
if ( !empty( $role ) ) {
$role->add_cap( 'update_core' );
$role->add_cap( 'remove_user' );
$role->add_cap( 'remove_users' );
}
}
?> ?>

View File

@ -82,10 +82,10 @@ function find_core_update( $version, $locale ) {
} }
function core_update_footer( $msg = '' ) { function core_update_footer( $msg = '' ) {
if ( is_multisite() && !is_super_admin() ) if ( is_multisite() && !current_user_can('update_core') )
return false; return false;
if ( !current_user_can('manage_options') ) if ( !current_user_can('update_core') )
return sprintf( __( 'Version %s' ), $GLOBALS['wp_version'] ); return sprintf( __( 'Version %s' ), $GLOBALS['wp_version'] );
$cur = get_preferred_from_update_core(); $cur = get_preferred_from_update_core();
@ -104,10 +104,8 @@ function core_update_footer( $msg = '' ) {
break; break;
case 'upgrade' : case 'upgrade' :
if ( current_user_can('manage_options') ) { return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current);
return sprintf( '<strong>'.__( '<a href="%1$s">Get Version %2$s</a>' ).'</strong>', 'update-core.php', $cur->current); break;
break;
}
case 'latest' : case 'latest' :
default : default :
@ -118,7 +116,7 @@ function core_update_footer( $msg = '' ) {
add_filter( 'update_footer', 'core_update_footer' ); add_filter( 'update_footer', 'core_update_footer' );
function update_nag() { function update_nag() {
if ( is_multisite() && !is_super_admin() ) if ( is_multisite() && !current_user_can('update_core') )
return false; return false;
global $pagenow; global $pagenow;
@ -131,7 +129,7 @@ function update_nag() {
if ( ! isset( $cur->response ) || $cur->response != 'upgrade' ) if ( ! isset( $cur->response ) || $cur->response != 'upgrade' )
return false; return false;
if ( current_user_can('manage_options') ) if ( current_user_can('update_core') )
$msg = sprintf( __('WordPress %1$s is available! <a href="%2$s">Please update now</a>.'), $cur->current, 'update-core.php' ); $msg = sprintf( __('WordPress %1$s is available! <a href="%2$s">Please update now</a>.'), $cur->current, 'update-core.php' );
else else
$msg = sprintf( __('WordPress %1$s is available! Please notify the site administrator.'), $cur->current ); $msg = sprintf( __('WordPress %1$s is available! Please notify the site administrator.'), $cur->current );
@ -142,13 +140,13 @@ add_action( 'admin_notices', 'update_nag', 3 );
// Called directly from dashboard // Called directly from dashboard
function update_right_now_message() { function update_right_now_message() {
if ( is_multisite() && !is_super_admin() ) if ( is_multisite() && !current_user_can('update_core') )
return false; return false;
$cur = get_preferred_from_update_core(); $cur = get_preferred_from_update_core();
$msg = sprintf( __('You are using <span class="b">WordPress %s</span>.'), $GLOBALS['wp_version'] ); $msg = sprintf( __('You are using <span class="b">WordPress %s</span>.'), $GLOBALS['wp_version'] );
if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('manage_options') ) if ( isset( $cur->response ) && $cur->response == 'upgrade' && current_user_can('update_core') )
$msg .= " <a href='update-core.php' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>'; $msg .= " <a href='update-core.php' class='button'>" . sprintf( __('Update to %s'), $cur->current ? $cur->current : __( 'Latest' ) ) . '</a>';
echo "<span id='wp-version-message'>$msg</span>"; echo "<span id='wp-version-message'>$msg</span>";
@ -169,6 +167,9 @@ function get_plugin_updates() {
} }
function wp_plugin_update_rows() { function wp_plugin_update_rows() {
if ( !current_user_can('update_plugins' ) )
return;
$plugins = get_site_transient( 'update_plugins' ); $plugins = get_site_transient( 'update_plugins' );
if ( isset($plugins->response) && is_array($plugins->response) ) { if ( isset($plugins->response) && is_array($plugins->response) ) {
$plugins = array_keys( $plugins->response ); $plugins = array_keys( $plugins->response );
@ -205,10 +206,6 @@ function wp_plugin_update_row( $file, $plugin_data ) {
} }
function wp_update_plugin($plugin, $feedback = '') { function wp_update_plugin($plugin, $feedback = '') {
if ( is_multisite() && !is_super_admin() )
return false;
if ( !empty($feedback) ) if ( !empty($feedback) )
add_filter('update_feedback', $feedback); add_filter('update_feedback', $feedback);
@ -234,7 +231,6 @@ function get_theme_updates() {
} }
function wp_update_theme($theme, $feedback = '') { function wp_update_theme($theme, $feedback = '') {
if ( !empty($feedback) ) if ( !empty($feedback) )
add_filter('update_feedback', $feedback); add_filter('update_feedback', $feedback);
@ -245,7 +241,6 @@ function wp_update_theme($theme, $feedback = '') {
function wp_update_core($current, $feedback = '') { function wp_update_core($current, $feedback = '') {
if ( !empty($feedback) ) if ( !empty($feedback) )
add_filter('update_feedback', $feedback); add_filter('update_feedback', $feedback);
@ -260,7 +255,7 @@ function maintenance_nag() {
if ( ! isset( $upgrading ) ) if ( ! isset( $upgrading ) )
return false; return false;
if ( current_user_can('manage_options') ) if ( current_user_can('update_core') )
$msg = sprintf( __('An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.'), 'update-core.php' ); $msg = sprintf( __('An automated WordPress update has failed to complete - <a href="%s">please attempt the update again now</a>.'), 'update-core.php' );
else else
$msg = __('An automated WordPress update has failed to complete! Please notify the site administrator.'); $msg = __('An automated WordPress update has failed to complete! Please notify the site administrator.');

