function tearDown() { if (is_multisite()) { revoke_super_admin($this->administrator_id); } parent::tearDown(); }
/** * @ticket 39065 */ public function test_get_dashboard_url_for_network_administrator_with_no_sites() { if (!is_multisite()) { $this->markTestSkipped('Test only runs in multisite.'); } grant_super_admin(self::$user_id); add_filter('get_blogs_of_user', '__return_empty_array'); $expected = admin_url(); $result = get_dashboard_url(self::$user_id); revoke_super_admin(self::$user_id); $this->assertEquals($expected, $result); }
* @param int $user_id The user ID. */ do_action('edit_user_profile_update', $user_id); } // Update the email address in signups, if present. if (is_multisite()) { $user = get_userdata($user_id); if ($user->user_login && isset($_POST['email']) && is_email($_POST['email']) && $wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST['email'], $user_login)); } } // Update the user. $errors = edit_user($user_id); // Grant or revoke super admin status if requested. if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } if (!is_wp_error($errors)) { $redirect = add_query_arg('updated', true, get_edit_user_link($user_id)); if ($wp_http_referer) { $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); } wp_redirect($redirect); exit; } default: $profileuser = get_user_to_edit($user_id); if (!current_user_can('edit_user', $user_id)) { wp_die(__('You do not have permission to edit this user.')); } $sessions = WP_Session_Tokens::get_instance($profileuser->ID);
/** * @ticket 27205 */ function test_granting_super_admins() { if ( isset( $GLOBALS['super_admins'] ) ) { $old_global = $GLOBALS['super_admins']; unset( $GLOBALS['super_admins'] ); } $user_id = $this->factory->user->create(); $this->assertFalse( is_super_admin( $user_id ) ); $this->assertFalse( revoke_super_admin( $user_id ) ); $this->assertTrue( grant_super_admin( $user_id ) ); $this->assertTrue( is_super_admin( $user_id ) ); $this->assertFalse( grant_super_admin( $user_id ) ); $this->assertTrue( revoke_super_admin( $user_id ) ); // None of these operations should set the $super_admins global. $this->assertFalse( isset( $GLOBALS['super_admins'] ) ); // Try with two users. $second_user = $this->factory->user->create(); $this->assertTrue( grant_super_admin( $user_id ) ); $this->assertTrue( grant_super_admin( $second_user ) ); $this->assertTrue( is_super_admin( $second_user ) ); $this->assertTrue( is_super_admin( $user_id ) ); $this->assertTrue( revoke_super_admin( $user_id ) ); $this->assertTrue( revoke_super_admin( $second_user ) ); if ( isset( $old_global ) ) { $GLOBALS['super_admins'] = $old_global; } }
/** * Override the value update of the field for whether a user is to be a super admin or not * * @param mixed $value * @param int $item_id * @param WP_Fields_API_Field $field */ public function update_value_is_super_admin($value, $item_id, $field) { $is_super_admin = is_super_admin($item_id); if (!empty($value) && !$is_super_admin) { // Make super admin if not already a super admin grant_super_admin($item_id); } elseif ($is_super_admin) { // Revoke super admin if currently a super admin revoke_super_admin($item_id); } }
/** * Handles the front end user editing * * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wpdb::prepare() To sanitize our sql query * @uses wpdb::get_var() To execute our query and get back the variable * @uses wpdb::query() To execute our query * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses wp_safe_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses wpdb::get_blog_prefix() To get the blog prefix * @uses is_network_admin() To check if the user is the network admin * @uses is_super_admin() To check if the user is super admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if action is not 'bbp-update-user' if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Execute confirmed email change. See send_confirmation_on_profile_email(). if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) { $new_email = get_option($user_id . '_new_email'); if ($new_email['hash'] == $_GET['newuseremail']) { $user = new stdClass(); $user->ID = $user_id; $user->user_email = esc_html(trim($new_email['newemail'])); global $wpdb; if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login'))); } wp_update_user(get_object_vars($user)); delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Delete new email address from user options } elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) { delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } $redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user)); wp_safe_redirect($redirect); exit; } }
