diff options
-rw-r--r-- | wp-admin/wpmu-admin.php | 14 | ||||
-rw-r--r-- | wp-admin/wpmu-blogs.php | 104 | ||||
-rw-r--r-- | wp-admin/wpmu-edit.php | 74 | ||||
-rw-r--r-- | wp-admin/wpmu-options.php | 34 | ||||
-rw-r--r-- | wp-admin/wpmu-themes.php | 6 | ||||
-rw-r--r-- | wp-admin/wpmu-upgrade-site.php | 4 | ||||
-rw-r--r-- | wp-admin/wpmu-users.php | 39 |
7 files changed, 143 insertions, 132 deletions
diff --git a/wp-admin/wpmu-admin.php b/wp-admin/wpmu-admin.php index 61da08d..111ff49 100644 --- a/wp-admin/wpmu-admin.php +++ b/wp-admin/wpmu-admin.php @@ -27,19 +27,19 @@ $sentence = sprintf( __( 'You have %1$s and %2$s.' ), $blog_text, $user_text ); <div class="wrap"> <h2><?php _e('WordPress MU : Admin') ?></h2> - + <div id="rightnow"> <h3 class="reallynow"> <span><?php _e('Right Now'); ?></span> - + <a href="wpmu-blogs.php#form-add-blog" class="rbutton"><strong><?php _e('Create a New Blog'); ?></strong></a> <a href="wpmu-users.php#form-add-user" class="rbutton"><?php _e('Create a New User'); ?></a> <br class="clear" /> </h3> - - <p class="youhave"><?php echo $sentence; ?></p> + + <p class="youhave"><?php echo $sentence; ?></p> <?php do_action('wpmuadminresult', ''); ?> - + <form name="searchform" action="wpmu-users.php" method="get"> <p> <input type="hidden" name="action" value="users" /> @@ -47,7 +47,7 @@ $sentence = sprintf( __( 'You have %1$s and %2$s.' ), $blog_text, $user_text ); <input class="button" type="submit" name="submit" value="<?php _e("Search Users »"); ?>" /> </p> </form> - + <form name="searchform" action="wpmu-blogs.php" method="get"> <p> <input type="hidden" name="action" value="blogs" /> @@ -55,7 +55,7 @@ $sentence = sprintf( __( 'You have %1$s and %2$s.' ), $blog_text, $user_text ); <input class="button" type="submit" name="blog_name" value="<?php _e("Search Blogs »"); ?>" /> </p> </form> - + <?php do_action( 'mu_rightnow_end' ); ?> <?php do_action( 'mu_activity_box_end' ); ?> </div><!-- rightnow --> diff --git a/wp-admin/wpmu-blogs.php b/wp-admin/wpmu-blogs.php index 48a84e4..4a22634 100644 --- a/wp-admin/wpmu-blogs.php +++ b/wp-admin/wpmu-blogs.php @@ -73,7 +73,7 @@ switch( $_GET['action'] ) { $editblog_roles = get_blog_option( $id, "{$wpdb->base_prefix}{$id}_user_roles" ); ?> <div class="wrap"> - <h2><?php _e('Edit Blog'); ?> - <a href='http://<?php echo $details['domain'].$details['path']; ?>'><?php echo $details['domain'].$details['path']; ?></a></h2> + <h2><?php _e('Edit Blog'); ?> - <a href='http://<?php echo $details['domain'].$details['path']; ?>'><?php echo $details['domain'].$details['path']; ?></a></h2> <form method="post" action="wpmu-edit.php?action=updateblog"> <?php wp_nonce_field('editblog'); ?> <input type="hidden" name="id" value="<?php echo $id ?>" /> @@ -136,7 +136,7 @@ switch( $_GET['action'] ) { </td> </tr> </table> - + <h3><?php printf( __('Blog options (wp_%s_options)'), $id ); ?></h3> <table class="form-table"> <?php @@ -189,23 +189,23 @@ switch( $_GET['action'] ) { foreach( $themes as $key => $theme ) { $theme_key = wp_specialchars( $theme['Stylesheet'] ); if( isset($allowed_themes[$theme_key] ) == false ) { - $checked = ( isset($blog_allowed_themes[ $theme_key ]) ) ? 'checked="checked"' : ''; - $out .= '<tr class="form-field form-required"> + $checked = ( isset($blog_allowed_themes[ $theme_key ]) ) ? 'checked="checked"' : ''; + $out .= '<tr class="form-field form-required"> <th title="'.htmlspecialchars( $theme["Description"] ).'" scope="row">'.$key.'</th> <td><input name="theme['.$theme_key.']" type="checkbox" value="on" '.$checked.'