View File

@ -259,7 +259,7 @@ if ( !function_exists('wp_upgrade') ) :
* @return null * @return null
*/ */
function wp_upgrade() { function wp_upgrade() {
global $wp_current_db_version, $wp_db_version; global $wp_current_db_version, $wp_db_version, $wpdb;
$wp_current_db_version = __get_option('db_version'); $wp_current_db_version = __get_option('db_version');
@ -276,6 +276,14 @@ function wp_upgrade() {
make_db_current_silent(); make_db_current_silent();
upgrade_all(); upgrade_all();
wp_cache_flush(); wp_cache_flush();
if ( is_multisite() ) {
if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
$wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
} else {
$wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
}
}
} }
endif; endif;
@ -352,6 +360,9 @@ function upgrade_all() {
if ( $wp_current_db_version < 11958 ) if ( $wp_current_db_version < 11958 )
upgrade_290(); upgrade_290();
if ( $wp_current_db_version < 12751 )
upgrade_300();
maybe_disable_automattic_widgets(); maybe_disable_automattic_widgets();
update_option( 'db_version', $wp_db_version ); update_option( 'db_version', $wp_db_version );
@ -1006,6 +1017,14 @@ function upgrade_290() {
} }
} }
/**
* Execute changes made in WordPress 3.0.
*
* @since 3.0
*/
function upgrade_300() {
populate_roles_300();
}
// The functions we use to actually do stuff // The functions we use to actually do stuff

