In my wp-config.php file, I have the line: define('DISALLOW_FILE_EDIT', true); I always include this on all sites as standard, and it's always worked exactly as expected. However, I've only just noticed that on one client's site, it has stopped working. They have the User Role Editor plugin that was set up to define a handful of custom roles. Once the roles were set up, the plugin was deactivated (it doesn't need to be active for the roles to exist) and …

I am currently using the wp_roles() function to retrieve all user roles available like this: <?php foreach (wp_roles()->get_names() as $role) { echo translate_user_role( $role ); } ?> How would I retrieve an array/list of all custom roles that I've created without the default roles (Administrator, Editor, Subscriber, etc) included?

If a user has an author role and is listed as the author of a page, when they make changes to the page and click update, the changes are made but the iframe that was in the wysiwyg disappears and no longer shows on the back-end or front-end. If an administrator or editor makes the changes and saves it, the iframe stays. Besides changing the user role to editor, how do I prevent the iframe from disappearing? I tried having …

I would like to set up some restrictions on how some roles can access given posts to edit in Dashboard. I have a custom post type affiliates having 2 nested levels. Custom Role User Editor should be able to edit under a level all posts but the normal editor should have access just on items defined by a custom field relation user - post_id Is there an easy way to implement this

How to change or add user role after getting post request data about pay? qiwi2.php file in theme folder: <?php include($_SERVER['DOCUMENT_ROOT'].'/wp-load.php'); $qiwi = [ "public_key" => "*", "secret_key" => "*", "successUrl" => "https://someurl/" ]; $secret_key = $qiwi['secret_key']; $sha256_hash_header = $_SERVER['HTTP_X_API_SIGNATURE_SHA256']; $entity_body = file_get_contents('php://input'); $array_body = json_decode($entity_body, 1); $amount_currency = $array_body['bill']['amount']['currency']; $amount_value = $array_body['bill']['amount']['value']; $billId = $array_body['bill']['billId']; $siteId = $array_body['bill']['siteId']; $status_value = $array_body['bill']['status']['value']; $account = $array_body['bill']['customer']['account']; $invoice_parameters = $amount_currency."|".$amount_value."|".$billId."|".$siteId."|".$status_value."|".$account; $invoice_parameters=(string) $invoice_parameters; $sha256_hash = hash_hmac('sha256', $invoice_parameters, $secret_key); if (!empty($sha256_hash_header) && strcmp($sha256_hash_header, $sha256_hash) …

How and where, can i make function, that will redirect user (if it's not admin) to my specific URL? (the same - when logged user type /wp-admin URL.)

How can I make it so that new posts will be automatically private, except visible to other users which have the same user role as the post author?

I've tried reading all the questions about this topic, and configured the code to fit my needs, but can't seem to get it to work. This is the code I have now: function my_exclude_custom_fields( $protected, $meta_key, $user ) { $user = wp_get_current_user(); if ( in_array( 'udlejer', (array) $user->roles ) ) { if ( in_array( $meta_key, array( 'email', 'text' ) ) ) { return true; } } return $protected; } add_filter( 'is_protected_meta', 'my_exclude_custom_fields', 10, 2 ); It doesn't make any change. …

One of our websites includes an online store, which alongside phone sales is one of two ways customers can purchase our products. All of our customer info is stored in a program called Orderwise, which assigns a unique number code to each customer. Now, we've set up the ability to add an Orderwise number to user info on the website, so I've been trying to set up a role which will allow the sales department to get through to the …

I've reordered the admin menu items through: function custom_menu_order($menu_ord) { if (!$menu_ord) return true; return array( 'index.php', // Dashboard 'edit.php?post_type=page', // Pages 'edit.php?post_type=sp_faq', // FAQs 'gf_edit_forms', // Forms 'woocommerce', // Woocommerce 'edit.php?post_type=product', //Products 'edit.php', // Posts/News 'edit.php?post_type=event', // Events 'upload.php', // Media 'themes.php', // Appearance 'plugins.php', // Plugins 'users.php', // Users 'tools.php', // Tools 'options-general.php', // Settings ); } add_filter('custom_menu_order', 'custom_menu_order'); // Activate custom_menu_order add_filter('menu_order', 'custom_menu_order'); This works great for the Admin user role, however, does not work for other …

I would like to allow contributors to upload a file. So I use this recommended plugin WP Role Editor After activated, I go to the plugin from User > User Role Editor and then select contributor in the selection dropdown. After that I put a check on upload_files and hit update. Then, I login with contributor account to test uploading a file. Great, I see the media upload button but when I click to upload a file, I get this …

For the contact form of my own theme I have created a Custom Post Type in which the messages of the users are automatically stored. In the administration area the messages can be read similar to comments. By doing this, you can create, change and delete messages in the administration area. All these functionalities should be prevented, so that only the reading of the messages remains possible. I tried to achieve this by giving the custom post type its own …

Im currently using User Role editor to modify permission for the user role. I'd like to be able to restrict the role from publishing a post. They can save the draft but they should not be able to publish. Is there a better way to do it?

I am working on a Wordpress installation where we recently decoupled the frontend into a NextJS application that is no longer hosted on the same domain as the admin. We are accessing data etc through the API. That's been fine for non-logged in users viewing posts etc. But recently we realized that the "preview post" functionality has been broken, because users who are logged in on the admin side are no longer logged in on the frontend. So they can't …

I am trying to hide almost every single admin menu from wordpress dashboard for a specific user id who has administrator role. I want to give that user only option to edit a certain custom post type named lessons and other custom post type Events. I am using LMS wordpress theme from themeforest by designthemes. I am not sure why this theme just don't give access to the WP-admin for other role except administrator, like Editor, Contributor etc. So I …

I am creating a Super Admin role in wordpress Roles. $capabilities=array(); add_role('Administrator', 'Administrator', $capabilities ); add_role('Super Admin', 'Super Admin', $capabilities) ); So while adding a new user I got the Role Option Super Admin. So I added a Super User . Now When I login to wp-admin It gives me error saying: you do not have sufficient permissions to access this page. What more I have to do to make it work. I dont want to use any pluggin. I …

I have some custom user roles for proofreaders which do not have the capability to create posts of my custom post types. Unfortunately I am unable to find out how to remove that capability for the bulit-in post post type. The Members plugin does not show the create_post argument, so I can't set it do deny (false). Thanks for your help.

I want to add a custom field in the wordpress custom post type, such that this field dynamically fetches the value of the author role. Purpose - I want to add this custom field so that I can filter custom post types based on the user role of the author of the posts, that is editor, subscriber, etc. What have I tried? Well, I looked up the solution on Internet but couldn't find one and I am not that great …

I want to be able to change the WordPress default logo url (not the logo image) based on the user role. The image/logo will remain the same, only the url will change. Any assistance or ideas will be greatly appreciated.

I need to create a system in which I have 2 types of users: Company User (C) and Employee User (E). I need C to be able to register as many E as necessary and for C users to be able to publish articles that will only be visible to E users, children of C users. I figured it would be possible to do this with meta fields so I created the ACF DAD and CHILD field with Jet Engine …