diff options
| author | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-12 05:36:20 +0000 |
|---|---|---|
| committer | donncha <donncha@7be80a69-a1ef-0310-a953-fb0f7c49ff36> | 2007-10-12 05:36:20 +0000 |
| commit | 358eee66d74cd8ad22cf05be05dfd5d6d8e601be (patch) | |
| tree | 26303fa46b2fcef00534aaf9e28292de02381856 /wp-admin | |
| parent | 4c2a5729289e8786c9505d9842129be0dd167668 (diff) | |
| download | wordpress-mu-358eee66d74cd8ad22cf05be05dfd5d6d8e601be.tar.gz wordpress-mu-358eee66d74cd8ad22cf05be05dfd5d6d8e601be.tar.xz wordpress-mu-358eee66d74cd8ad22cf05be05dfd5d6d8e601be.zip | |
Added ; to line 142, fixes #442, thanks beaulebens
Move is_site_admin() checks to top of file
git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1066 7be80a69-a1ef-0310-a953-fb0f7c49ff36
Diffstat (limited to 'wp-admin')
| -rw-r--r-- | wp-admin/wpmu-edit.php | 72 |
1 files changed, 11 insertions, 61 deletions
diff --git a/wp-admin/wpmu-edit.php b/wp-admin/wpmu-edit.php index 1a7f868..be25f88 100644 --- a/wp-admin/wpmu-edit.php +++ b/wp-admin/wpmu-edit.php @@ -1,5 +1,8 @@ <?php require_once('admin.php'); +if( is_site_admin() == false ) { + die( __('<p>You do not have permission to access this page.</p>') ); +} do_action( "wpmuadminedit", "" ); @@ -9,9 +12,6 @@ if( isset( $_POST[ 'ref' ] ) == false && empty( $_SERVER[ 'HTTP_REFERER' ] ) == switch( $_REQUEST[ 'action' ] ) { case "siteoptions": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('siteoptions'); update_site_option( "WPLANG", $_POST[ 'WPLANG' ] ); @@ -93,11 +93,8 @@ switch( $_REQUEST[ 'action' ] ) { exit; break; case "adduser": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('add-user'); - + if( is_array( $_POST[ 'user' ] ) == true ) { $user = $_POST['user']; $password = generate_random_password(); @@ -110,15 +107,11 @@ switch( $_REQUEST[ 'action' ] ) { wp_redirect( add_query_arg( "updated", "useradded", $_SERVER[ 'HTTP_REFERER' ] ) ); die(); } - + break; case "addblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } - check_admin_referer('add-blog'); - + if( is_array( $_POST[ 'blog' ] ) == true ) { $blog = $_POST['blog']; $domain = strtolower( wp_specialchars( $blog['domain'] ) ); @@ -130,7 +123,7 @@ switch( $_REQUEST[ 'action' ] ) { $newdomain = $current_site->domain; $path = $base.$domain.'/'; } - + $user_id = email_exists($email); if( !$user_id ) { // I'm not sure what this check should be. $password = generate_random_password(); @@ -147,7 +140,7 @@ switch( $_REQUEST[ 'action' ] ) { $wpdb->show_errors(); if( !is_wp_error($blog_id) ) { if( get_user_option( $user_id, 'primary_blog' ) == 1 ) - update_user_option( $user_id, 'primary_blog', $blog_id, true ) + update_user_option( $user_id, 'primary_blog', $blog_id, true ); $content_mail = sprintf(__("New blog created by %1s\n\nAddress: http://%2s\nName: %3s"), $current_user->user_login , $newdomain.$path, wp_specialchars($blog['title']) ); @wp_mail( get_site_option('admin_email'), sprintf(__('[%s] New Blog Created'), $current_site->site_name), $content_mail, 'From: "Site Admin" <' . get_site_option( 'admin_email' ) . '>' ); wp_redirect( add_query_arg( "updated", "blogadded", $_SERVER[ 'HTTP_REFERER' ] ) ); @@ -156,12 +149,9 @@ switch( $_REQUEST[ 'action' ] ) { die( $blog_id->get_error_message() ); } } - + break; case "updateblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('editblog'); $options_table_name = $wpmuBaseTablePrefix . $id ."_options"; @@ -256,23 +246,13 @@ switch( $_REQUEST[ 'action' ] ) { wpmu_admin_do_redirect( "wpmu-blogs.php?action=editblog&id=".$id ); break; case "deleteblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('deleteblog'); if( $id != '0' && $id != '1' ) wpmu_delete_blog( $id, true ); - if( $_POST[ 'ref' ] ) { - wp_redirect( add_query_arg( "updated", "blogdeleted", $_POST[ 'ref' ] ) ); - } else { - wp_redirect( add_query_arg( "updated", "blogdeleted", $_SERVER[ 'HTTP_REFERER' ] ) ); - } + wp_redirect( add_query_arg( "updated", "blogdeleted", $_SERVER[ 'HTTP_REFERER' ] ) ); die(); break; case "allblogs": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('allblogs'); if( is_array( $_POST[ 'allblogs' ] ) ) { while( list( $key, $val ) = each( $_POST[ 'allblogs' ] ) ) { @@ -291,9 +271,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "archiveblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('archiveblog'); update_blog_status( $id, "archived", '1' ); do_action( "archive_blog", $id ); @@ -301,9 +278,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "unarchiveblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('unarchiveblog'); do_action( "unarchive_blog", $id ); update_blog_status( $id, "archived", '0' ); @@ -311,9 +285,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "activateblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('activateblog'); update_blog_status( $id, "deleted", '0' ); do_action( "activate_blog", $id ); @@ -321,9 +292,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "deactivateblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('deactivateblog'); do_action( "deactivate_blog", $id ); update_blog_status( $id, "deleted", '1' ); @@ -331,9 +299,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "unspamblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('unspamblog'); update_blog_status( $id, "spam", '0' ); do_action( "unspam_blog", $id ); @@ -341,28 +306,19 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "spamblog": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } check_admin_referer('spamblog'); - do_action( "make_spam_blog", $id ); update_blog_status( $id, "spam", '1' ); + do_action( 'make_spam_blog', $id ); wp_redirect( add_query_arg( "updated", "blogspam", $_POST[ 'ref' ] ) ); die(); break; case "mature": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } update_blog_status( $id, 'mature', '1' ); do_action( 'mature_blog', $id ); wp_redirect( add_query_arg( "updated", "blogmature", $_POST[ 'ref' ] ) ); die(); break; case "unmature": - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } update_blog_status( $id, 'mature', '0' ); do_action( 'unmature_blog', $id ); wp_redirect( add_query_arg( "updated", "blogunmature", $_POST[ 'ref' ] ) ); @@ -370,9 +326,6 @@ switch( $_REQUEST[ 'action' ] ) { break; case "updateuser": check_admin_referer('edituser'); - if( is_site_admin() == false ) { - die( __('<p>You do not have permission to access this page.</p>') ); - } unset( $_POST[ 'option' ][ 'ID' ] ); if( is_array( $_POST[ 'option' ] ) ) { while( list( $key, $val ) = each( $_POST[ 'option' ] ) ) { @@ -396,9 +349,6 @@ switch( $_REQUEST[ 'action' ] ) { die(); break; case "updatethemes": - if( is_site_admin() == false ) - die( __('<p>You do not have permission to access this page.</p>') ); - if( is_array( $_POST[ 'theme' ] ) ) { $themes = get_themes(); reset( $themes ); |