/></td> </tr>'; } } - - + + if( $out != '' ) { echo "<h3>" . __('Blog Themes') . "</h3>"; - echo '<table class="form-table">'; + echo '<table class="form-table">'; echo '<tr class=""><th>' . __('Theme') . '</th><th>' . __('Enable') . '</th></tr>'; echo $out; echo "</table>"; } - + // Blog users $blogusers = get_users_of_blog( $id ); echo '<h3>' . __('Blog Users') . '</h3>'; @@ -244,7 +244,7 @@ switch( $_GET['action'] ) { } echo "</table>"; } - + // New blog user echo "<h3>" . __('Add a new user') . "</h3>"; ?> <p><?php _e('As you type WordPress will offer you a choice of usernames.<br /> Click them to select and hit <em>Update Options</em> to add the user.') ?></p> @@ -269,14 +269,14 @@ switch( $_GET['action'] ) { </td> </tr> </table> - + <h3><?php _e('Misc Blog Actions') ?></h3> <table class="form-table"> <?php do_action( 'wpmueditblogaction', $id ); ?> </table> - + <p class="submit"> - <input type="submit" name="Submit" value="<?php _e('Update Options »') ?>" /></p> + <input type="submit" name="Submit" value="<?php _e('Update Options »') ?>" /></p> </td> </tr> </table> @@ -284,16 +284,16 @@ switch( $_GET['action'] ) { </div> <?php break; - + // List blogs default: $apage = isset( $_GET['apage'] ) ? intval( $_GET['apage'] ) : 1; $num = isset( $_GET['num'] ) ? intval( $_GET['num'] ) : 15; - + $s = wp_specialchars( trim( $_GET[ 's' ] ) ); + $query = "SELECT * FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' "; - + if( isset($_GET['blog_name']) ) { - $s = trim($_GET['s']); $query = "SELECT blog_id, {$wpdb->blogs}.domain, {$wpdb->blogs}.path, registered, last_updated FROM {$wpdb->blogs}, {$wpdb->site} WHERE site_id = '{$wpdb->siteid}' @@ -309,13 +309,13 @@ switch( $_GET['action'] ) { FROM {$wpdb->blogs}, {$wpdb->registration_log} WHERE site_id = '{$wpdb->siteid}' AND {$wpdb->blogs}.blog_id = {$wpdb->registration_log}.blog_id - AND {$wpdb->registration_log}.IP LIKE ('%".$_GET['s']."%')"; + AND {$wpdb->registration_log}.IP LIKE ('%{$s}%')"; } - + if( isset( $_GET['sortby'] ) == false ) { $_GET['sortby'] = 'id'; } - + if( $_GET['sortby'] == 'registered' ) { $query .= ' ORDER BY registered '; } elseif( $_GET['sortby'] == 'id' ) { @@ -327,20 +327,25 @@ switch( $_GET['action'] ) { } $query .= ( $_GET['order'] == 'DESC' ) ? 'DESC' : 'ASC'; - + if( !empty($_GET['s']) ) { - $blog_list = $wpdb->get_results( $query, ARRAY_A ); - $total = count($blog_list); + $blog_list = $wpdb->get_results( $query, ARRAY_A ); + $total = count($blog_list); } else { - $total = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' "); + $total = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' "); } - + $query .= " LIMIT " . intval( ( $apage - 1 ) * $num) . ", " . intval( $num ); - - $blog_list = $wpdb->get_results( $query, ARRAY_A ); + + $blog_list = $wpdb->get_results( $query, ARRAY_A ); // Pagination - $url2 = "&order=" . $_GET['order'] . "&sortby=" . $_GET['sortby'] . "&s=" . $_GET['s'] . "&ip_address=" . $_GET['ip_address']; + $url2 = "&order=" . $_GET['order'] . "&sortby=" . $_GET['sortby'] . "&s="; + if( $_GET[ 'blog_ip' ] ) { + $url2 .= "&ip_address=" . urlencode( $s ); + } else { + $url2 .= $s . "&ip_address=" . urlencode( $s ); + } $blog_navigation = paginate_links( array( 'base' => add_query_arg( 'apage', '%#%' ).$url2, 'format' => '', @@ -351,19 +356,19 @@ switch( $_GET['action'] ) { <div class="wrap" style="position:relative;"> <h2><?php _e('Blogs') ?></h2> - + <form id="searchform" action="wpmu-blogs.php" method="get" style="position:absolute;right:0;top:0;"> - <input type="hidden" name="action" value="blogs" /> - <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo stripslashes(wp_specialchars($_GET['s'], 1)); ?>" size="17" /> + <input type="hidden" name="action" value="blogs" /> + <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo stripslashes($s); ?