View File

@ -30,12 +30,12 @@ $menu[0] = array( __('Dashboard'), 'read', 'index.php', '', 'menu-top', 'menu-da
if ( is_multisite() && is_super_admin() ) { if ( is_multisite() && is_super_admin() ) {
$menu[1] = array( '', 'read', 'separator0', '', 'wp-menu-separator' ); $menu[1] = array( '', 'read', 'separator0', '', 'wp-menu-separator' );
$menu[2] = array(__('Site Admin'), '10', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div'); $menu[2] = array(__('Site Admin'), '10', 'ms-admin.php', '', 'menu-top menu-top-first', 'menu-site', 'div');
$submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'delete_users', 'ms-admin.php' ); $submenu[ 'ms-admin.php' ][1] = array( __('Admin'), 'super_admin', 'ms-admin.php' );
$submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'delete_users', 'ms-sites.php' ); $submenu[ 'ms-admin.php' ][5] = array( __('Blogs'), 'super_admin', 'ms-sites.php' );
$submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'delete_users', 'ms-users.php' ); $submenu[ 'ms-admin.php' ][10] = array( __('Users'), 'super_admin', 'ms-users.php' );
$submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'delete_users', 'ms-themes.php' ); $submenu[ 'ms-admin.php' ][20] = array( __('Themes'), 'super_admin', 'ms-themes.php' );
$submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'delete_users', 'ms-options.php' ); $submenu[ 'ms-admin.php' ][25] = array( __('Options'), 'super_admin', 'ms-options.php' );
$submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'delete_users', 'ms-upgrade-site.php' ); $submenu[ 'ms-admin.php' ][30] = array( __('Upgrade'), 'super_admin', 'ms-upgrade-site.php' );
} }
$menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' ); $menu[4] = array( '', 'read', 'separator1', '', 'wp-menu-separator' );
@ -105,8 +105,7 @@ $menu[60] = array( __('Appearance'), 'switch_themes', 'themes.php', '', 'menu-to
$submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php'); $submenu['themes.php'][5] = array(__('Themes'), 'switch_themes', 'themes.php');
if ( !is_multisite() ) if ( !is_multisite() )
$submenu['themes.php'][10] = array(__('Editor'), 'edit_themes', 'theme-editor.php'); $submenu['themes.php'][10] = array(__('Editor'), 'edit_themes', 'theme-editor.php');
if ( is_super_admin() ) $submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
$submenu['themes.php'][15] = array(__('Add New Themes'), 'install_themes', 'theme-install.php');
$update_plugins = get_site_transient( 'update_plugins' ); $update_plugins = get_site_transient( 'update_plugins' );
$update_count = 0; $update_count = 0;
@ -117,10 +116,8 @@ $menu_perms = get_site_option('menu_items', array());
if ( is_super_admin() || is_multisite() && $menu_perms['plugins'] ) { if ( is_super_admin() || is_multisite() && $menu_perms['plugins'] ) {
$menu[65] = array( sprintf( __('Plugins %s'), "<span class='update-plugins count-$update_count'><span class='plugin-count'>" . number_format_i18n($update_count) . "</span></span>" ), 'activate_plugins', 'plugins.php', '', 'menu-top', 'menu-plugins', 'div' ); $menu[65] = array( sprintf( __('Plugins %s'), "<span class='update-plugins count-$update_count'><span class='plugin-count'>" . number_format_i18n($update_count) . "</span></span>" ), 'activate_plugins', 'plugins.php', '', 'menu-top', 'menu-plugins', 'div' );
$submenu['plugins.php'][5] = array( __('Installed'), 'activate_plugins', 'plugins.php' ); $submenu['plugins.php'][5] = array( __('Installed'), 'activate_plugins', 'plugins.php' );
if ( is_super_admin() ) { /* translators: add new plugin */
/* translators: add new plugin */ $submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
$submenu['plugins.php'][10] = array(_x('Add New', 'plugin'), 'install_plugins', 'plugin-install.php');
}
if ( !is_multisite() ) if ( !is_multisite() )
$submenu['plugins.php'][15] = array( __('Editor'), 'edit_plugins', 'plugin-editor.php' ); $submenu['plugins.php'][15] = array( __('Editor'), 'edit_plugins', 'plugin-editor.php' );
} }

View File

@ -292,14 +292,17 @@ endfor;
</tr> </tr>
<?php do_settings_fields('general', 'default'); ?> <?php do_settings_fields('general', 'default'); ?>
<?php <?php
if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) )
while( ( $lang_file = readdir( $dh ) ) !== false ) $lang_files = array();
if ( is_multisite() && is_dir( ABSPATH . LANGDIR ) && $dh = opendir( ABSPATH . LANGDIR ) ) {
while ( ( $lang_file = readdir( $dh ) ) !== false ) {
if ( substr( $lang_file, -3 ) == '.mo' ) if ( substr( $lang_file, -3 ) == '.mo' )
$lang_files[] = $lang_file; $lang_files[] = $lang_file;
$lang = get_option('WPLANG'); }
}
if ( is_array($lang_files) && !empty($lang_files) ) { if ( !empty($lang_files) ) {
?> ?>
<tr valign="top"> <tr valign="top">
<th width="33%" scope="row"><?php _e('Blog language:') ?></th> <th width="33%" scope="row"><?php _e('Blog language:') ?></th>
<td> <td>
@ -308,7 +311,7 @@ if ( is_array($lang_files) && !empty($lang_files) ) {
</select> </select>
</td> </td>
</tr> </tr>
<?php <?php
} // languages } // languages
?> ?>
</table> </table>

