Support » Fixing WordPress » Hiding email addresses in dashboard

  • When users with access level of any more than subscriber go to the dashboard, they are able to click on the comments tab and see a list of all the comments made. My problem is, that this view also shows the email addresses of those who made the comment, and that brings privacy issues. Normal comment view seen from the post itself only shows name/nickname, not email address.

    Is there a way to turn off the ability to view comments or at least turn off the comment writers email address at contributor/author level?

    I downloaded the role manager plug-in but don’t see the solution defined in those list of responsibilities.

Viewing 15 replies - 1 through 15 (of 24 total)
  • Thread Starter jwesseldyke

    (@jwesseldyke)

    Nobody has encountered this issue before? A blog with multiple authors/contributors must be able to block email and ip addresses from everyone but admin. Every author/contributor has access to the comments screen in dashboard — not to moderate, edit, or delete — but just to read, and in that list of comments is everyone’s “private” email address… This is a real privacy issue.

    so you trust people to pollute your domain name with their posts, but not to monitor/respond directly to those who comment on their articles?

    I think that most admins consider authors to be part of the staff.

    When you comment on a post, you’re commenting to the author, not the admin. Therefore when you submit an email address, who’s at the front of your mind?

    The faceless admin, or the author? – if I’m commenting I’m giving my email address to the author, and that dictates which email address I give, and whether or not it’s real.

    Thread Starter jwesseldyke

    (@jwesseldyke)

    OK, first, that response is not helpful in the slightest. Use your energy to solve a problem, not argue with it’s usefulness or relevance.

    However, let me explain further. Authors/contributors STILL should not have access to email addresses of those commenting on OTHER posts, or, frankly, to their own if the user commenting doesn’t choose to be identified by the author.

    A privacy policy of “We will never give out your email address” is invalid if other people can see and use those email addresses inappropriately.

    I’m only suggesting that if the owners of a site vow to not carelessly handle email addresses and contact information, they should be able to shut that off in that dashboard.

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    No, WordPress does not have this ability. Like Ivovic said, if they have access to edit posts, then they have access to edit comments as well. There is no separate capability for this.

    Also, your authors and contributors should be bound by your privacy policy as well, because the “We” in “We will never give out your email address” applies to everybody posting on your site.

    So… sorry, but no. If you don’t trust your authors and contributors, then they probably shouldn’t be authors and contributors.

    OK, first, that response is not helpful in the slightest.

    Actually it is helpful, because it conveys what I believe to be the reason no such feature exists.

    You’d do better to be a little more appreciative of people’s posts in your threads, because even if they’re genuinely NOT helpful, at least they bump your post and perpetuate discussion.

    That in itself is helpful, even if you don’t like the response.

    You’re welcome.

    Ivovic, you weren’t particularly helpful.

    I was asked by one of my authors on a blog why they could see the IP addresses and emails of all commentors. I had no answer for this, her response was, “well if I can see them, everyone else can!”

    I assured her that all ‘normal’ subcribers cannot view this, but the harm has been done in my opinion, and she has told everyone else that there are security issues on the site.

    Yes, I appreciate that you will usually only have trusted authors on ones site, but can you not imagine a situation where you might not? I certainly can.

    Here is just one, that I have:

    A blog which invites multiple authors, and sets the default level of new members to “contributor” and, while moderating their posts – thereby NOT, as you so inaccurately put it “pollute your domain name with their posts” they are in essence ‘on trial’ – should they be able to view the email addresses of all your other members AND those who make comments???

    No, they should not. Why else do you suppose you get all those spam registrations from Russian email addresses. I always wondered “why spam registrations?” but now I know, in case you have set the initial new member status to “contributor” or higher, then they can scrape all the active email addresses from the “comments” section. This is, in my opinion, a massive security hole, and one which needs plugging, or at least some advice as to how we can do this ourselves.

    Which is what the original poster was asking for. So yes, your comment was entirely unhelpful.

    I, too, would like a solution to this issue.

    Otto42, should we REALLY have complete trust of contributors?

    What, then, is the point of the “author” “editor” “admin” roles?

    Contributor is clearly supposed to be a lower form of membership, where you are not yet trusted (all your posts must be moderated etc) so these people should not be allowed to spam everyone who has EVER left a comment on your site. I can think of any number of scenarios where this could happen.

    So please, try to think of a way that we can prevent this from happening, or say nothing at all.

    I’m looking for a solution to this also. Just upgraded to 2.3 from 2.06. In 2.06 I modified the user role number to enable only users above a certain number to be able to access the “manage” in the dashboard which is where the comment listings were. Now the comment listing is separate from “manage”.