>" size="17" /> <input type="submit" class="button" name="blog_name" value="<?php _e('Search blogs by name') ?>" /> - <input type="submit" class="button" name="blog_id" value="<?php _e('by blog ID') ?>" /> - <input type="submit" class="button" name="blog_ip" value="<?php _e('by IP address') ?>" /> + <input type="submit" class="button" name="blog_id" value="<?php _e('by blog ID') ?>" /> + <input type="submit" class="button" name="blog_ip" value="<?php _e('by IP address') ?>" /> </form> - + <form id="form-blog-list" action="wpmu-edit.php?action=allblogs" method="post"> - + <div class="tablenav"> - <?php if ( $blog_navigation ) echo "<div class='tablenav-pages'>$blog_navigation</div>"; ?> + <?php if ( $blog_navigation ) echo "<div class='tablenav-pages'>$blog_navigation</div>"; ?> <div class="alignleft"> <input type="submit" value="<?php _e('Delete') ?>" name="allblog_delete" class="button-secondary delete" /> @@ -375,10 +380,10 @@ switch( $_GET['action'] ) { </div> <br class="clear" /> - + <?php if( isset($_GET['s']) && !empty($_GET['s']) ) : ?> - <p><a href="wpmu-users.php?action=users&s=<?php echo stripslashes(wp_specialchars($_GET['s'], 1)) ?>"><?php _e('Search Users:') ?> <strong><?php echo stripslashes(wp_specialchars($_GET['s'], 1)); ?></strong></a></p> - <?php endif; ?> + <p><a href="wpmu-users.php?action=users&s=<?php echo urlencode( stripslashes( $s ) ) ?>"><?php _e('Search Users:') ?> <strong><?php echo stripslashes( $s ); ?></strong></a></p> + <?php endif; ?> <?php // define the columns to display, the syntax is 'internal name' => 'display name' @@ -401,9 +406,14 @@ switch( $_GET['action'] ) { $posts_columns['control_spam'] = ''; $posts_columns['control_delete'] = ''; - $sortby_url = "s=" . $_GET['s'] . "&ip_address=" . $_GET['ip_address']; + $sortby_url = "s="; + if( $_GET[ 'blog_ip' ] ) { + $sortby_url .= "&ip_address=" . urlencode( $s ); + } else { + $sortby_url .= urlencode( $s ) . "&ip_address=" . urlencode( $s ); + } ?> - + <table width="100%" cellpadding="3" cellspacing="3" class="widefat"> <thead> <tr> @@ -414,7 +424,7 @@ switch( $_GET['action'] ) { $column_link .= $_GET[ 'order' ] == 'DESC' ? 'order=ASC&' : 'order=DESC&'; } $column_link .= "apage={$apage}'>{$column_display_name}</a>"; - + $col_url = ($column_id == 'users' || $column_id == 'plugins') ? $column_display_name : $column_link; ?> <th scope="col"><?php echo $col_url ?></th> @@ -429,7 +439,7 @@ switch( $_GET['action'] ) { foreach ($blog_list as $blog) { $class = ('alternate' == $class) ? '' : 'alternate'; reset( $status_list ); - + $bgcolour = ""; foreach ( $status_list as $status => $col ) { if( get_blog_status( $blog['blog_id'], $status ) == 1 ) { @@ -437,7 +447,7 @@ switch( $_GET['action'] ) { } } echo "<tr $bgcolour class='$class'>"; - + $blogname = ( constant( "VHOST" ) == 'yes' ) ? str_replace('.'.$current_site->domain, '', $blog['domain']) : $blog['path']; foreach( $posts_columns as $column_name=>$column_display_name ) { switch($column_name) { @@ -570,15 +580,15 @@ switch( $_GET['action'] ) { </tbody> </table> - </form> + </form> </div> - + <div class="wrap"> <h2><?php _e('Add Blog') ?></h2> <form method="post" action="wpmu-edit.php?action=addblog"> <?php wp_nonce_field('add-blog') ?> <table class="form-table"> - <tr class="form-field form-required"> + <tr class="form-field form-required"> <th style="text-align:center;" scope='row'><?php _e('Blog Address') ?></th> <td> <?php if( constant( "VHOST" ) == 'yes' ) : ?> @@ -592,7 +602,7 @@ switch( $_GET['action'] ) { <th style="text-align:center;" scope='row'><?php _e('Blog Title') ?