Solution for Customize Your Community: Error on the profile page shows backend

Moeilijkheidsniveau: ,

I was on the phone with a client recently. She reported that some users of her WordPress website had access to protected custom profile fields.
That was strange behaviour, as I used the Customize Your Community plugin to show the edit/update profile page in the site's layout AND I had coded an if/else to show protected fields.

As this only happened to some users, say 1 out of 20, I dug deeper and stupbled upon this discussion:

The root problem

It turns out that when a user produces an error, say: entering a new password, without entering the very same password (typo) in the confirmation field … the error message is shown using the default wp-admin/profile.php backend url/layout!

Potential solution

Was given by nomatteus over here , yet this is reported (over here) to not work in WordPress 2.8.6 and higher. After some digging it turns out that the $is_profile_page is not acessable.


Warning: this solution involved editing a core WordPress file: wp-admin/user-edit.php . Editing a core WordPress file is never recommended, as it potentially breaks your installation and has to be re-done every time you update WordPress ( tech note: anyone good with patch files ? Please submit one through the contact form ).

Warning: make a file backup of every file you are about to edit!

Note: Presumption: the code

$current_user->has_cap('edit_posts') === false

handles all requests from users that do not have the authorization to edit posts, so normal subscribed users ('subscribe' role). Feel free to change to whatever you like.

Suggestie? Vraag of opmerking? Laat het ons weten!

Plaats hier je bericht

Reacties (0)