On my wordpress plugin, I want to make a "export table as CSV" feature that can only be downloaded by the highest kind of admin.
What is the best hook to use and how to check for the permission?
<?php
add_action( 'admin_init', 'xxxxxx_admin_init' );
function xxxxxx_admin_init() {
# admin.php?page=xxxxxx_admin_page&&mode=export_csv
if ($_GET['page'] == 'xxxxxx_admin_page' && $_GET['mode'] == 'export_csv') {
if (!user_can('export')) {
die("Permission denied");
}
header("Content-type:text/csv");
echo "column\r\nvalue\r\nvalue";
die();
}
}
Thanks in advance
edit: added die(); after csv echo
Check for one of the admin abilities, like user_can('manage_options')
Wordpress Roles and Capabilities
Related
in wordpress, how to create a new user role that can only access the 'donation' sidebar function as the image below? Please help...View Image
Yes yes it is possible to do this.
You need to select the user role "Give Accountant" for the concerned user in the WordPress backoffice "Accounts" -> "All Accounts" -> Select the user and change his status.
Then you have to add these PHP instructions in your child theme
add_action( 'current_screen', 'restrict_screen' );
function restrict_screen() {
if (current_user_can('give_accountant')) {
if( preg_match('/\bindex\.php\b|\bprofile\.php\b|\bwp-admin.?$/', $_SERVER['REQUEST_URI'])) {
$current_admin = get_admin_url() .'edit.php?post_type=give_forms';
header('Location: ' . $current_admin . '', true, 301);
}
}
}
add_action('admin_init', 'disable_dashboard');
function disable_dashboard() {
if (!is_user_logged_in()) {
return null;
}
if (current_user_can('give_accountant')) {
remove_menu_page( 'index.php' );
remove_menu_page( 'profile.php' );
}
}
For user role capabilities you can also use the plugin.
Here I have shared the plugin which I like.
https://wordpress.org/plugins/user-role-editor/
I know it is a little bit longer but it is a very good plugin if in the future any changes in the requirement then the plugin will very helpful.
Here you can set the settings according to your requirement.
I want to add a little code to the "Before Header Content hook" but I don't know where that is... Can you please help me?
Try:
add_action('init', 'process_post');
function process_post()
{
echo "test";
}
this is a modified version of #ajay 's solution
if you are going to use this, then you have to make sure that the current user is not an admin using is_admin() function.. and only display it if he is not an admin ...
why !?
because if you didn't, it may mess up the wp-admin of your website..
add_action('init', 'process_post');
function process_post()
{
if (!is_admin()) {
echo "test";
}
}
This could be tricky simply because every theme differs with how the loop is displayed, however you could create a plugin to use the loop_start action, which is called before the first post of the standard WP loop:
add_action( 'loop_start', 'test_loop_start' );
function test_loop_start( $query ){
echo 'this is my inserted text';
}
Now using this would display it every single time the loop is called (whether on a page, a post, category page, search page, etc.), which you may not want.
add_action( 'loop_start', 'test_loop_start' );
function test_loop_start( $query ){
if(is_category() OR is_singular()) {
echo 'this is my inserted text';
}
}
I am trying to add a tracking mechanism to my wordpress plugin. And I want to use the WP cron mechanism. So I have an options page and when users save all options I want to use a hook to remove or add the tracking to the wp cron depending of the admins choice.
But right now I am stuck.
I have:
register_setting ( 'my-settings-group', 'myplugin_tracking');
add_action ( 'update_option_myplugin_tracking', 'myplugin_schedule_tracking' );
function myplugin_schedule_tracking($old_value, $new_value)
{
echo "Setting is updated!";
echo $old_value;
}
But this does not seem to work. I also used:
add_filter ( 'update_option_myplugin_tracking', 'myplugin_schedule_tracking' );
The option is saved in a form that posts to the options.php if that matters.
What am I doing wrong? Hope somebody can help out as I cannot find much information about doing something upon updating an option!
Thank you.
Okay this seems to work after all.
register_setting ( 'my-settings-group', 'myplugin_tracking');
function myplugin_schedule_tracking($old_value, $new_value)
{
if ($old_value !== $new_value)
{
if ($new_value == '')
{
wp_clear_scheduled_hook( 'myplugin_tracking' );
}
elseif ($new_value == 'on' && $current_schedule == FALSE)
{
wp_schedule_event( time(), 'hourly', 'myplugin_tracking' );
}
}
}
add_filter ( 'update_option_myplugin_tracking', 'myplugin_schedule_tracking', 10, 2);
add_action ( 'myplugin_tracking', 'myplugin_tracking' );
In the function myplugin_tracking you do whatever you have to do to track.
My problem was that I did not see the echo on the screen but it did appear to work after all.
Perhaps not the best code but it may be helpful for others :-)
i am using wordpress multisite and wan to hide medea which others have uploaded. Like if X User of that site have uploaded any media in the wordpress, Y User should not be able to see or access this from there login. Please help
You could try something like this.
/**
* Allow access to own content only
*/
function my_authored_content($query) {
//get current user info to see if they are allowed to access ANY posts and pages
$current_user = wp_get_current_user();
// set current user to $is_user
$is_user = $current_user->user_login;
//if is admin or 'is_user' does not equal #username
if (!current_user_can('manage_options')){
//if in the admin panel
if($query->is_admin) {
global $user_ID;
$query->set('author', $user_ID);
}
return $query;
}
return $query;
}
add_filter('pre_get_posts', 'my_authored_content');
This will only let admin and the author see the content.
You can either add it to the main functions file or turn it into a plugin.
To create it as a plugin:
Create a new file
add the code from here: http://pastebin.com/rfMLM0BU
save it as my-authored-content.php
upload it to your plugins directory.
Hope this helps you! :-)
For me works this:
function mymo_parse_query_useronly( $wp_query ) {
if(isset($wp_query->query_vars['post_type']) && $wp_query->query_vars['post_type'] == 'attachment'){
if ( !current_user_can( 'level_5' ) ) {
$wp_query->set( 'author', get_current_user_id() );
}
}
}
add_filter('parse_query', 'mymo_parse_query_useronly' );
I use this for uploaded profile picture for the user profile in front end
am newbie in wordpress.. I have installed its version 3.1.1..
I just want to know how can I make the post password protected
and how to add excerpt for it....?
Assuming you mean WordPress 3.1.1, then the answer is that on the page where you author a post there is a place to enter an excerpt. You can read more in the WordPress codex here: http://codex.wordpress.org/Excerpt
Regarding password protection, you can make a post password protected or private (different things). In a standard WP installation there is a "Publish" panel near the top right of the page that controls this. Here is the documentation: http://codex.wordpress.org/Content_Visibility
More sophisticated password protection options are available via plugins.
I was looking for a solution to make the excerpt available in a password protected post and I've found only this old / not working way, so I made my own by adding this code to your theme functions.php
function gettext_pp( $translation, $text ) {
if ( $text == 'There is no excerpt because this is a protected post.' ) {
$post = get_post();
$translation = $post->post_excerpt;
}
return $translation;
}
add_filter( 'gettext', 'gettext_pp', 10, 2 );
this way you are bypassing the filter "get_the_excerpt" that it's not used applied in case the post is password protected.
If you also need to display the excerpt before the content you can do this:
function excerpt_before_pf( $output ) {
$post = get_post();
return $post->post_excerpt . $output;
}
add_filter( 'the_password_form', 'excerpt_before_pf' );