></th> <td><input name="blog[title]" type="text" size="20" title="<?php _e('Title') ?>"/></td> </tr> - <tr class="form-field form-required"> + <tr class="form-field form-required"> <th style="text-align:center;" scope='row'><?php _e('Admin Email') ?></th> <td><input name="blog[email]" type="text" size="20" title="<?php _e('Email') ?>"/></td> </tr> diff --git a/wp-admin/wpmu-edit.php b/wp-admin/wpmu-edit.php index 26293d1..173286f 100644 --- a/wp-admin/wpmu-edit.php +++ b/wp-admin/wpmu-edit.php @@ -24,18 +24,18 @@ switch( $_GET['action'] ) { wp_die( __("You probably need to go back to the <a href='wpmu-options.php'>options page</a>") ); update_site_option( "WPLANG", $_POST['WPLANG'] ); - + if( is_email( $_POST['admin_email'] ) ) update_site_option( "admin_email", $_POST['admin_email'] ); - $illegal_names = split( ' ', $_POST['illegal_names'] ); + $illegal_names = split( ' ', $_POST['illegal_names'] ); foreach( (array) $illegal_names as $name ) { $name = trim( $name ); if( $name != '' ) $names[] = trim( $name ); } update_site_option( "illegal_names", $names ); - + update_site_option( "registration", $_POST['registration'] ); update_site_option( "registrationnotification", $_POST['registrationnotification'] ); @@ -49,7 +49,7 @@ switch( $_GET['action'] ) { } else { update_site_option( "limited_email_domains", '' ); } - + if( $_POST['banned_email_domains'] != '' ) { $banned_email_domains = split( "\n", stripslashes( $_POST[ 'banned_email_domains' ] ) ); foreach( (array) $banned_email_domains as $domain ) { @@ -59,7 +59,7 @@ switch( $_GET['action'] ) { } else { update_site_option( "banned_email_domains", '' ); } - + update_site_option( "menu_items", $_POST['menu_items'] ); update_site_option( "blog_upload_space", $_POST['blog_upload_space'] ); update_site_option( "upload_filetypes", $_POST['upload_filetypes'] ); @@ -67,7 +67,7 @@ switch( $_GET['action'] ) { update_site_option( "first_post", $_POST['first_post'] ); update_site_option( "welcome_email", $_POST['welcome_email'] ); update_site_option( "fileupload_maxk", $_POST['fileupload_maxk'] ); - + $site_admins = explode( ' ', str_replace( ",", " ", $_POST['site_admins'] ) ); if ( is_array( $site_admins ) ) { $mainblog_id = $wpdb->get_var( "SELECT blog_id FROM {$wpdb->blogs} WHERE domain='{$current_site->domain}' AND path='{$current_site->path}'" ); @@ -88,7 +88,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( "updated", "true", $_SERVER['HTTP_REFERER'] ) ); exit(); break; - + // Blogs case "addblog": check_admin_referer('add-blog'); @@ -97,12 +97,12 @@ switch( $_GET['action'] ) { $domain = strtolower( wp_specialchars( $blog['domain'] ) ); $email = wp_specialchars( $blog['email'] ); $title = stripslashes( wp_specialchars( $blog['title'] ) ); - + if ( empty($domain) || empty($email)) wp_die( __('Missing blog address or email address.') ); if( !is_email( $email ) ) wp_die( __('Invalid email address') ); - + if( constant('VHOST') == 'yes' ) { $newdomain = $domain.".".$current_site->domain; $path = $base; @@ -136,7 +136,7 @@ switch( $_GET['action'] ) { wp_die( $blog_id->get_error_message() ); } break; - + case "updateblog": check_admin_referer('editblog'); if( empty( $_POST ) ) @@ -148,7 +148,7 @@ switch( $_GET['action'] ) { } else { $_POST['option']['allowedthemes'] = ''; } - + if( is_array( $_POST['option'] ) ) { $c = 1; $count = count( $_POST['option'] ); @@ -164,10 +164,10 @@ switch( $_GET['action'] ) { if( get_blog_option( $id, 'siteurl' ) != 'http://' . $_POST['blog']['domain'] . $_POST['blog']['path'] ) update_blog_option( $id, 'siteurl', 'http://' . $_POST['blog']['domain'] . $_POST['blog']['path'] ); - + if( get_blog_option( $id, 'home' ) != 'http://' . $_POST['blog']['domain'] . $_POST['blog']['path'] ) update_blog_option( $id, 'home', 'http://' . $_POST['blog']['domain'] . $_POST['blog']['path'] ); - + // update blogs table $result = $wpdb->query("UPDATE {$wpdb->blogs} SET domain = '".