How to allow visitors add files to media lib

Just allow folks to register and post at contributor level.

The contributor role can’t upload by default.

@fukr

To just go right ahead and answer your question, you may be able to add something like this to your current themes functions file:

if ( current_user_can('contributor') && !current_user_can('upload_files') )
    add_action('admin_init', 'allow_contributor_uploads');
function allow_contributor_uploads() {
    $contributor = get_role('contributor');
    $contributor->add_cap('upload_files');
}

I quickly tested that (although it was on on a WP 3.6 beta test site, if it makes any difference) and it does indeed allow the role of contributor access to the media up-loader – but please read on..

The alternative – and perhaps the preferred method – might be to use a role management plugin like Role Scoper to fine tune your choices.

Here’s a source link to a discussion on a very similar topic, as well as for the example I used. You can alter the code to suit your needs. Allow contributor role to upload images

One thing about doing this in your functions file: Once you add the code that gives the role additional capabilities, even if you later decide to remove the code, the user capability will more than likely remain attached to the role. It won’t be removed when you remove the code. I recommend you try the plugin solution first. I personally like User Role Editor. I find it very intuitive, but you can experiment until you find what suits your needs. Be cautious, and experiment with your results to avoid unwanted results or excessive user access. Good luck!

@clayton, how is this helpful to the OP? What is your point above? Did you actually read what they want: Let any site visitor upload media? Why are there roles? Did I miss the point in this? The simple fact that a user can upload is the security issue…I will not argue that with anyone…once the file is uploaded…end of story?

@fukr

You’re welcome. I hope it works out well for you. Good luck!

@seacoast Web Design

Well, I can genuinely see this as probably being my last post here in the forum.

@clayton, how is this helpful to the OP? What is your point above?

I think the point you may have missed, is that it isn’t your decision to tell people what they can or cannot do with their own time or web space. You spend so much time injecting your own philosophy, that you seem completely disinterested in the fact that you’re responding to a request for information and assistance. Either help answer questions and let people learn from the positive and negative aspects of their own decision making processes, or not. But don’t proselytize. Your way isn’t the only way. And as someone who obviously must have their own business and online web service, you don’t seem to think much about how it’s going to reflect on your reputation.

You’ve pointedly, and repeatedly, made it clear when you don’t like what someone wants to do, and when you don’t like a user name, so just move past it already.

Okay.. what the hell. In for a penny, in for a pound, right?

Everyone has the right to experiment with, get advice about, seek assistance with, and ultimately make their own decisions about what’s right for their own web space. Hopefully that ends up being an informed decision. They pay the bill after all, not you.

Why are there roles?

Perhaps your question could be taken a little more seriously if it were “Why are there role management plugins?” instead. Take a minute to think about that one.

The simple fact that a user can upload is the security issue…I will not argue that with anyone…once the file is uploaded…end of story?

Really? You’re about half right, but I don’t see where anyone has asked you to argue about it.

The onus falls to the website admin – especially on any website with user contributed content – to monitor what’s actually going on with that content. That’s one of the reasons why hosting services, as well as innumerable third parties, offer virus and malware mitigation products. You know, to scan files on your web site. It’s in their best interest to do so. So no… Not end of story. Just the beginning of more responsibility.

Clayton, how is this helpful to the OP? What is your point above? Did you actually read what they want

Geeze.. that one makes me grind my teeth. It shouldn’t, but since I’ve committed myself to responding:

Did you actually read what they want

Certainly, I read the request. Like anyone, I’m completely capable of misinterpreting the perspective or intent of a situation on occasion. I seem to have that very same question about you sometimes, so take a minute and re-read this thread, and ask yourself how you were being helpful to @fukr. Not a single one of any of your 6 responses in this thread even attempts to provide any constructive information.

You know, it’s funny; I’ve often noticed a disparity of syntax in your forum replies that has left me with the feeling that more than one person may be accessing your forum account. On the other hand, I wonder sometimes if I’m just failing to recognize that English may not be your primary language. If that’s the case, then my apologies for not expressing my thoughts in a way that (one of) you could completely follow.

Be well, best wishes, good luck, and keep up the good work!