View File

@ -118,11 +118,6 @@ default:
<?php wp_nonce_field('options-options') ?> <?php wp_nonce_field('options-options') ?>
<input type="hidden" name="action" value="update" /> <input type="hidden" name="action" value="update" />
<input type='hidden' name='option_page' value='options' /> <input type='hidden' name='option_page' value='options' />
<?php if ( is_multisite() ) { ?>
<p class="submit submit-top">
<input type="submit" name="Submit" value="<?php _e('Save Changes') ?>" class="button-primary" />
</p>
<?php } ?>
<table class="form-table"> <table class="form-table">
<?php <?php
$options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name"); $options = $wpdb->get_results("SELECT * FROM $wpdb->options ORDER BY option_name");

View File

@ -231,7 +231,7 @@ wp_enqueue_script('plugin-install');
add_thickbox(); add_thickbox();
$help = '<p>' . __('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.') . '</p>'; $help = '<p>' . __('Plugins extend and expand the functionality of WordPress. Once a plugin is installed, you may activate it or deactivate it here.') . '</p>';
if ( !is_multisite() || is_super_admin() ) { if ( current_user_can('edit_plugins') ) {
$help .= '<p>' . sprintf(__('If something goes wrong with a plugin and you can&#8217;t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), WP_PLUGIN_DIR) . '</p>'; $help .= '<p>' . sprintf(__('If something goes wrong with a plugin and you can&#8217;t use WordPress, delete or rename that file in the <code>%s</code> directory and it will be automatically deactivated.'), WP_PLUGIN_DIR) . '</p>';
$help .= '<p>' . sprintf(__('You can find additional plugins for your site by using the new <a href="%1$s">Plugin Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/plugins/">WordPress Plugin Directory</a> directly and installing manually. To <em>manually</em> install a plugin you generally just need to upload the plugin file into your <code>%2$s</code> directory. Once a plugin has been installed, you may activate it here.'), 'plugin-install.php', WP_PLUGIN_DIR) . '</p>'; $help .= '<p>' . sprintf(__('You can find additional plugins for your site by using the new <a href="%1$s">Plugin Browser/Installer</a> functionality or by browsing the <a href="http://wordpress.org/extend/plugins/">WordPress Plugin Directory</a> directly and installing manually. To <em>manually</em> install a plugin you generally just need to upload the plugin file into your <code>%2$s</code> directory. Once a plugin has been installed, you may activate it here.'), 'plugin-install.php', WP_PLUGIN_DIR) . '</p>';
} }
@ -284,7 +284,7 @@ if ( !empty($invalid) )
<div class="wrap"> <div class="wrap">
<?php screen_icon(); ?> <?php screen_icon(); ?>
<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2> <h2><?php echo esc_html( $title ); if ( current_user_can('install_plugins') ) { ?> <a href="plugin-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'plugin'); ?></a><?php } ?></h2>
<?php <?php
@ -325,9 +325,8 @@ foreach ( (array)$all_plugins as $plugin_file => $plugin_data) {
$upgrade_plugins[ $plugin_file ] = $plugin_data; $upgrade_plugins[ $plugin_file ] = $plugin_data;
} }
if ( is_multisite() && !is_super_admin() ) { if ( !current_user_can('update_plugins') )
$upgrade_plugins = false; $upgrade_plugins = array();
}
$total_all_plugins = count($all_plugins); $total_all_plugins = count($all_plugins);
$total_inactive_plugins = count($inactive_plugins); $total_inactive_plugins = count($inactive_plugins);