$_POST['blog']['domain']."', @@ -179,9 +179,9 @@ switch( $_GET['action'] ) { deleted = '".$_POST['blog']['deleted']."', spam = '".$_POST['blog']['spam']."' WHERE blog_id = '$id'"); - + update_blog_status( $id, 'spam', $_POST['blog']['spam'] ); - + // user roles if( is_array( $_POST['role'] ) == true ) { $newroles = $_POST['role']; @@ -242,16 +242,16 @@ switch( $_GET['action'] ) { } wpmu_admin_do_redirect( "wpmu-blogs.php?action=editblog&updated=true&id=".$id ); break; - + case "deleteblog": check_admin_referer('deleteblog'); if( $id != '0' && $id != '1' ) wpmu_delete_blog( $id, true ); - + wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'delete'), $_POST[ 'ref' ] ) ); exit(); break; - + case "allblogs": check_admin_referer('allblogs'); foreach ( (array) $_POST['allblogs'] as $key => $val ) { @@ -274,7 +274,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => $blogfunction), $_SERVER['HTTP_REFERER'] ) ); exit(); break; - + case "archiveblog": check_admin_referer('archiveblog'); update_blog_status( $id, "archived", '1' ); @@ -282,7 +282,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'archive'), $_POST['ref'] ) ); exit(); break; - + case "unarchiveblog": check_admin_referer('unarchiveblog'); do_action( "unarchive_blog", $id ); @@ -290,7 +290,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unarchive'), $_POST['ref'] ) ); exit(); break; - + case "activateblog": check_admin_referer('activateblog'); update_blog_status( $id, "deleted", '0' ); @@ -298,7 +298,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( "updated", array('updated' => 'true', 'action' => 'activate'), $_POST['ref'] ) ); exit(); break; - + case "deactivateblog": check_admin_referer('deactivateblog'); do_action( "deactivate_blog", $id ); @@ -306,7 +306,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'deactivate'), $_POST['ref'] ) ); exit(); break; - + case "unspamblog": check_admin_referer('unspamblog'); update_blog_status( $id, "spam", '0' ); @@ -314,7 +314,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'unspam'), $_POST['ref'] ) ); exit(); break; - + case "spamblog": check_admin_referer('spamblog'); update_blog_status( $id, "spam", '1' ); @@ -322,22 +322,22 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'spam'), $_POST['ref'] ) ); exit(); break; - + case "mature": update_blog_status( $id, 'mature', '1' ); do_action( 'mature_blog', $id ); wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'mature'), $_POST['ref'] ) ); exit(); break; - + case "unmature": update_blog_status( $id, 'mature', '0' ); do_action( 'unmature_blog', $id ); - + wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'umature'), $_POST['ref'] ) ); exit(); break; - + // Themes case "updatethemes": if( is_array( $_POST['theme'] ) ) { @@ -352,7 +352,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'themes'), $_SERVER['HTTP_REFERER'] ) ); exit(); break; - + // Common case "confirm": global $wp_locale; @@ -379,15 +379,15 @@ switch( $_GET['action'] ) { <input type='hidden' name='id' value='<?php echo wp_specialchars( $id ); ?>' /> <input type='hidden' name='ref' value='<?php if( isset( $_GET['ref'] ) ) {echo wp_specialchars( $_GET['ref'] ); } else { echo $_SERVER['HTTP_REFERER']; } ?>' /> <?php wp_nonce_field( $_GET['action2'] ) ?> - <p> + <p> <?php echo wp_specialchars( $_GET['msg'] ) ?><br /> - <input class="button" type='submit' value='<?php _e("Confirm"); ?>' /></p> + <input class="button" type='submit' value='<?php _e("Confirm"); ?