This topic contains 17 reply and 3 voices, and was last updated by Tareq Hasan 6 years, 6 months ago
Viewing 15 Posts - 1 through 15 (of 17 total)
Author Posts
April 18, 2013 at 11:12 pm 2492
Tareq Hasan Hey there, In the free version I was able to add a bit of code provided here: http://wordpress.org/support/topic/security-problem-doesnt-observe-user-capabilities which prevented any other member on my multisite network from adding posts to other member's blogs. However, this file isn't on the PRO version so I can't seem to make this change. Currently, on the PRO version any member on my multisite network can navigate to another member's site and easily add a post to their blog. I don't want this and need a way to prevent anyone from posting on a blog unless they are the administrator of that blog Again, this code provided in the link above worked beautifully for me as it only allowed the blog owner to post on their blog and not anyone else's.  Any way to help me here? Thanks!!
April 19, 2013 at 12:36 am 2495
Tareq Hasan Tareq Hasan

You can find that line on `/class/frontend-form-post.php`, line: 33. I am curious how will that solve this problem.

April 19, 2013 at 12:42 am 2497
Mike Mike

Thanks! I really dont’ know exactly why this change works but the way I set up my multisite network is no one (not even admins) can enter the back end thanks to your plugin (only super admin can) .. I also set it up so that every user on my network is an “editor” of the main site but have no roles associated with any other site except “admin” if they created one

Adding this function that “professor” provided prevents them from cross posting on other blogs. However, I dont want to break anything can you please tell me exactly where on line 33 I would enter the following ?

 

function post_form( $post_type ) {
....
  $can_post = 'yes';

  $info = apply_filters( 'wpuf_addpost_notice', $info );

   if (!current_user_can( 'edit_posts' ))
     $can_post = 'no';

  $can_post = apply_filters( 'wpuf_can_post', $can_post );
April 19, 2013 at 12:52 am 2499
Tareq Hasan Tareq Hasan

Should be like this
[php]
if (!current_user_can( ‘edit_posts’ )) {
$user_can_post = ‘no’;
}
$user_can_post = apply_filters( ‘wpuf_can_post’, $user_can_post );
[/php]

April 19, 2013 at 2:34 am 2501
Mike Mike

Thank you! and sorry im such a newbie..do I add that code into the existing code? or am I replacing code that already exists in that file? If im replacing what exactly do I remove to put this code in?  If adding it in , where do I add in exactly? Sorry for troubling you..i really love this plugin

April 19, 2013 at 3:07 am 2502
Mike Mike

🙁  I been trying my best doing various ways of placing this code and keep getting unexpected T variable error. Im not a guru of PHP so any guidance would be awesome when you get a chance.  I see the following in this file around line 33

$form_settings = get_post_meta( $id, ‘wpuf_form_settings’, true );

$info = apply_filters( ‘wpuf_addpost_notice’, ” );

$user_can_post = apply_filters( ‘wpuf_can_post’, ‘yes’ );

 

if ( $user_can_post == ‘yes’ ) {

$this->render_form( $id );

} else {

echo ‘<div class=”info”>’ . $info . ‘</div>’;

}

 

 

But I dont know where to place this code you gave me:

 

if(!current_user_can( ‘edit_posts’)) {

    $user_can_post= ‘no’;

}

$user_can_post= apply_filters( ‘wpuf_can_post’, $user_can_post);

April 19, 2013 at 7:33 am 2516
Mahi Mahi

this file
`wp-content/plugins/wpuser-frontend/class/frontend-form-post.php`

April 19, 2013 at 7:56 am 2522
Tareq Hasan Tareq Hasan

Hey Mike, this whole function should be like this

[php]
/**
* Add post shortcode handler
*
* @param array $atts
* @return string
*/
function add_post_shortcode( $atts ) {
extract( shortcode_atts( array(‘id’ => 0), $atts ) );
ob_start();

$form_settings = get_post_meta( $id, ‘wpuf_form_settings’, true );
$info = apply_filters( ‘wpuf_addpost_notice’, ” );
if (!current_user_can( ‘edit_posts’ )) {
$user_can_post = ‘no’;
}
$user_can_post = apply_filters( ‘wpuf_can_post’, $user_can_post );

if ( $user_can_post == ‘yes’ ) {
$this->render_form( $id );
} else {
echo ‘<div class="info">’ . $info . ‘</div>’;
}

$content = ob_get_contents();
ob_end_clean();

return $content;
}
[/php]

April 19, 2013 at 9:16 am 2533
Mike Mike

Thanks! but unfortunately i did that (without parse errors) BUT the post form disappeared from me completely and im the super admin! im so sad..there has to be some way (like in the free version) that I can prevent people from posting on other’s blogs but still able to post on their own…i dont know why this same code caused the form to disappear completely ..any thoughts?

April 19, 2013 at 10:35 am 2535
Tareq Hasan Tareq Hasan

Remove the changes you made to that file. Now add this code to your themes functions.php and check the result. I haven’t tested it, but should work.

[php]
function wpufe_check_multisite_user( $permission ) {

// if its multisite and the user belongs to this blog
if ( is_multisite() ) {
global $blog_id;

if ( is_blog_user( $blog_id ) ) {
return ‘yes’;
} else {
return ‘no’;
}
}

return $permission;
}

add_filter( ‘wpuf_can_post’, ‘wpufe_check_multisite_user’ );
[/php]

It prevents users from other blog to post in your site.

April 19, 2013 at 9:36 pm 2568
Mike Mike

Thanks so much. I am trying to add this to my theme’s function file but I keep getting this error:

Parse error: syntax error, unexpected T_STRING in /home/____/public_html/wp-content/themes/snapshot/functions.php on line 414

I tried placing it in several places with no luck

April 19, 2013 at 9:43 pm 2571
Tareq Hasan Tareq Hasan

May be you’ve placed the code after the end of PHP. Can you paste your entire function.php in pastebin?

April 19, 2013 at 9:49 pm 2574
Mike Mike

Hmm thanks! you are so helpful!!

 

http://pastebin.com/C7udYcHm

April 19, 2013 at 10:24 pm 2577
Tareq Hasan Tareq Hasan

This one shouldn’t have problem

April 19, 2013 at 10:32 pm 2579
Mike Mike

OMG it worked !! You are absolutely amazing sir. It was well worth the $160 for this plugin as your support is beyond what I have seen from other plugin authors…I know I can be a pest so thanks a lot 🙂

April 19, 2013 at 10:43 pm 2581
Tareq Hasan Tareq Hasan

I am glad to help you out. It would be great to have your testimonial 🙂

Viewing 15 Posts - 1 through 15 (of 17 total)