View File

@ -67,7 +67,7 @@ add_thickbox();
wp_enqueue_script( 'theme-preview' ); wp_enqueue_script( 'theme-preview' );
require_once('admin-header.php'); require_once('admin-header.php');
if ( is_multisite() && is_super_admin() ) { if ( is_multisite() && current_user_can('edit_themes') ) {
?><div id="message0" class="updated fade"><p><?php _e('Administrator: new themes must be activated in the <a href="wpmu-themes.php">Themes Admin</a> page before they appear here.'); ?></p></div><?php ?><div id="message0" class="updated fade"><p><?php _e('Administrator: new themes must be activated in the <a href="wpmu-themes.php">Themes Admin</a> page before they appear here.'); ?></p></div><?php
} }
?> ?>
@ -126,7 +126,7 @@ $themes = array_slice( $themes, $start, $per_page );
function theme_update_available( $theme ) { function theme_update_available( $theme ) {
static $themes_update; static $themes_update;
if ( is_multisite() && !is_super_admin() ) if ( !current_user_can('update_themes' ) )
return; return;
if ( !isset($themes_update) ) if ( !isset($themes_update) )
@ -159,7 +159,7 @@ function theme_update_available( $theme ) {
<div class="wrap"> <div class="wrap">
<?php screen_icon(); ?> <?php screen_icon(); ?>
<h2><?php echo esc_html( $title ); if ( !is_multisite() || is_super_admin() ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2> <h2><?php echo esc_html( $title ); if ( !current_user_can('install_themes') ) { ?> <a href="theme-install.php" class="button add-new-h2"><?php echo esc_html_x('Add New', 'theme'); ?></a><?php } ?></h2>
<h3><?php _e('Current Theme'); ?></h3> <h3><?php _e('Current Theme'); ?></h3>
<div id="current-theme"> <div id="current-theme">
@ -170,7 +170,7 @@ function theme_update_available( $theme ) {
/* translators: 1: theme title, 2: theme version, 3: theme author */ /* translators: 1: theme title, 2: theme version, 3: theme author */
printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h4> printf(__('%1$s %2$s by %3$s'), $ct->title, $ct->version, $ct->author) ; ?></h4>
<p class="theme-description"><?php echo $ct->description; ?></p> <p class="theme-description"><?php echo $ct->description; ?></p>
<?php if ( ( !is_multisite() || is_super_admin() ) && $ct->parent_theme ) { ?> <?php if ( current_user_can('edit_themes') && $ct->parent_theme ) { ?>
<p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ), $ct->title, $ct->parent_theme); ?></p> <p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ), $ct->title, $ct->parent_theme); ?></p>
<?php } else { ?> <?php } else { ?>
<p><?php printf(__('All of this theme&#8217;s files are located in <code>%2$s</code>.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ) ); ?></p> <p><?php printf(__('All of this theme&#8217;s files are located in <code>%2$s</code>.'), $ct->title, str_replace( WP_CONTENT_DIR, '', $ct->template_dir ), str_replace( WP_CONTENT_DIR, '', $ct->stylesheet_dir ) ); ?></p>
@ -265,7 +265,7 @@ foreach ( $cols as $col => $theme_name ) {
printf(__('%1$s %2$s by %3$s'), $title, $version, $author) ; ?></h3> printf(__('%1$s %2$s by %3$s'), $title, $version, $author) ; ?></h3>
<p class="description"><?php echo $description; ?></p> <p class="description"><?php echo $description; ?></p>
<span class='action-links'><?php echo $actions ?></span> <span class='action-links'><?php echo $actions ?></span>
<?php if ( ( !is_multisite() || is_super_admin() ) && $parent_theme ) { <?php if ( current_user_can('edit_themes') && $parent_theme ) {
/* translators: 1: theme title, 2: template dir, 3: stylesheet_dir, 4: theme title, 5: parent_theme */ ?> /* translators: 1: theme title, 2: template dir, 3: stylesheet_dir, 4: theme title, 5: parent_theme */ ?>
<p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $title, str_replace( WP_CONTENT_DIR, '', $template_dir ), str_replace( WP_CONTENT_DIR, '', $stylesheet_dir ), $title, $parent_theme); ?></p> <p><?php printf(__('The template files are located in <code>%2$s</code>. The stylesheet files are located in <code>%3$s</code>. <strong>%4$s</strong> uses templates from <strong>%5$s</strong>. Changes made to the templates will affect both themes.'), $title, str_replace( WP_CONTENT_DIR, '', $template_dir ), str_replace( WP_CONTENT_DIR, '', $stylesheet_dir ), $title, $parent_theme); ?></p>
<?php } else { ?> <?php } else { ?>
@ -298,7 +298,7 @@ foreach ( $cols as $col => $theme_name ) {
<?php <?php
// List broken themes, if any. // List broken themes, if any.
$broken_themes = get_broken_themes(); $broken_themes = get_broken_themes();
if ( ( !is_multisite() || is_super_admin() ) && count( $broken_themes ) ) { if ( current_user_can('edit_themes') && count( $broken_themes ) ) {
?> ?>
<h2><?php _e('Broken Themes'); ?> <?php if ( is_multisite() ) _e( '(Site admin only)' ); ?></h2> <h2><?php _e('Broken Themes'); ?> <?php if ( is_multisite() ) _e( '(Site admin only)' ); ?></h2>

