enmi-conf.org: comparison wp/wp-admin/network/user-new.php

equal deleted inserted replaced

-:346c88efed21
+:5e2f62d02dcd
 		'<p>' . __('Users who are signed up to the network without a site are added as subscribers to the main or primary dashboard site, giving them profile pages to manage their accounts. These users will only see Dashboard and My Sites in the main navigation until a site is created for them.') . '</p>'
 ) );
 get_current_screen()->set_help_sidebar(
 	'<p><strong>' . __('For more information:') . '</strong></p>' .
-	'<p>' . __('<a href="http://codex.wordpress.org/Network_Admin_Users_Screen" target="_blank">Documentation on Network Users</a>') . '</p>' .
+	'<p>' . __('<a href="https://codex.wordpress.org/Network_Admin_Users_Screen" target="_blank">Documentation on Network Users</a>') . '</p>' .
-	'<p>' . __('<a href="http://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
+	'<p>' . __('<a href="https://wordpress.org/support/forum/multisite/" target="_blank">Support Forums</a>') . '</p>'
 );
 if ( isset($_REQUEST['action']) && 'add-user' == $_REQUEST['action'] ) {
 	check_admin_referer( 'add-user', '_wpnonce_add-user' );
 	if ( ! current_user_can( 'manage_network_users' ) )
-		wp_die( __( 'You do not have permission to access this page.' ) );
+		wp_die( __( 'You do not have permission to access this page.' ), 403 );
 	if ( ! is_array( $_POST['user'] ) )
 		wp_die( __( 'Cannot create an empty user.' ) );
-	$user = $_POST['user'];
+	$user = wp_unslash( $_POST['user'] );
 	$user_details = wpmu_validate_user_signup( $user['username'], $user['email'] );
 	if ( is_wp_error( $user_details[ 'errors' ] ) && ! empty( $user_details[ 'errors' ]->errors ) ) {
 		$add_user_errors = $user_details[ 'errors' ];
 	} else {
 		$password = wp_generate_password( 12, false);
-		$user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, esc_html( $user['email'] ) );
+		$user_id = wpmu_create_user( esc_html( strtolower( $user['username'] ) ), $password, sanitize_email( $user['email'] ) );
 		if ( ! $user_id ) {
 	 		$add_user_errors = new WP_Error( 'add_user_fail', __( 'Cannot add user.' ) );
 		} else {
 			wp_new_user_notification( $user_id, $password );
 $parent_file = 'users.php';
 require( ABSPATH . 'wp-admin/admin-header.php' ); ?>
 <div class="wrap">
-<?php screen_icon(); ?>
 <h2 id="add-new-user"><?php _e('Add New User') ?></h2>
 <?php
 if ( ! empty( $messages ) ) {
 	foreach ( $messages as $msg )
-		echo '<div id="message" class="updated"><p>' . $msg . '</p></div>';
+		echo '<div id="message" class="updated notice is-dismissible"><p>' . $msg . '</p></div>';
 }
 if ( isset( $add_user_errors ) && is_wp_error( $add_user_errors ) ) { ?>
 	<div class="error">
 		<?php
 	</div>
 <?php } ?>
 	<form action="<?php echo network_admin_url('user-new.php?action=add-user'); ?>" id="adduser" method="post">
 	<table class="form-table">
 		<tr class="form-field form-required">
-			<th scope="row"><?php _e( 'Username' ) ?></th>
+			<th scope="row"><label for="username"><?php _e( 'Username' ) ?></label></th>
-			<td><input type="text" class="regular-text" name="user[username]" /></td>
+			<td><input type="text" class="regular-text" name="user[username]" id="username" /></td>
 		</tr>
 		<tr class="form-field form-required">
-			<th scope="row"><?php _e( 'Email' ) ?></th>
+			<th scope="row"><label for="email"><?php _e( 'Email' ) ?></label></th>
-			<td><input type="text" class="regular-text" name="user[email]" /></td>
+			<td><input type="text" class="regular-text" name="user[email]" id="email"/></td>
 		</tr>
 		<tr class="form-field">
 			<td colspan="2"><?php _e( 'Username and password will be mailed to the above email address.' ) ?></td>
 		</tr>
 	</table>

changeset 5	5e2f62d02dcd
parent 0	d970ebf37754
child 7	cf61fcea0001