From 66df7b815bf4cd9dff862e6200e1c366e02b08eb Mon Sep 17 00:00:00 2001 From: donncha Date: Tue, 16 Oct 2007 13:07:13 +0000 Subject: Use GET and POST Use update_user_status() git-svn-id: http://svn.automattic.com/wordpress-mu/trunk@1080 7be80a69-a1ef-0310-a953-fb0f7c49ff36 --- wp-admin/wpmu-edit.php | 8 ++++---- wp-admin/wpmu-options.php | 3 +-- wp-admin/wpmu-users.php | 30 +++++++++++++++++++++++++----- 3 files changed, 30 insertions(+), 11 deletions(-) (limited to 'wp-admin') diff --git a/wp-admin/wpmu-edit.php b/wp-admin/wpmu-edit.php index 9befdff..63056b0 100644 --- a/wp-admin/wpmu-edit.php +++ b/wp-admin/wpmu-edit.php @@ -6,11 +6,11 @@ if( is_site_admin() == false ) { do_action( "wpmuadminedit", "" ); -$id = intval( $_REQUEST[ 'id' ] ); +$id = intval( $_POST[ 'id' ] ); if( isset( $_POST[ 'ref' ] ) == false && empty( $_SERVER[ 'HTTP_REFERER' ] ) == false ) $_POST[ 'ref' ] = $_SERVER[ 'HTTP_REFERER' ]; -switch( $_REQUEST[ 'action' ] ) { +switch( $_GET[ 'action' ] ) { case "siteoptions": check_admin_referer('siteoptions'); @@ -251,7 +251,7 @@ switch( $_REQUEST[ 'action' ] ) { check_admin_referer('deleteblog'); if( $id != '0' && $id != '1' ) wpmu_delete_blog( $id, true ); - wp_redirect( add_query_arg( "updated", "blogdeleted", $_SERVER[ 'HTTP_REFERER' ] ) ); + wp_redirect( add_query_arg( "updated", "blogdeleted", $_POST[ 'ref' ] ) ); die(); break; case "allblogs": @@ -365,7 +365,7 @@ switch( $_REQUEST[ 'action' ] ) { break; case "confirm": ?> - <?php _e("Please confirm your action"); ?>

'>'>'>

+ Please confirm your action

Please Confirm

' method='POST'>'>'>'>

-
- +
(These settings cannot be modified by blog owners)') ?> diff --git a/wp-admin/wpmu-users.php b/wp-admin/wpmu-users.php index fbcc086..f6bf70f 100644 --- a/wp-admin/wpmu-users.php +++ b/wp-admin/wpmu-users.php @@ -3,15 +3,19 @@ require_once('admin.php'); $title = __('WPMU Admin: Users'); $parent_file = 'wpmu-admin.php'; -$id = intval( $_REQUEST[ 'id' ] ); +if( $_GET[ 'id' ] ) { + $id = intval( $_GET[ 'id' ] ); +} elseif( $_POST[ 'id' ] ) { + $id = intval( $_POST[ 'id' ] ); +} if( is_site_admin() == false ) { die( __('

You do not have permission to access this page.

') ); } -switch( $_REQUEST[ 'action' ] ) { +switch( $_GET[ 'action' ] ) { case "confirm": ?> - '>'>'>

+
' method='POST'>'>'>

You do not have permission to access this page.

') ); + } if( is_array( $_POST[ 'allusers' ] ) ) { while( list( $key, $val ) = each( $_POST[ 'allusers' ] ) ) { if( $val != '' && $val != '0' && $val != '1' ) { @@ -39,6 +46,15 @@ switch( $_REQUEST[ 'action' ] ) { do_action( "make_spam_blog", $details->userblog_id ); } } + update_user_status( $val, "spam", '1', 1 ); + } elseif ( $_POST[ 'userfunction' ] == 'notspam' ) { + $blogs = get_blogs_of_user( $val, true ); + if( is_array( $blogs ) ) { + while( list( $key, $details ) = each( $blogs ) ) { + update_blog_status( $details->userblog_id, "spam", '0' ); + } + } + update_user_status( $val, "spam", '0', 1 ); } } } @@ -51,6 +67,9 @@ switch( $_REQUEST[ 'action' ] ) { $title = __('WPMU Admin'); $parent_file = 'wpmu-admin.php'; require_once('admin-header.php'); +if( is_site_admin() == false ) { + die( __('

You do not have permission to access this page.

') ); +} if (isset($_GET['updated'])) { ?>

@@ -258,7 +277,7 @@ $class = ('alternate' == $class) ? '' : 'alternate'; foreach($posts_columns as $column_name=>$column_display_name) { switch($column_name) { - + case 'id': ?> ' name='allusers[]' value='' /> @@ -341,6 +360,7 @@ foreach($posts_columns as $column_name=>$column_display_name) {
    • +

    • '>

    -- cgit