View File

@ -85,11 +85,6 @@ switch ( $step ) :
$backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/'; $backto = !empty($_GET['backto']) ? stripslashes( urldecode( $_GET['backto'] ) ) : __get_option( 'home' ) . '/';
$backto = esc_url_raw( $backto ); $backto = esc_url_raw( $backto );
$backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/'); $backto = wp_validate_redirect($backto, __get_option( 'home' ) . '/');
if ( $wpdb->get_row( "SELECT blog_id FROM {$wpdb->blog_versions} WHERE blog_id = '{$wpdb->blogid}'" ) ) {
$wpdb->query( "UPDATE {$wpdb->blog_versions} SET db_version = '{$wp_db_version}' WHERE blog_id = '{$wpdb->blogid}'" );
} else {
$wpdb->query( "INSERT INTO {$wpdb->blog_versions} ( `blog_id` , `db_version` , `last_updated` ) VALUES ( '{$wpdb->blogid}', '{$wp_db_version}', NOW());" );
}
?> ?>
<h2><?php _e( 'Upgrade Complete' ); ?></h2> <h2><?php _e( 'Upgrade Complete' ); ?></h2>
<p><?php _e( 'Your WordPress database has been successfully upgraded!' ); ?></p> <p><?php _e( 'Your WordPress database has been successfully upgraded!' ); ?></p>

View File

@ -15,6 +15,10 @@ require_once( ABSPATH . WPINC . '/registration.php');
if ( !current_user_can('edit_users') ) if ( !current_user_can('edit_users') )
wp_die(__('Cheatin&#8217; uh?')); wp_die(__('Cheatin&#8217; uh?'));
$del_cap_type = 'remove';
if ( !is_multisite() && current_user_can('delete_users') )
$del_cap_type = 'delete';
$title = __('Users'); $title = __('Users');
$parent_file = 'users.php'; $parent_file = 'users.php';
@ -43,22 +47,22 @@ switch ($doaction) {
case 'promote': case 'promote':
check_admin_referer('bulk-users'); check_admin_referer('bulk-users');
if (empty($_REQUEST['users'])) { if ( empty($_REQUEST['users']) ) {
wp_redirect($redirect); wp_redirect($redirect);
exit(); exit();
} }
$editable_roles = get_editable_roles(); $editable_roles = get_editable_roles();
if (!$editable_roles[$_REQUEST['new_role']]) if ( !$editable_roles[$_REQUEST['new_role']] )
wp_die(__('You can&#8217;t give users that role.')); wp_die(__('You can&#8217;t give users that role.'));
$userids = $_REQUEST['users']; $userids = $_REQUEST['users'];
$update = 'promote'; $update = 'promote';
foreach($userids as $id) { foreach ( $userids as $id ) {
if ( ! current_user_can('edit_user', $id) ) if ( ! current_user_can('edit_user', $id) )
wp_die(__('You can&#8217;t edit that user.')); wp_die(__('You can&#8217;t edit that user.'));
// The new role of the current user must also have edit_users caps // The new role of the current user must also have edit_users caps
if($id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users')) { if ( $id == $current_user->ID && !$wp_roles->role_objects[$_REQUEST['new_role']]->has_cap('edit_users') ) {
$update = 'err_admin_role'; $update = 'err_admin_role';
continue; continue;
} }
@ -81,7 +85,7 @@ case 'dodelete':
exit(); exit();
} }
if ( !current_user_can('delete_users') ) if ( !current_user_can($del_cap_type . '_users') )
wp_die(__('You can&#8217;t delete users.')); wp_die(__('You can&#8217;t delete users.'));
$userids = $_REQUEST['users']; $userids = $_REQUEST['users'];
@ -89,27 +93,25 @@ case 'dodelete':
$delete_count = 0; $delete_count = 0;
foreach ( (array) $userids as $id) { foreach ( (array) $userids as $id) {
if ( ! current_user_can('delete_user', $id) ) if ( ! current_user_can($del_cap_type . '_user', $id) )
wp_die(__('You can&#8217;t delete that user.')); wp_die(__('You can&#8217;t delete that user.'));
if ($id == $current_user->ID) { if ( $id == $current_user->ID ) {
$update = 'err_admin_del'; $update = 'err_admin_del';
continue; continue;
} }
switch($_REQUEST['delete_option']) { switch ( $_REQUEST['delete_option'] ) {
case 'delete': case 'delete':
if ( !is_multisite() ) { if ( !is_multisite() && current_user_can('delete_user', $id) )
wp_delete_user($id); wp_delete_user($id);
} else { else
remove_user_from_blog($id, $blog_id); // WPMU only remove user from blog remove_user_from_blog($id, $blog_id); // WPMU only remove user from blog
}
break; break;
case 'reassign': case 'reassign':
if ( !is_multisite() ) { if ( !is_multisite() && current_user_can('delete_user', $id) )
wp_delete_user($id, $_REQUEST['reassign_user']); wp_delete_user($id, $_REQUEST['reassign_user']);
} else { else
remove_user_from_blog($id, $blog_id, $_REQUEST['reassign_user']); remove_user_from_blog($id, $blog_id, $_REQUEST['reassign_user']);
}
break; break;
} }
++$delete_count; ++$delete_count;
@ -130,7 +132,7 @@ case 'delete':
exit(); exit();
} }
if ( !current_user_can('delete_users') ) if ( !current_user_can($del_cap_type . '_users') )
$errors = new WP_Error('edit_users', __('You can&#8217;t delete users.')); $errors = new WP_Error('edit_users', __('You can&#8217;t delete users.'));
if ( empty($_REQUEST['users']) ) if ( empty($_REQUEST['users']) )