>' /></p> </form> </body> </html> <?php break; - + // Users case "deleteuser": check_admin_referer('deleteuser'); @@ -397,7 +397,7 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'delete'), $_POST['ref'] ) ); exit(); break; - + case "allusers": check_admin_referer('allusers'); foreach ( (array) $_POST['allusers'] as $key => $val ) { @@ -424,11 +424,11 @@ switch( $_GET['action'] ) { update_user_status( $val, "spam", '0', 1 ); } } - } + } wp_redirect( add_query_arg( array('updated' => 'true', 'action' => $userfunction), $_SERVER['HTTP_REFERER'] ) ); exit(); break; - + case "adduser": check_admin_referer('add-user'); @@ -454,10 +454,10 @@ switch( $_GET['action'] ) { wp_redirect( add_query_arg( array('updated' => 'true', 'action' => 'add'), $_SERVER['HTTP_REFERER'] ) ); exit(); break; - + default: wpmu_admin_do_redirect( "wpmu-admin.php" ); - break; + break; } ?> diff --git a/wp-admin/wpmu-options.php b/wp-admin/wpmu-options.php index ae35e90..6466071 100644 --- a/wp-admin/wpmu-options.php +++ b/wp-admin/wpmu-options.php @@ -20,7 +20,7 @@ if (isset($_GET['updated'])) { <h2><?php _e('Site Options') ?></h2> <form method="post" action="wpmu-edit.php?action=siteoptions"> <?php wp_nonce_field( "siteoptions" ); ?> - + <h3><?php _e('Operational Settings <em>(These settings cannot be modified by blog owners)</em>') ?></h3> <table class="form-table"> <tr valign="top"> @@ -31,7 +31,7 @@ if (isset($_GET['updated'])) { <?php _e('What you would like to call this website.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Site Admin Email') ?></th> <td> @@ -40,7 +40,7 @@ if (isset($_GET['updated'])) { <?php printf( __( 'Registration and support mails will come from this address. Make it generic like "support@%s"' ), $current_site->domain ); ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Allow new registrations') ?></th> <?php @@ -55,7 +55,7 @@ if (isset($_GET['updated'])) { <?php _e('Disable or enable registration and who or what can be registered. (Default=all)') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Registration notification') ?></th> <?php @@ -68,7 +68,7 @@ if (isset($_GET['updated'])) { <?php _e('Send the site admin an email notification every time someone registers a blog or user account.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Welcome Email') ?></th> <td> @@ -77,7 +77,7 @@ if (isset($_GET['updated'])) { <?php _e('The welcome email sent to new blog owners.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('First Post') ?></th> <td> @@ -86,7 +86,7 @@ if (isset($_GET['updated'])) { <?php _e('First post on a new blog.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Banned Names') ?></th> <td> @@ -95,7 +95,7 @@ if (isset($_GET['updated'])) { <?php _e('Users are not allowed to register these blogs. Separate names by spaces.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Limited Email Registrations') ?></th> <td> @@ -106,7 +106,7 @@ if (isset($_GET['updated'])) { <?php _e('If you want to limit blog registrations to certain domains. One domain per line.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Banned Email Domains') ?></th> <td> @@ -115,24 +115,24 @@ if (isset($_GET['updated'])) { <?php _e('If you want to ban certain email domains from blog registrations. One domain per line.') ?> </td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Blog upload space') ?></th> <td><input name="blog_upload_space" type="text" id="blog_upload_space" value="<?php echo get_site_option('blog_upload_space', 10) ?>" size="3" /> MB</td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Upload File Types') ?