public static function ajax_revokeAdminUser_callback() { $issueID = absint(!empty($_POST['issueID']) ? $_POST['issueID'] : 0); $wfIssues = new wfIssues(); $issue = $wfIssues->getIssueByID($issueID); if (!$issue) { return array('errorMsg' => "We could not find that issue in our database."); } $data = $issue['data']; if (empty($data['userID'])) { return array('errorMsg' => "We could not find that user in the database."); } $user = new WP_User($data['userID']); $userLogin = $user->user_login; wp_revoke_user($data['userID']); if (is_multisite()) { revoke_super_admin($data['userID']); } $wfIssues->deleteIssue($issueID); return array('ok' => 1, 'user_login' => $userLogin); }
/** * Handles the front end user editing * * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wpdb::prepare() To sanitize our sql query * @uses wpdb::get_var() To execute our query and get back the variable * @uses wpdb::query() To execute our query * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses wp_safe_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses wpdb::get_blog_prefix() To get the blog prefix * @uses is_network_admin() To check if the user is the network admin * @uses is_super_admin() To check if the user is super admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler() { // Bail if not a POST action if ('POST' !== strtoupper($_SERVER['REQUEST_METHOD'])) { return; } // Bail if action is not 'bbp-update-user' if (empty($_POST['action']) || 'bbp-update-user' !== $_POST['action']) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); global $wpdb, $user_login, $super_admins; // Execute confirmed email change. See send_confirmation_on_profile_email(). if (is_multisite() && bbp_is_user_home_edit() && isset($_GET['newuseremail'])) { $new_email = get_option($user_id . '_new_email'); if ($new_email['hash'] == $_GET['newuseremail']) { $user = new stdClass(); $user->ID = $user_id; $user->user_email = esc_html(trim($new_email['newemail'])); if ($wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", bbp_get_displayed_user_field('user_login')))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $user->user_email, bbp_get_displayed_user_field('user_login'))); } wp_update_user(get_object_vars($user)); delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } } elseif (is_multisite() && bbp_is_user_home_edit() && !empty($_GET['dismiss']) && $user_id . '_new_email' == $_GET['dismiss']) { delete_option($user_id . '_new_email'); wp_safe_redirect(add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($user_id))); exit; } // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Multisite handles the trouble for us ;) if (!is_multisite()) { $edit_user = edit_user($user_id); // Single site means we need to do some manual labor } else { $user = get_userdata($user_id); // Update the email address in signups, if present. if ($user->user_login && isset($_POST['email']) && is_email($_POST['email']) && $wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST['email'], $user_login)); } // WPMU must delete the user from the current blog if WP added him after editing. $delete_role = false; $blog_prefix = $wpdb->get_blog_prefix(); if ($user_id != $user_id) { $cap = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'"); if (!is_network_admin() && null == $cap && $_POST['role'] == '') { $_POST['role'] = 'contributor'; $delete_role = true; } } $edit_user = edit_user($user_id); // stops users being added to current blog when they are edited if (true === $delete_role) { delete_user_meta($user_id, $blog_prefix . 'capabilities'); } if (is_multisite() && is_network_admin() & !bbp_is_user_home_edit() && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } } // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { $redirect = add_query_arg(array('updated' => 'true'), bbp_get_user_profile_edit_url($edit_user)); wp_safe_redirect($redirect); exit; } }
/** * Handles the front end user editing from POST requests * * @since 2.0.0 bbPress (r2790) * * @param string $action The requested action to compare this function to * @uses is_multisite() To check if it's a multisite * @uses bbp_is_user_home() To check if the user is at home (the display page * is the one of the logged in user) * @uses get_option() To get the displayed user's new email id option * @uses wp_update_user() To update the user * @uses delete_option() To delete the displayed user's email id option * @uses bbp_get_user_profile_edit_url() To get the edit profile url * @uses bbp_redirect() To redirect to the url * @uses bbp_verify_nonce_request() To verify the nonce and check the request * @uses current_user_can() To check if the current user can edit the user * @uses do_action() Calls 'personal_options_update' or * 'edit_user_options_update' (based on if it's the user home) * with the displayed user id * @uses edit_user() To edit the user based on the post data * @uses get_userdata() To get the user data * @uses is_email() To check if the string is an email id or not * @uses is_network_admin() To check if the user is the network admin * @uses revoke_super_admin() To revoke super admin priviledges * @uses grant_super_admin() To grant super admin priviledges * @uses is_wp_error() To check if the value retrieved is a {@link WP_Error} */ function bbp_edit_user_handler($action = '') { // Bail if action is not `bbp-update-user` if ('bbp-update-user' !