Solution for Customize Your Community: Error on the profile page shows backend

Moeilijkheidsniveau: Geavanceerd developer, Gevorderd

I was on the phone with a client recently. She reported that some users of her WordPress website had access to protected custom profile fields.
That was strange behaviour, as I used the Customize Your Community plugin to show the edit/update profile page in the site's layout AND I had coded an if/else to show protected fields.

As this only happened to some users, say 1 out of 20, I dug deeper and stupbled upon this discussion: wordpress.org/support/topic/plugin-customize-your-community-error-on-the-profile-page-shows-backend

The root problem

It turns out that when a user produces an error, say: entering a new password, without entering the very same password (typo) in the confirmation field … the error message is shown using the default wp-admin/profile.php backend url/layout!

Potential solution

Was given by nomatteus over here , yet this is reported (over here) to not work in WordPress 2.8.6 and higher. After some digging it turns out that the $is_profile_page is not acessable.

Solution

Warning: this solution involved editing a core WordPress file: wp-admin/user-edit.php . Editing a core WordPress file is never recommended, as it potentially breaks your installation and has to be re-done every time you update WordPress ( tech note: anyone good with patch files ? Please submit one through the contact form ).

Warning: make a file backup of every file you are about to edit!

Note: Presumption: the code

$current_user->has_cap('edit_posts') === false

handles all requests from users that do not have the authorization to edit posts, so normal subscribed users ('subscribe' role). Feel free to change to whatever you like.

• Is de aanpassing voor u wat te lastig? Of heeft u weinig tijd? Laat het door een expert uitvoeren!