I would like to ask if someone can help me with this question. I can't find anywhere how to do it.
I have a website with Wordpress as a CMS. I use the plugin Restrict Content Pro to restrict access to exclusive content.
I share the post in freemium mode.
And now the question:
How could I restrict access to post comments?
I guess through something in the php code, but I don't know how.
Can anybody help me?
Thank you!
I don't use this plugin myself, but just found a good looking tutorial. Apparently, you restrict access to comments in the same way that you restrict access to anything else: By only outputting it in the theme files when the user has access to it. For example, the TwentyTwentyOne theme has a file "comments.php", which starts like this:
/*
* If the current post is protected by a password and
* the visitor has not yet entered the password,
* return early without loading the comments.
*/
if ( post_password_required() ) {
return;
}
$twenty_twenty_one_comment_count = get_comments_number();
?>
You can easily add another check beneath the password check:
/**
* Check if the user has access, don't output the comments if they don't.
*/
if ( !rcp_user_has_active_membership() ) {
return;
}
Of course, instead of returning you can also output something along the lines of "get a membership to see the comments".
The tutorial I found lists different ways to check for a membership, a paid membership and more special checks.
Two more things:
Be sure to check if there are other places where comments are displayed. That very much depends on how the WordPress theme is built.
Don't just change the theme if it comes from an external source, e.g. if it might receive updates in the future. In that case create a child theme and make your changes there instead. You can read more about child themes in the Theme Handbook.
Related
I encountered a problem while sending a link to my new Wordpress site to a friend. While the link on every other platform shows exactly the same description, as it should. Discord, on the other hand, puts author above description so that when the link is sent it sais:
[mydomain.com]
admin
[description]
It is not that much of a problem but I think that it should not take a place, especially when I often link lot of things on discord.
Adding this block of code to your wordpress functions.php (use child theme if necessary)
This is the shortest method of removing the data that discord pulls in though it will remove the data from being view from every site that wants to embed a link.
/* Disable oEmbeds author name & author url ~ Stops Showing in embeds */
add_filter( 'oembed_response_data', 'disable_embeds_filter_oembed_response_data_' );
function disable_embeds_filter_oembed_response_data_( $data ) {
unset($data['author_url']);
unset($data['author_name']);
return $data;
}
Note this was taken from another post on stackOverflow and isnt my own code : there is also a more compliacted solution on this thread as well. original post
This can also have so negative effects on SEO due to not sharing the data, and we all know google loves data.
An alternative solution is to set the author of the post to the site name rather than the admin user.
Side note you really should change your username from admin to something less generic so a potentual hacker has to work out the username as well as the password.
Yesterday I installed a new theme on Wordpress on my self-hosted website. I am aware of the feature that allows you to preview a theme and have used it to select a new Theme that I want to install.
Problem
I do not want to interrupt normal operations of my website, but this new theme requires a lot of customization before it is ready to go. How do I do this?
My Crappy Solution
Is the only way to go about it to run a virtual server on my desktop? This seems tedious, not to mention all the errors I usually get when switching to the "real" server when doing this.
A better way?
I've been searching on SO as well as the WordPress Forum for an answer as to how to do this, but have come up short. I would have thought this is a common question. Maybe I'm using the wrong search terms [themes, customization, before installing]???
Any help is greatly appreciated! Thanks!
Ok, since your question is a pretty good one and probably not a few people are going through the same process when they decide to update their site, I decided to give a try to the get_stylesheet and get_template filter hooks. It turns out that with a very small plugin, you can easily enforce a specific theme(well in this case any logged-in visitor, but you can change this to use any logic you want) according to a specific rule/s.
Here's the code that you need to put in a file in your plugins directory:
<?php
/*
Plugin Name: Switch Theme
Description: Switches the theme for logged-in visitors, while keeping the current theme for everyone else. !!!NOTE!!! Please back-up your database prior using this plugin - I can't guarantee that it will work with any theme, nor that it won't break your site's set-up - USE AT YOUR OWN RISK(I did a quick test and it seemed to be fine, but haven't done extensive testing).