== $action) { return; } // Get the displayed user ID $user_id = bbp_get_displayed_user_id(); // Nonce check if (!bbp_verify_nonce_request('update-user_' . $user_id)) { bbp_add_error('bbp_update_user_nonce', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Cap check if (!current_user_can('edit_user', $user_id)) { bbp_add_error('bbp_update_user_capability', __('<strong>ERROR</strong>: Are you sure you wanted to do that?', 'bbpress')); return; } // Empty email check if (empty($_POST['email'])) { bbp_add_error('bbp_user_email_empty', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Get the users current email address to use for comparisons $user_email = bbp_get_displayed_user_field('user_email', 'raw'); // Bail if no email change if ($user_email !== $_POST['email']) { // Check that new email address is valid if (!is_email($_POST['email'])) { bbp_add_error('bbp_user_email_invalid', __('<strong>ERROR</strong>: That is not a valid email address.', 'bbpress'), array('form-field' => 'email')); return; } // Check if email address is already in use if (email_exists($_POST['email'])) { bbp_add_error('bbp_user_email_taken', __('<strong>ERROR</strong>: That email address is already in use.', 'bbpress'), array('form-field' => 'email')); return; } // Update the option $key = $user_id . '_new_email'; $hash = md5($_POST['email'] . time() . mt_rand()); $option = array('hash' => $hash, 'newemail' => $_POST['email']); update_option($key, $option); // Attempt to notify the user of email address change bbp_edit_user_email_send_notification($user_id, $option); // Set the POST email variable back to the user's email address // so `edit_user()` does not attempt to update it. This is not ideal, // but it's also what send_confirmation_on_profile_email() does. $_POST['email'] = $user_email; } // Do action based on who's profile you're editing $edit_action = bbp_is_user_home_edit() ? 'personal_options_update' : 'edit_user_profile_update'; do_action($edit_action, $user_id); // Prevent edit_user() from wiping out the user's Toolbar on front setting if (!isset($_POST['admin_bar_front']) && _get_admin_bar_pref('front', $user_id)) { $_POST['admin_bar_front'] = 1; } // Bail if errors already exist if (bbp_has_errors()) { return; } // Handle user edit $edit_user = edit_user($user_id); // Error(s) editng the user, so copy them into the global if (is_wp_error($edit_user)) { bbpress()->errors = $edit_user; // Successful edit to redirect } elseif (is_integer($edit_user)) { // Maybe update super admin ability if (is_multisite() && !bbp_is_user_home_edit() && current_user_can('manage_network_options') && is_super_admin()) { empty($_POST['super_admin']) ? revoke_super_admin($edit_user) : grant_super_admin($edit_user); } // Redirect $args = array('updated' => 'true'); $user_url = bbp_get_user_profile_edit_url($edit_user); $redirect = add_query_arg($args, $user_url); bbp_redirect($redirect); } }
/** * Function is responsible for preparing the profile page. */ function bum_init_page_profile() { //reasons to return if (!bum_is_page('Profile')) { return false; } //initializing define('IS_PROFILE_PAGE', true); wp_enqueue_script('user-profile'); global $wp_http_referer, $errors, $user_can_edit, $bum_public_user, $user_id, $_wp_admin_css_colors, $super_admins; $current_user = wp_get_current_user(); $user_id = $current_user->ID; $action = isset($_REQUEST['action']) ? $_REQUEST['action'] : 'view'; $wp_http_referer = remove_query_arg(array('update', 'delete_count'), stripslashes($wp_http_referer)); $all_post_caps = array('posts', 'pages'); $user_can_edit = false; foreach ($all_post_caps as $post_cap) { $user_can_edit |= current_user_can("edit_{$post_cap}"); } //if the user is not logged in, does not have rights if (isset($_REQUEST['bumu']) && !empty($_REQUEST['bumu'])) { $bum_public_user = get_userdata($_REQUEST['bumu']); $user_id = $bum_public_user->ID; } elseif ($action == 'view') { } elseif ($action == 'edit') { } elseif ($action == 'update' && current_user_can('edit_user', $user_id)) { if (IS_PROFILE_PAGE) { do_action('personal_options_update', $user_id); } else { do_action('edit_user_profile_update', $user_id); } if (!is_multisite()) { $errors = apply_filters('bum_edit_user', $user_id); } else { global $wpdb; $user = get_userdata($user_id); // Update the email address in signups, if present. if ($user->user_login && isset($_POST['email']) && is_email($_POST['email']) && $wpdb->get_var($wpdb->prepare("SELECT user_login