></th> <td><input name="upload_filetypes" type="text" id="upload_filetypes" value="<?php echo get_site_option('upload_filetypes', 'jpg jpeg png gif') ?>" size="45" /></td> </tr> - + <tr valign="top"> <th scope="row"><?php _e('Max upload file size') ?></th> <td><input name="fileupload_maxk" type="text" id="fileupload_maxk" value="<?php echo get_site_option('fileupload_maxk', 300) ?>" size="5" /> KB</td> </tr> </table> - - <h3><?php _e('Administration Settings') ?></h3> + + <h3><?php _e('Administration Settings') ?></h3> <table class="form-table"> <tr valign="top"> <th scope="row"><?php _e('Site Admins') ?></th> @@ -143,7 +143,7 @@ if (isset($_GET['updated'])) { </td> </tr> </table> - + <h3><?php _e('Site Wide Settings <em>(These settings may be overridden by blog owners)</em>') ?></h3> <table class="form-table"> <?php @@ -166,7 +166,7 @@ if (isset($_GET['updated'])) { } // languages ?> </table> - + <h3><?php _e('Menus <em>(Enable or disable WP Backend Menus)</em>') ?></h3> <table class="form-table"> <tr> @@ -184,7 +184,7 @@ if (isset($_GET['updated'])) { </table> <?php do_action( 'wpmu_options' ); // Add more options here ?> - + <p class="submit"> <input type="submit" name="Submit" value="<?php _e('Update Options') ?>" /></p> </form> diff --git a/wp-admin/wpmu-themes.php b/wp-admin/wpmu-themes.php index 4b49f1c..8bbd41a 100644 --- a/wp-admin/wpmu-themes.php +++ b/wp-admin/wpmu-themes.php @@ -21,7 +21,7 @@ $allowed_themes = get_site_allowed_themes(); <div class="wrap"> <form action='wpmu-edit.php?action=updatethemes' method='post'> <h2><?php _e('Site Themes') ?></h2> - <p><?php _e('Disable themes site-wide. You can enable themes on a blog by blog basis.') ?></p> + <p><?php _e('Disable themes site-wide. You can enable themes on a blog by blog basis.') ?></p> <table class="widefat"> <thead> <tr> @@ -37,7 +37,7 @@ $allowed_themes = get_site_allowed_themes(); $theme_key = wp_specialchars($theme['Stylesheet']); $class = ('alt' == $class) ? '' : 'alt'; $class1 = $enabled = $disabled = ''; - + if( isset( $allowed_themes[ $theme_key ] ) == true ) { $enabled = 'checked="checked" '; $class1 = ' active'; @@ -58,7 +58,7 @@ $allowed_themes = get_site_allowed_themes(); <?php endforeach; ?> </tbody> </table> - + <p class="submit"> <input type='submit' value='<?php _e('Update Themes »') ?>' /></p> </form> diff --git a/wp-admin/wpmu-upgrade-site.php b/wp-admin/wpmu-upgrade-site.php index ac4f0c1..96d27b9 100644 --- a/wp-admin/wpmu-upgrade-site.php +++ b/wp-admin/wpmu-upgrade-site.php @@ -19,7 +19,7 @@ echo '<h2>'.__('Upgrade Site').'</h2>'; switch( $_GET['action'] ) { case "upgrade": $n = ( isset($_GET['n']) ) ? intval($_GET['n']) : 0; - + $blogs = $wpdb->get_results( "SELECT * FROM {$wpdb->blogs} WHERE site_id = '{$wpdb->siteid}' AND spam = '0' AND deleted = '0' AND archived = '0' ORDER BY registered DESC LIMIT {$n}, 5", ARRAY_A ); if( is_array( $blogs ) ) { echo "<ul>"; @@ -57,7 +57,7 @@ switch( $_GET['action'] ) { echo '<p>'.__('All Done!').'</p>'; } break; - + default: ?> <p><?php _e("You can upgrade all the blogs on your site through this page. It works by calling the upgrade script of each blog automatically. Hit the link below to upgrade."); ?></p> <p><a class="button" href="wpmu-upgrade-site.php?action=upgrade"><?php _e("Upgrade Site"); ?></a></p> diff --git a/wp-admin/wpmu-users.php b/wp-admin/wpmu-users.php index 1305e09..47238b9 100644 --- a/wp-admin/wpmu-users.php +++ b/wp-admin/wpmu-users.php @@ -40,18 +40,19 @@ if ( $_GET['updated'] == 'true' ) { <?php $apage = isset( $_GET['apage'] ) ? intval( $_GET['apage'] ) : 1; $num = isset( $_GET['num'] ) ? intval( $_GET['num'] ) : 15; + $s = wp_specialchars( trim( $_GET[ 's' ] ) ); $query = "SELECT * FROM {$wpdb->users}"; - - if( !empty($_GET['s']) ) { - $search = '%' . trim(addslashes($_GET['s'])) . '%'; + + if( !empty( $s ) ) { + $search = '%' . trim( $s ) . '%'; $query .