You don't need to switch to the desired theme before that - you want to keep active the theme that you will display to your visitors - the one that you will see will be used programatically.
Before activating the plugin, change the line that says `private $admin_theme = '';` to `private $admin_theme = 'theme-directory-name';` where "theme-directory-name" is obviously the name of the directory in which the desired theme resides in.
*/
class MyThemeSwitcher {
private $admin_theme = '';
function MyThemeSwitcher() {
add_filter( 'stylesheet', array( &$this, 'get_stylesheet' ) );
add_filter( 'template', array( &$this, 'get_template' ) );
}
function get_stylesheet($stylesheet = '') {
if ( is_user_logged_in() && $this->admin_theme ) {
return $this->admin_theme;
}
return $stylesheet;
}
function get_template( $template ) {
if ( is_user_logged_in() && $this->admin_theme ) {
return $this->admin_theme;
}
return $template;
}
}
$theme_switcher = new MyThemeSwitcher();
So - first of all BACKUP YOUR DATABASE! I tested locally with Twenty Eleven being the default theme and a basic framework theme as my custom theme - the theme options and navigation menus were saved properly.
Then all you need to do is to update the file(change the line that says private $admin_theme = ''; to private $admin_theme = 'theme-slug'; where theme-slug is the name of the directory in which the theme you want to use is).
Also - you won't be able to change the Front page and Posts page options, without this affecting the live site, nor will you be able to change the any shared components that both themes use(Site name, Front Page, Posts page, Posts Per Page, etc options, content and so on).
So if you have no clue whether this solution is for you - well, it depends.
If both themes are not relatively complex, then most-likely you should be able to use this hack. If they are though maybe you should do a second installation of your website as others suggested - I think that a second installation in either a sub-domain or a sub-directory would be the best option for you(simply because moving a multisite database is more complex than moving a normal WP database).
I'd setup local apache server with a wordpress installed to customize and test a new theme. When you finished customizing it then you can upload the theme to your live site and activate it. If there are settings that you need to set in the dashboard then you probably will have to adjust them again. That's one way to test/customize a theme before putting it live.
You could create a network (make WordPress multisite with define('WP_ALLOW_MULTISITE', true);, see : http://codex.wordpress.org/Create_A_Network) and then create one sub-site, then turn it "off" with a Maintenance plugin so it is not accessible to users not logged in as admin, export your posts & data from main blog, import them in sub-blog with WordPress default importer, then apply your new theme to this sub-blog and work on it. When everything satisfies you, apply the theme to the main site and deactivate subsite.
Here's what I've been trying to figure out how to do for hours now.
I want the author role to be able to upload content into the media library from their posts, and to be able to view the entire media library. What I don't want is to let the author role delete any media, even their own.
I've thought about automatically switching authors to a 'media' user upon upload completion, but I was hoping there'd be a cleaner way.
Any ideas?
There's no built-in capability for "delete_media." I think this is encompassed by "delete_posts," since uploads are treated as posts. (Note that authors can delete only their own posts and attachments.)
Adding a role or capability is possible, but you'd have to replace the default media admin screens, where the delete action is controlled by the "delete_posts" cap. You don't want to mess with the core files upload.php etc. So you'd have to restrict access to them, then write your own panels for authors. You probably don't want to do this. :-)
There's a better way, however. If you assign uploads to an administrator when they are saved then authors will not be able to delete them. You can use the add_attachment and edit_attachment action hooks to change the post_author to an administrator id.
Hope that helps.