    I agree that this is a security issue. The comment form says the email will not be “published”. This implies it will remail hidden from other users and viewers except the admin. My blog allows anyone to be a contributor so that means the email is not being kept private.

    Does anyone know of a way to limit access to the comment listings in dashboard to only users above a certain “setable” level or to just the admin level? Your help on this is appreciated.

    I believe I found the answer to this problem. The plugin is here:

    http://www.laboratoriocaffeina.it/development/2007/07/20/restrict-authors-access-to-edit-comments-the-plugin.html

    Looks like you can restrict access to the dashboard comments section to users below level 9 or change that in the code to whatever you want.

    I just downloaded and activated in wp 2.3 and then signed on with a level 5 user and I was prevented from accessing the dashboard comment section.

    You also cannot edit your own comments once posted. If would be nice like some sites do that you have a few minutes to makes corrections. But I suppose that is why I put in a preview section.

    Anyway this is a solution, albeit not perfect.

    nope, you can still go in through the dashboard manage and click on individual posts and see the comment email addresses.

    so the above solution does not solve the problem.

    if anyone gets any further on how to keep comment emails completely private except for the administrator, please post here. Thanks

    ok I think I found a workaround for this.

    first download and activate this plugin

    http://www.laboratoriocaffeina.it/development/2007/07/20/restrict-authors-access-to-edit-comments-the-plugin.html

    that will prevent only editors and admin from accessing “comments” in the admin section

    then edit “edit.php in wp-admin (make backup first)

    I changed this:

    <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email() ?>

    to this

    <?php if ($comment->comment_author_email) { ?>| <?php comment_author_url_link() ?>

    so in the “manage” of the admin section when you click on the comments link, the comments show the url that was given twice instead of the email.

    Please post here if anything comes up to make this hack a problem or if it still doesn’t hide comment emails from everyone except editors and admins.

    Moderator Samuel Wood (Otto)

    (@otto42)

    WordPress.org Admin

    Otto42, should we REALLY have complete trust of contributors?

    Uhhh.. You’re not giving them complete trust, but you’re giving them enough trust to actually put their words up on your site. It seems to me that that’s a higher level of responsibility than just allowing them to see email addresses.

    Email addresses are not some kind of major secret. If you don’t want people who are actually in your organization to see them, then don’t accept them at all. Remove the email input box, don’t require it at all.

    Quite frankly, I think this conversation is ridiculous. If you can’t trust your own people to not spam others, then how in the world can you trust them to actually write material for your own site? It doesn’t make any sense.

    Still, if you have some pressing need… create a new capability, called “edit_comment” or something. Change edit-comments.php to use edit_comment instead of edit_post where it does all the checks. You may need to make changes to comment.php as well (also in the wp-admin folder). Then use the roles/capabilities plugin to give that capability to some users. Done and done.

    So please, try to think of a way that we can prevent this from happening, or say nothing at all.

    First off, don’t ever tell me what to say. I speak my mind as I see fit. Saying such a thing to me in real life would gain you a punch in the nose, so I suggest you keep that in mind when telling other people what to do in the future.

    Secondly, do not tell other people on these forums what they may or may not comment on. If you disagree with what somebody says, then either say so, speak to the mods if you think it’s necessary, or leave. But do not attempt to moderate other people yourself. That’s the mods job, not yours.

    Otto42

    my blog is not an “organization”, it is a local political blog. Unfortunately people will use your posts against you in unfair ways if you identify yourself in our community. It is possible it could lead to something worse like loss of your job, being stalked, etc. Requiring an email address and then allowing anyone who subscribes to the site to see that address prevents anonymity.

    I know a fake address could be given, but I want to assure my content providers and commentors anonymity if they so desire.

    I have the same issue as bushtool.

    I run a blog where people are writing about concerns and do not want others–even perhaps some contributing authors–to know who they are. I should be able to respect their privacy.

    It isn’t necessarily about thinking the contributors will send spam. It is about them knowing who all the commenters are.

    As is, I can’t post a privacy policy telling them their emails will not be shared with others.

    Some contributing authors have expressed dismay, since they realize they should not be seeing the emails of anonymous commenters.

    This is not a non-issue. It affects some of us very seriously. I love WordPress, and frankly, I think allowing contributors who are not allowed to post without moderation to see every commenter’s email (which is not shown to readers) is a design flaw.

    http://wordpress.org/support/topic/143772#post-650132

    One solution to the “design flaw”…

Viewing 15 replies - 1 through 15 (of 24 total)
  • The topic ‘Hiding email addresses in dashboard’ is closed to new replies.