Anyone can add Post (How to change this?)
Tareq Hasan
11 years ago| Author | Posts |
|---|---|
April 18, 2013 at 11:12 pm 2492 | |
| Tareq Hasan | Hey there, In the free version I was able to add a bit of code provided here: http://wordpress.org/support/topic/security-problem-doesnt-observe-user-capabilities which prevented any other member on my multisite network from adding posts to other member's blogs. However, this file isn't on the PRO version so I can't seem to make this change. Currently, on the PRO version any member on my multisite network can navigate to another member's site and easily add a post to their blog. I don't want this and need a way to prevent anyone from posting on a blog unless they are the administrator of that blog Again, this code provided in the link above worked beautifully for me as it only allowed the blog owner to post on their blog and not anyone else's. Any way to help me here? Thanks!! |
April 19, 2013 at 12:36 am 2495 | |
Tareq Hasan
| You can find that line on `/class/frontend-form-post.php`, line: 33. I am curious how will that solve this problem. |
April 19, 2013 at 12:42 am 2497 | |
Mike
| Thanks! I really dont’ know exactly why this change works but the way I set up my multisite network is no one (not even admins) can enter the back end thanks to your plugin (only super admin can) .. I also set it up so that every user on my network is an “editor” of the main site but have no roles associated with any other site except “admin” if they created one Adding this function that “professor” provided prevents them from cross posting on other blogs. However, I dont want to break anything can you please tell me exactly where on line 33 I would enter the following ?
|
April 19, 2013 at 12:52 am 2499 | |
|
Tareq Hasan
| Should be like this |
April 19, 2013 at 2:34 am 2501 | |
|
Mike
| Thank you! and sorry im such a newbie..do I add that code into the existing code? or am I replacing code that already exists in that file? If im replacing what exactly do I remove to put this code in? If adding it in , where do I add in exactly? Sorry for troubling you..i really love this plugin |
April 19, 2013 at 3:07 am 2502 | |
|
Mike
| 🙁 I been trying my best doing various ways of placing this code and keep getting unexpected T variable error. Im not a guru of PHP so any guidance would be awesome when you get a chance. I see the following in this file around line 33 $form_settings = get_post_meta( $id, ‘wpuf_form_settings’, true ); $info = apply_filters( ‘wpuf_addpost_notice’, ” ); $user_can_post = apply_filters( ‘wpuf_can_post’, ‘yes’ );
if ( $user_can_post == ‘yes’ ) { $this->render_form( $id ); } else { echo ‘<div class=”info”>’ . $info . ‘</div>’; }
But I dont know where to place this code you gave me:
if(!current_user_can( ‘edit_posts’)) { $user_can_post= ‘no’; } $user_can_post= apply_filters( ‘wpuf_can_post’, $user_can_post); |
April 19, 2013 at 7:33 am 2516 | |
Mahi
| this file |
April 19, 2013 at 7:56 am 2522 | |
|
Tareq Hasan
| Hey Mike, this whole function should be like this [php] $form_settings = get_post_meta( $id, ‘wpuf_form_settings’, true ); if ( $user_can_post == ‘yes’ ) { $content = ob_get_contents(); return $content; |
April 19, 2013 at 9:16 am 2533 | |
|
Mike
| Thanks! but unfortunately i did that (without parse errors) BUT the post form disappeared from me completely and im the super admin! im so sad..there has to be some way (like in the free version) that I can prevent people from posting on other’s blogs but still able to post on their own…i dont know why this same code caused the form to disappear completely ..any thoughts? |
April 19, 2013 at 10:35 am 2535 | |
|
Tareq Hasan
| Remove the changes you made to that file. Now add this code to your themes functions.php and check the result. I haven’t tested it, but should work. [php] // if its multisite and the user belongs to this blog if ( is_blog_user( $blog_id ) ) { return $permission; add_filter( ‘wpuf_can_post’, ‘wpufe_check_multisite_user’ ); It prevents users from other blog to post in your site. |
April 19, 2013 at 9:36 pm 2568 | |
|
Mike
| Thanks so much. I am trying to add this to my theme’s function file but I keep getting this error: Parse error: syntax error, unexpected T_STRING in /home/____/public_html/wp-content/themes/snapshot/functions.php on line 414 I tried placing it in several places with no luck |
April 19, 2013 at 9:43 pm 2571 | |
|
Tareq Hasan
| May be you’ve placed the code after the end of PHP. Can you paste your entire function.php in pastebin? |
April 19, 2013 at 9:49 pm 2574 | |
|
Mike
| Hmm thanks! you are so helpful!!
|
April 19, 2013 at 10:24 pm 2577 | |
|
Tareq Hasan
| This one shouldn’t have problem |
April 19, 2013 at 10:32 pm 2579 | |
|
Mike
| OMG it worked !! You are absolutely amazing sir. It was well worth the $160 for this plugin as your support is beyond what I have seen from other plugin authors…I know I can be a pest so thanks a lot 🙂 |
April 19, 2013 at 10:43 pm 2581 | |
|
Tareq Hasan
| I am glad to help you out. It would be great to have your testimonial 🙂 |