= " WHERE user_login LIKE '$search' OR user_email LIKE '$search'"; } - + if( !isset($_GET['sortby']) ) { $_GET['sortby'] = 'id'; } - + if( $_GET['sortby'] == 'email' ) { $query .= ' ORDER BY user_email '; } elseif( $_GET['sortby'] == 'id' ) { @@ -63,18 +64,18 @@ if ( $_GET['updated'] == 'true' ) { } elseif( $_GET['sortby'] == 'registered' ) { $query .= ' ORDER BY user_registered '; } - + $query .= ( $_GET['order'] == 'DESC' ) ? 'DESC' : 'ASC'; - if( !empty($_GET['s'])) { + if( !empty( $s )) { $user_list = $wpdb->get_results( $query, ARRAY_A ); - $total = count($user_list); + $total = count($user_list); } else { $total = $wpdb->get_var( "SELECT COUNT(*) FROM {$wpdb->users}"); } - + $query .= " LIMIT " . intval( ( $apage - 1 ) * $num) . ", " . intval( $num ); - + $user_list = $wpdb->get_results( $query, ARRAY_A ); // Pagination @@ -87,13 +88,13 @@ if ( $_GET['updated'] == 'true' ) { ?> <h2><?php _e("Users"); ?></h2> <form action="wpmu-users.php" method="get" style="position:absolute;right:0;top:0;"> - <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo stripslashes(wp_specialchars($_GET['s'], 1)); ?>" size="17" /> + <input type="text" name="s" value="<?php if (isset($_GET['s'])) echo stripslashes( $s ); ?>" size="17" /> <input type="submit" id="post-query-submit" value="<?php _e('Search Users') ?>" class="button" /> </form> <form id="form-user-list" action='wpmu-edit.php?action=allusers' method='post'> <div class="tablenav"> - <?php if ( $user_navigation ) echo "<div class='tablenav-pages'>$user_navigation</div>"; ?> + <?php if ( $user_navigation ) echo "<div class='tablenav-pages'>$user_navigation</div>"; ?> <div class="alignleft"> <input type="submit" value="<?php _e('Delete') ?>" name="alluser_delete" class="button-secondary delete" /> @@ -105,9 +106,9 @@ if ( $_GET['updated'] == 'true' ) { </div> <br class="clear" /> - + <?php if( isset($_GET['s']) && $_GET['s'] != '' ) : ?> - <p><a href="wpmu-blogs.php?action=blogs&s=<?php echo stripslashes(wp_specialchars($_GET['s'], 1)); ?>"><?php _e('Search Blogs:') ?> <strong><?php echo stripslashes(wp_specialchars($_GET['s'], 1)) ?></strong></a></p> + <p><a href="wpmu-blogs.php?action=blogs&s=<?php echo urlencode( stripslashes( $s ) ); ?>"><?php _e('Search Blogs:') ?> <strong><?php echo stripslashes( $s ) ?></strong></a></p> <?php endif; ?> <?php @@ -143,7 +144,7 @@ if ( $_GET['updated'] == 'true' ) { foreach ( (array) $user_list as $user) { $class = ('alternate' == $class) ? '' : 'alternate'; ?> - + <tr class="<?php echo $class; ?>"> <?php foreach( (array) $posts_columns as $column_name=>$column_display_name) : @@ -152,8 +153,8 @@ if ( $_GET['updated'] == 'true' ) { <th scope="row" class="check-column"><input type='checkbox' id='user_<?php echo $user['ID'] ?>' name='allusers[]' value='<?php echo $user['ID'] ?>' /></th> <?php break; - - case 'id': ?> + + case 'id': ?> <td><?php echo $user['ID'] ?></td> <?php break; @@ -228,11 +229,11 @@ if( apply_filters('show_adduser_fields', true) ) : <h2><?php _e('Add user') ?></h2> <form action="wpmu-edit.php?action=adduser" method="post"> <table class="form-table"> - <tr class="form-field form-required"> + <tr class="form-field form-required"> <th scope='row'><?php _e('Username') ?></th> <td><input type="text" name="user[username]" /></td> </tr> - <tr class="form-field form-required"> + <tr class="form-field form-required"> <th scope='row'><?php _e('Email') ?></th> <td><input type="text" name="user[email]" /></td> </tr> |