There are a number of places where WordPress will let users delete images, so trying to hide them all can be challenging (and dangerous, because a new plug-in or version of WordPress could add another). However, you can add the following function to prevent deletions and throw an error (not pretty, but effective). You could enhance this by adding a custom capability for deleting images, if you wanted a finer level of control.
add_action('delete_attachment', 'DontDeleteMedia', 11, 1);
function DontDeleteMedia($postID)
{
if (!current_user_can('manage_options')) {
exit('You cannot delete media.');
}
}
add this code in your functions.php file:
add_action('media_row_actions','users_own_attachments', 2, 1);
function users_own_attachments( $wp_query_obj ) {
if( !current_user_can( 'delete_plugins' ) ){
unset($wp_query_obj['delete']);
return $wp_query_obj;
}
}
how to change the link in the wordpress email with newpassword?
this information we get when we click on forgot password.
username : admin
password : admin
http://www.example.com/wp-login.php
here i want to change this url "http://www.example.com/wp-login.php" and set my own url... how can i do?
some reference code:
if ( !function_exists('is_user_logged_in') ) :function is_user_logged_in() {
$user = wp_get_current_user();
You can hook into the retrieve_password_message filter
function someFunction($message, $key){
}
add_filter('retrieve_password_message', 'someFunction');
You would then have to use the "someFunction" function to parse the $message variable and change the link.
The message variable contains the entire message. So you could simply trim the message based on the number of characters then tack on your new link...
HTH
(Untested)
Using hooks would be my first thought so that you wouldn't have to edit any core files, however I have used the SB Welcome Email Editor plugin a couple times for this exact reason. Their are a couple plugins like this out their and they are fairly light weight and allow full customization of all Wordpress generated emails.
Try using a plugin such as Theme My Login, which does everything for you.
Editing core wordpress files is never a good idea, when updating wordpress, you'll loose all your work.
You can simply follow steps if you want to edit your code file.
Go to your wordpress folder. Look for the following files:
1. /wp-login.php
2. /includes/functions.php
Change the all the codes which contains wp-login.php into your custom URL.
for example: admin.php or client-login.php
Now you can changed your login/signup URL into your custom URL.
Known issue: You can find some database error if you make any mistakes. Just refresh the page and try with the customized Url it will work...
Example site I used here : http://androideveloper.com/admin.php from http://androideveloper.com/wp-login.php
Cheers.
I'm in the process of making some improvements to a live Drupal site that's using the Domain Access module to run a number of microsites. I'm trying to find a way of restricting the menus a user can post content to from the node edit screen. A user on one of the domains should only be able to post content to menus associated with that domain.
Is there a simple way of achieving this? I'm guessing there are some hooks I could use, but so far I have been unable to identify them. I'd prefer not to have to install further modules to achieve this and to be able to add some code to the current site to alter the forms. The site is struggling with the large number of modules we've had to install on it already.
According to the readme for the module, you need to set some specific permissions in user management:
To enable this feature, you should grant the 'edit domain nodes' and
(optionally) the 'delete domain nodes' permission to some roles. Then assign
individual users accounts to specific domains to assign them as Domain Editors.
From my experience many moons ago with the module, you can check the global $user object and figure out what domains the user should have access to. You can then use a form alter to remove any options from the select box that you don't want them seeing. As always with Drupal though, it's better to let someone else write the code - so if the Domain module provides this functionality, use it!
Here is some updated code for Drupal 7:
/**
* Implements hook_form_FORM_ID_alter().
*/
function MYMODULE_form_page_node_form_alter(&$form, &$form_state) {
global $_domain;
if (isset($_domain['domain_id'])) { // only display domain's primary links
$menus[domain_conf_variable_get($_domain['domain_id'], 'menu_main_links_source')] = $_domain['sitename'].' Main menu';
}
if (isset($menus)) {
$options = menu_parent_options($menus, $form['#node']->type);
$form['menu']['link']['parent']['#options'] = $options;
}
}
Eventually found a way of fixing this for the particular project I have been working on: in module_form_alter I've added the following:-
global $_domain;
if (isset($_domain['domain_id'])) { // only display domain's primary links
$menus[domain_conf_variable_get($_domain['domain_id']
,'menu_primary_links_source')] = $_domain['sitename'].' Primary links';
}
if ( isset($menus) ) {
$options = menu_parent_options($menus, $form['menu']['#item']);
$form['menu']['parent']['#options'] = $options;
}
This restricts the menu options to just the current domain's primary links menu which is just what we wanted.
Thanks to Fabian who pointed me in the right direction earlier.