WordPress.org

Ready to get started?Download WordPress

Forums

Delete post without access to wp-admin (5 posts)

  1. eddioot
    Member
    Posted 2 years ago #

    I disabled wp-admin with a plugin because i don't want it to be accessed by any non admin user.

    The problem is that i want my authors to be able to delete their own posts with the link:

    <a href='" . wp_nonce_url("wp-admin/post.php?action=delete&post=$id", 'delete-post_' . $post->ID) . "'>

    The problem is that this link needs access to wp-admin so the users cannot delete their posts now.

    Is there a workaround to keep wp-admin disabled for authors but still let them delete posts from the frontend?

  2. Jonathan Dingman
    Member
    Posted 2 years ago #

    There is certainly a way to achieve it, but you're going to need to figure out how to generate the _wpnonce= on demand.

    You can setup a URL like this:

    http://domain.com/wp-admin/post.php?post=2124&action=trash&_wpnonce=d2a8f49175

    Then dynamically insert then post=#### in there, but again, you'll need to figure out how to generate the _wpnonce properly.

    Also, since wp-admin is disable for non-admins, how are they even writing a post to begin with? Seems fairly counter-productive to disable wp-admin entirely. Are you concerned about security or such?

  3. eddioot
    Member
    Posted 2 years ago #

    Hi Jonathan,

    The posts are created through a form on the frontend. It is a website where everyone can register and upload. I don't want them to see the wordpress backend :)

    I will look into your suggestion!

    Thanks.

  4. Marventus
    Member
    Posted 2 years ago #

    Hi there. I think doing it that way would lead to unnecessary complications, not to mention the dangerous hacking potential you would be exposing yourself to.
    Is there a particular reason why you don't want your authors accessing the back-end?
    Because if you manage your roles wisely (there are several plugins for that, such as Role Manager or Capability Manager), they could delete their posts from the admin section instead.
    If you are worried about them deleting other people's posts, that would just not happen if your roles are properly configured, so they would only see their posts (and comments to their posts, if allowed).
    Role Manager: http://sourceforge.net/projects/role-manager/
    Capability Manager: http://wordpress.org/extend/plugins/capsman/
    Cheers!

  5. bythegram
    Member
    Posted 2 years ago #

    This page might help
    http://voodoopress.com/edit-and-delete-posts-from-front-end-with-no-plugin/

    I wasn't able to get the edit feature to work but the delete feature does for sure.

    Best of luck!

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags

No tags yet.