FROM {$wpdb->signups} WHERE user_login = %s", $user->user_login))) { $wpdb->query($wpdb->prepare("UPDATE {$wpdb->signups} SET user_email = %s WHERE user_login = %s", $_POST['email'], $user_login)); } // WPMU must delete the user from the current blog if WP added him after editing. $delete_role = false; $blog_prefix = $wpdb->get_blog_prefix(); if ($user_id != $current_user->ID) { $cap = $wpdb->get_var("SELECT meta_value FROM {$wpdb->usermeta} WHERE user_id = '{$user_id}' AND meta_key = '{$blog_prefix}capabilities' AND meta_value = 'a:0:{}'"); if (!is_network_admin() && null == $cap && $_POST['role'] == '') { $_POST['role'] = 'contributor'; $delete_role = true; } } if (!isset($errors) || isset($errors) && is_object($errors) && false == $errors->get_error_codes()) { $errors = apply_filters('bum_edit_user', $user_id); } if ($delete_role) { // stops users being added to current blog when they are edited delete_user_meta($user_id, $blog_prefix . 'capabilities'); } if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } } if (!is_wp_error($errors)) { $redirect = (IS_PROFILE_PAGE ? bum_get_permalink_profile() . '?' : "user-edit.php?user_id={$user_id}&") . "updated=true"; if ($wp_http_referer) { $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); } wp_redirect($redirect); exit; } } else { wp_redirect(bum_get_permalink_login()); exit; } }
/** * Save the user when they click "Update" * * @since 0.1.0 */ function wp_user_profiles_save_user() { // Bail if not updating a user if (empty($_POST['user_id']) || empty($_POST['action'])) { return; } // Bail if not updating a user if ('update' !== $_POST['action']) { return; } // Set the user ID $user_id = (int) $_POST['user_id']; // Referring? if (!empty($_REQUEST['wp_http_referer'])) { $wp_http_referer = $_REQUEST['wp_http_referer']; } else { $wp_http_referer = false; } // Setup constant for backpat define('IS_PROFILE_PAGE', get_current_user_id() === $user_id); // Fire WordPress core actions if (IS_PROFILE_PAGE) { do_action('personal_options_update', $user_id); } else { do_action('edit_user_profile_update', $user_id); } // Update the user $errors = wp_user_profiles_edit_user($user_id); // Grant or revoke super admin status if requested. if (is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($super_admins) && empty($_POST['super_admin']) == is_super_admin($user_id)) { empty($_POST['super_admin']) ? revoke_super_admin($user_id) : grant_super_admin($user_id); } // No errors if (!is_wp_error($errors)) { $redirect = add_query_arg('updated', true); if (!empty($wp_http_referer)) { $redirect = add_query_arg('wp_http_referer', urlencode($wp_http_referer), $redirect); } wp_redirect($redirect); exit; // Errors } else { wp_die($errors); } }
/** * Removes a user in the VIP Support role. * * @subcommand remove-user * * @synopsis <user-email> * * ## EXAMPLES * * wp vipsupport remove-user user@domain.tld * */ public function remove_support_user($args, $assoc_args) { $user_email = $args[0]; // Let's find the user $user = get_user_by('email', $user_email); if (false === $user) { \WP_CLI::error("No user exists with the email address {$user_email}, so they could not be deleted"); } // Check user has the active or inactive VIP Support role, // and bail out if not if (!WPCOM_VIP_Support_User::user_has_vip_support_role($user->ID, true) && !WPCOM_VIP_Support_User::user_has_vip_support_role($user->ID, false)) { \WP_CLI::error("The user with email {$user_email} is not in the active or the inactive VIP Support roles"); } // If the user already exists, we should delete and recreate them, // it's the only way to be sure we get the right user_login if (is_multisite()) { revoke_super_admin($user->ID); wpmu_delete_user($user->ID); } else { wp_delete_user($user->ID, null); } \WP_CLI::success("Deleted user with email {$user_email}"); }
/** * Demote a user to a * * @param $user_id * @param $revert_role_to */ protected function demote_user_from_vip_support_to($user_id, $revert_role_to) { $user = new WP_User($user_id); $user->set_role($revert_role_to); if (is_multisite()) { require_once ABSPATH . '/wp-admin/includes/ms.php'; revoke_super_admin($user_id); } }
/** * Grant or revoke super admin status * * This function exists to assist with updating whether a user is an * administrator to the entire installation. * * @since 0.2.0 * * @param int $user */ function wp_user_profiles_update_global_admin($user = null) { // Grant or revoke super admin status if requested. if (is_a($user, 'WP_User') && is_multisite() && is_network_admin() && !IS_PROFILE_PAGE && current_user_can('manage_network_options') && !isset($GLOBALS['super_admins']) && empty($_POST['super_admin']) == is_super_admin($user->ID)) { empty($_POST['super_admin']) ? revoke_super_admin($user->ID) : grant_super_admin($user->ID); } // Return the user return $user; }