View File

@ -717,6 +717,10 @@ class WP_User {
$cap = $this->translate_level_to_cap( $cap ); $cap = $this->translate_level_to_cap( $cap );
} }
// Multisite super admin has all caps by definition.
if ( is_multisite() && is_super_admin() )
return true;
$args = array_slice( func_get_args(), 1 ); $args = array_slice( func_get_args(), 1 );
$args = array_merge( array( $cap, $this->ID ), $args ); $args = array_merge( array( $cap, $this->ID ), $args );
$caps = call_user_func_array( 'map_meta_cap', $args ); $caps = call_user_func_array( 'map_meta_cap', $args );
@ -962,6 +966,9 @@ function map_meta_cap( $cap, $user_id ) {
case 'update_themes': case 'update_themes':
case 'install_themes': case 'install_themes':
case 'edit_themes': case 'edit_themes':
case 'update_core':
case 'delete_user':
case 'delete_users':
// If multisite these caps are allowed only for super admins. // If multisite these caps are allowed only for super admins.
if ( is_multisite() && !is_super_admin() ) if ( is_multisite() && !is_super_admin() )
$caps[] = 'do_not_allow'; $caps[] = 'do_not_allow';

View File

@ -3251,12 +3251,10 @@ function wp_get_attachment_url( $post_id = 0 ) {
if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] ) { //Get upload directory if ( ($uploads = wp_upload_dir()) && false === $uploads['error'] ) { //Get upload directory
if ( 0 === strpos($file, $uploads['basedir']) ) //Check that the upload base exists in the file location if ( 0 === strpos($file, $uploads['basedir']) ) //Check that the upload base exists in the file location
$url = str_replace($uploads['basedir'], $uploads['baseurl'], $file); //replace file location with url location $url = str_replace($uploads['basedir'], $uploads['baseurl'], $file); //replace file location with url location
elseif ( !is_multisite() ) { elseif ( false !== strpos($file, 'wp-content/uploads') )
if ( false !== strpos($file, 'wp-content/uploads') ) $url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 );
$url = $uploads['baseurl'] . substr( $file, strpos($file, 'wp-content/uploads') + 18 ); else
else $url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
$url = $uploads['baseurl'] . "/$file"; //Its a newly uploaded file, therefor $file is relative to the basedir.
}
} }
} }

