admin管理员组文章数量:1291214
I've built a marketplace-type site that gives users the option to post, edit, and delete listings via get_delete_post_link().
For those listings, I've set up custom post types.
The problem is that only administrators are able to delete posts. The link displays correctly, but when clicked the user either is returned to the site's home page or to the current page, but nothing happens to the post.
I'm really confused about this and have spent several hours googling and trying various solutions, but none of them worked.
Among the things I tried are:
- setting
map_meta_capto both true and false and setting up either customcapability_typeor leaving it atpost. - setting up a custom user role with specific
capability_typepermissions - installing the Members Plugin and assigning literally all available 181 permissions to the Subscriber role without any effect (i.e. when I
var_dump()the capabilities it looks exactly like an admin, but behaves differently) - logging out various checks (
is_user_logged_in(),current_user_can(),$post->post_author == $current_user->ID, etc.) - passing various combinations of arguments to
get_delete_post_link()
I'm at the end of my wits with this.
I'd also appreciate any advice on alternative methods of "deleting" my posts. I've also though about coding up a custom AJAX function, but was scared that it would fail because of the same strange permission problem (if it is a permission problem).
Thanks for your help!
I've built a marketplace-type site that gives users the option to post, edit, and delete listings via get_delete_post_link().
For those listings, I've set up custom post types.
The problem is that only administrators are able to delete posts. The link displays correctly, but when clicked the user either is returned to the site's home page or to the current page, but nothing happens to the post.
I'm really confused about this and have spent several hours googling and trying various solutions, but none of them worked.
Among the things I tried are:
- setting
map_meta_capto both true and false and setting up either customcapability_typeor leaving it atpost. - setting up a custom user role with specific
capability_typepermissions - installing the Members Plugin and assigning literally all available 181 permissions to the Subscriber role without any effect (i.e. when I
var_dump()the capabilities it looks exactly like an admin, but behaves differently) - logging out various checks (
is_user_logged_in(),current_user_can(),$post->post_author == $current_user->ID, etc.) - passing various combinations of arguments to
get_delete_post_link()
I'm at the end of my wits with this.
I'd also appreciate any advice on alternative methods of "deleting" my posts. I've also though about coding up a custom AJAX function, but was scared that it would fail because of the same strange permission problem (if it is a permission problem).
Thanks for your help!
Share Improve this question asked Apr 20, 2017 at 10:36 dtxdtx 611 gold badge1 silver badge6 bronze badges 5- Do you mean the delete link displays and work fine for administrator but for non administrator it displays but doesn't work? – Vinod Dalvi Commented Apr 20, 2017 at 12:04
- exactly like that. – dtx Commented Apr 20, 2017 at 15:51
- The user should have delete_post capability to make it work. – Vinod Dalvi Commented Apr 21, 2017 at 9:52
- The user does have that capability, the problem is that it still doesn't work... – dtx Commented Apr 22, 2017 at 15:06
- If you share your whole code in question then we can better help you. – Vinod Dalvi Commented Apr 22, 2017 at 15:15
2 Answers
Reset to default 1Same problem here, that I've fixed. If it's not you, maybe this will help someone.
Did you blocked the non-admin users from accessing to the /wp-admin Dashboard ? The link provide by get_delete_post_link() use wp-admin, so if you blocked the access to the non-admin, they can't execute the delete.
If anyone is facing the issue mentioned above by Mnstd this little patch should allow users to delete posts using get_delete_post_link() while still keeping them away from /wp-admin/
function block_users_backend() {
$current_url = $_SERVER['REQUEST_URI'];
if ( is_admin() && ! current_user_can( 'administrator' ) && ! wp_doing_ajax() && !strpos($current_url,'action=trash')) {
wp_redirect( home_url() );
exit;
}
}
add_action( 'init', 'block_users_backend' );
本文标签:
版权声明:本文标题:custom post types - get_delete_post_link() only works for administrator, even if other user has exactly the same permissions 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741502704a2382139.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论