User Role Editor v. 3.10
User Role Editor WordPress plugin version 3.10 Beta became available for testing today. What’s main difference from the previous version except of partial general code cleanup?
New feature “multiple roles” selection is realized. You can assign to user more then one role now. If role1 has capabilities A and B, but role2 has capability C, but you need to give user all three A, B, C capabilities, there is no need to create new 3rd role with all those A, B, C capabilities included. Just assign to the user role1 and role2 simultaneously. As the result user will get the combination of capabilities from both those roles.
While playing with a new developed stuff I discovered the bug, which could be critical
in some conditions.
View own posts and media only
If your blog has multiple authors, you may wish to show for every author just her own posts only at admin back-end. What’s about to hide from them Media Library items, which were uploaded by other authors?
Existing WordPress permissions system doesn’t allow to realize such model. Yes, WordPress prohibits author to edit or delete posts and items of other authors, but she still see all that stuff. It’s slightly inconvenient, isn’t it?
“View Own Posts Media Only” WordPress plugin includes a set of useful hacks (don’t panic that’s just a legal code snippets, nothing from the dark territory of hackers, crackers and other malware manufactures) to offer you desired features, I wrote above.
bbPress User Role Editor conflict fix
, popular WordPress plugin realizing forum functionality on the base WordPress framework and, as themselves say “WordPress way”, introduced enhanced role model starting from version 2.2. bbPress users, who use “User Role Editor”
(URE) WordPress plugin to manage blog user roles, suddenly discovered that URE shows bbPress roles with almost all capabilities turned on, even for minimal ‘Blocked’ and ‘Spectator’ roles.
URE showed bbPress roles quite well before the bbPress version 2.2. update. What’s happened?
Let’s look. WordPress stores its roles data the way, that only active capabilities stored into the role.
Stop spam registrations
Is your WordPress blog opened for new user registrations? If “YES”, then you are familiar with a lot of users registered every day. But the most of those users do not login, do not make posts. It seems that there are no real users behind such registrations. All these contacts like:
- “yqvcevsjc (firstname.lastname@example.org)”,
- “ymmoncmn7 (email@example.com)”,
- “www.cheap-some-best-and-beautiful-garbage.com (firstname.lastname@example.org)”, etc.
are SPAM registrations obviously. These fake users at WordPress database cost you a time to delete them, create the mess from your lovely users list, so you (and me together with you) have strong desire to Stop SPAM registrations. Do You?
read user capability
Did you ever ask yourself, what WordPress read capability really allows to read? Any unregistered visitor of your blog can see and read any public post without limitations? What the purpose of ‘read’ user capability? After making little investigation I don’t sure that WordPress read capability should be called ‘read’ but not ‘user_profile’ for example. Why I got such conclusion? Because of WordPress read capability is responsible for these WordPress admin back-end menu items only:
“Dashboard”-”Home”, “Dashboard”-”My Sites” (for multisite WP installation) and “Profile”-”Your Profile”.
Thus if you revoke ‘read’ capability from some user, she could not access to her profile then. Such user will get error message from WordPress just after login: “You do not have sufficient permissions to access this page”
Edit Post Expire
How to force ‘edit_post’ capability expire automatically after some period of time for all authors of your blog? You met with such limitation at forums and agree that some times such feature is useful. Did you ever think, if post edit blocking is possible for usual WordPress posts?
This plugin allows you to prohibit authors editing their published posts after preset time interval, just like the forums do.
Time interval is counted in minutes from the moment of last modification made to the post. Once preset time, e.g. 5 minutes was over, author sees just the only ‘View’ link in the posts list. Thus he can not edit or delete blocked post, inspite he is that post real author.
Plugin is simple in use as it has the only changeable parameter – time interval in minutes, after which WordPress should block access for editing to published post.
It works for all roles except “Administrator”. Look on plugin in action at screenshots and short video below.
Optimize WordPress database
Optimize WordPress database perfomance – every blog owner got this conclusion, ealier or later, but finally always.
Any site owner asks himself, how can I make my site lighter and faster. What else should I do? What technique to apply? General site speed is critical property for present days. As there are a lot of alternative variants where web-surfer may find and get the same information, large part of visitors do not wait, while their browsers finish download process of slow page. They just return to search engine and click on the next link from the huge list of available sources. This way, we (site owners) lose auditory and, as a result, have a lower traffic. And WordPress blogs are not exclusion. The same general rools are in action for our loving WordPress too. It doesn’t matter, what platform do you use, in order to build your site. It does matter, with what speed your platform delivers content to your site’s visitors.
Reliable hosting service provider; fast and powerful server; wide, high-speed, broadband, backbone channel; popular and effective publishing platform – all of these factors are important and valuable in relation to the final result – your site speed.