View File

@ -15,7 +15,7 @@ $wp_version = '3.0-alpha';
* *
* @global int $wp_db_version * @global int $wp_db_version
*/ */
$wp_db_version = 12329; $wp_db_version = 12751;
/** /**
* Holds the TinyMCE version * Holds the TinyMCE version

View File

@ -370,14 +370,13 @@ class wpdb {
if ( WP_DEBUG ) if ( WP_DEBUG )
$this->show_errors(); $this->show_errors();
if( is_multisite() ) { if ( is_multisite() ) {
$this->charset = 'utf8'; $this->charset = 'utf8';
if( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' ) { if ( defined( 'DB_COLLATE' ) && constant( 'DB_COLLATE' ) != '' )
$this->collate = constant( 'DB_COLLATE' ); $this->collate = constant( 'DB_COLLATE' );
} else { else
$this->collate = 'utf8_general_ci'; $this->collate = 'utf8_general_ci';
} }
}
if ( defined('DB_CHARSET') ) if ( defined('DB_CHARSET') )
$this->charset = DB_CHARSET; $this->charset = DB_CHARSET;
@ -446,12 +445,12 @@ class wpdb {
if ( preg_match('|[^a-z0-9_]|i', $prefix) ) if ( preg_match('|[^a-z0-9_]|i', $prefix) )
return new WP_Error('invalid_db_prefix', /*WP_I18N_DB_BAD_PREFIX*/'Invalid database prefix'/*/WP_I18N_DB_BAD_PREFIX*/); return new WP_Error('invalid_db_prefix', /*WP_I18N_DB_BAD_PREFIX*/'Invalid database prefix'/*/WP_I18N_DB_BAD_PREFIX*/);
if( is_multisite() ) { if ( is_multisite() )
$old_prefix = ''; $old_prefix = '';
} else { else
$old_prefix = $prefix; $old_prefix = $prefix;
}
if( isset( $this->base_prefix ) ) if ( isset( $this->base_prefix ) )
$old_prefix = $this->base_prefix; $old_prefix = $this->base_prefix;
$this->base_prefix = $prefix; $this->base_prefix = $prefix;
foreach ( $this->global_tables as $table ) foreach ( $this->global_tables as $table )
@ -664,22 +663,22 @@ class wpdb {
if ( !$this->show_errors ) if ( !$this->show_errors )
return false; return false;
// If there is an error then take note of it // If there is an error then take note of it
if( is_multisite() ) { if ( is_multisite() ) {
$msg = "WordPress database error: [$str]\n{$this->last_query}\n"; $msg = "WordPress database error: [$str]\n{$this->last_query}\n";
if( defined( 'ERRORLOGFILE' ) ) if ( defined( 'ERRORLOGFILE' ) )
error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) ); error_log( $msg, 3, CONSTANT( 'ERRORLOGFILE' ) );
if( defined( 'DIEONDBERROR' ) ) if ( defined( 'DIEONDBERROR' ) )
die( $msg ); die( $msg );
} else { } else {
$str = htmlspecialchars($str, ENT_QUOTES); $str = htmlspecialchars($str, ENT_QUOTES);
$query = htmlspecialchars($this->last_query, ENT_QUOTES); $query = htmlspecialchars($this->last_query, ENT_QUOTES);
print "<div id='error'> print "<div id='error'>
<p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br /> <p class='wpdberror'><strong>WordPress database error:</strong> [$str]<br />
<code>$query</code></p> <code>$query</code></p>
</div>"; </div>";
} }
} }
/** /**
@ -739,10 +738,10 @@ class wpdb {
function db_connect( $query = "SELECT" ) { function db_connect( $query = "SELECT" ) {
global $db_list, $global_db_list; global $db_list, $global_db_list;
if( is_array( $db_list ) == false ) if ( is_array( $db_list ) == false )
return true; return true;
if( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) { if ( $this->blogs != '' && preg_match("/(" . $this->blogs . "|" . $this->users . "|" . $this->usermeta . "|" . $this->site . "|" . $this->sitemeta . "|" . $this->sitecategories . ")/i",$query) ) {
$action = 'global'; $action = 'global';
$details = $global_db_list[ mt_rand( 0, count( $global_db_list ) -1 ) ]; $details = $global_db_list[ mt_rand( 0, count( $global_db_list ) -1 ) ];
$this->db_global = $details; $this->db_global = $details;