Plugins Language Switcher 1.4 is published

May 22nd, 2012

Plugins Language Switcher

Plugins Language Switcher

Plugins Language Switcher WordPress plugin version 1.4 is published May, 22nd, 2012.
I extended plugin’s users base. While administrators only used this plugin earlier, any registered user with ‘edit_posts’ capability can use “Plugins language switcher” now. Starting from version 1.4, look for “Plugins language switcher” menu item under “Tools” submenu.

User Role Editor 3.6.1 is published

May 7th, 2012

User Role Editor

User Role Editor

User Role Editor WordPress plugin version 3.6.1 is published at May 7th, 2012. It is not major update and it doesn’t contain any new features in the code and functionality. What’s new?
- Italian translation was updated. Thanks to Tristano Ajmone.
- Help link was added to edit_plugins user capability at User Role Editor capabilities management page.

edit_plugins WordPress user capability

May 6th, 2012

edit_plugins WordPress user capabilty

edit_plugins capabilty

This capability is self-explained and self-documented. It does that what it has in its name, really. If user has edit_plugins capability, he get access to the “Editor” menu item at the “Plugins” submenu of administrator back-end system menu. Of course, user should have “activate_plugins” capability too, as without such capability he could not access top level “Plugins” menu item. That is correct for single-site WordPress installation only.
For multi-site WordPress configuration:
1st, you should have super-admin privileges in order to be capable edit installed plugins files,
Read the rest of this entry

edit_files WordPress user capability

April 27th, 2012

edit_files is deprecated WordPress user capability

deprecated capability

edit_files WordPress user capability introduced into WordPress since version 2.0 is not used anymore. It is added into current WordPress database schema for backward compatibility purpose with old themes and plugins, but no one line of WordPress core code uses this capability to take real decision about user’s permissions, allow or prohibit some operation.
Thus, I classified edit_files capability as deprecated and show it at User Role Editor plugin similar way as other deprecated capabilities like ‘level_1′, ‘level_2′, etc., that is hidden by default.
To see deprecated capabilities list at User Role Editor turn on “Show deprecated capabilities’ checkbox at the top of role editor form.

Limit Comments moderation, part 2

April 22nd, 2012

Limit comments moderation part 2

Limit comments moderation 2

We have discussed couple of tricks to limit comments moderation in this post already and know how to hide comments moderation links and commands from user. In this post we will see:
- how to show comments to the user with ‘Author’ role from his posts only;
- how to exclude unneeded views from ‘Comments’ page, left just ‘Approved’ for example.
Read the rest of this entry

WordPress 3.3.2 Security Update

April 22nd, 2012

wordpress 3.3.2 security update

WP security update

WordPress published version 3.3.2. It is critical security update. According to WordPress Developers Blog, three external libraries included in WordPress (Plupload, SWFUpload, SWFObject) received security updates. WordPress 3.3.2 also addresses:
- Limited privilege escalation where a site administrator could deactivate network-wide plugins when running a WordPress network under particular circumstances.
- Cross-site scripting vulnerability when making URLs clickable.
- Cross-site scripting vulnerabilities in redirects after posting comments in older browsers, and when filtering URLs.
Full list of changes made in version 3.3.2 is available here.
PHP delevelpers could see changes in source code directly using this link.
If you didn’t install this update yet, consider to do it right now. It’s very important to defend your lovely blog as much as possible.
Read the rest of this entry

Preview others posts without edit

April 11th, 2012

Preview Others Posts Without Editing

Preview Others Posts

You can preview others not published yet posts in case you can edit them only. This is WordPress behavior by default. Suppose, you decided to change that, and give some users or role ability to read others posts in read-only mode, not giving them ‘edit-others-posts’ capability.
You will need to add a new user capability, modify one file from WordPress core and add little piece of code to your theme functions.php file. Are you ready? Let’s go!
Read the rest of this entry