WordPress.org

Ready to get started?Download WordPress

Forums

Hiding email addresses in dashboard (25 posts)

  1. jwesseldyke
    Member
    Posted 6 years ago #

    When users with access level of any more than subscriber go to the dashboard, they are able to click on the comments tab and see a list of all the comments made. My problem is, that this view also shows the email addresses of those who made the comment, and that brings privacy issues. Normal comment view seen from the post itself only shows name/nickname, not email address.

    Is there a way to turn off the ability to view comments or at least turn off the comment writers email address at contributor/author level?

    I downloaded the role manager plug-in but don't see the solution defined in those list of responsibilities.

  2. jwesseldyke
    Member
    Posted 6 years ago #

    Nobody has encountered this issue before? A blog with multiple authors/contributors must be able to block email and ip addresses from everyone but admin. Every author/contributor has access to the comments screen in dashboard -- not to moderate, edit, or delete -- but just to read, and in that list of comments is everyone's "private" email address... This is a real privacy issue.

  3. Ivovic
    Member
    Posted 6 years ago #

    so you trust people to pollute your domain name with their posts, but not to monitor/respond directly to those who comment on their articles?

    I think that most admins consider authors to be part of the staff.

    When you comment on a post, you're commenting to the author, not the admin. Therefore when you submit an email address, who's at the front of your mind?

    The faceless admin, or the author? - if I'm commenting I'm giving my email address to the author, and that dictates which email address I give, and whether or not it's real.

  4. jwesseldyke
    Member
    Posted 6 years ago #

    OK, first, that response is not helpful in the slightest. Use your energy to solve a problem, not argue with it's usefulness or relevance.

    However, let me explain further. Authors/contributors STILL should not have access to email addresses of those commenting on OTHER posts, or, frankly, to their own if the user commenting doesn't choose to be identified by the author.

    A privacy policy of "We will never give out your email address" is invalid if other people can see and use those email addresses inappropriately.

    I'm only suggesting that if the owners of a site vow to not carelessly handle email addresses and contact information, they should be able to shut that off in that dashboard.

  5. Samuel Wood (Otto)
    Tech Ninja
    Posted 6 years ago #

    No, WordPress does not have this ability. Like Ivovic said, if they have access to edit posts, then they have access to edit comments as well. There is no separate capability for this.

    Also, your authors and contributors should be bound by your privacy policy as well, because the "We" in "We will never give out your email address" applies to everybody posting on your site.

    So... sorry, but no. If you don't trust your authors and contributors, then they probably shouldn't be authors and contributors.

  6. Ivovic
    Member
    Posted 6 years ago #

    OK, first, that response is not helpful in the slightest.

    Actually it is helpful, because it conveys what I believe to be the reason no such feature exists.

    You'd do better to be a little more appreciative of people's posts in your threads, because even if they're genuinely NOT helpful, at least they bump your post and perpetuate discussion.

    That in itself is helpful, even if you don't like the response.

    You're welcome.

  7. rabmaster
    Member
    Posted 6 years ago #

    Ivovic, you weren't particularly helpful.

    I was asked by one of my authors on a blog why they could see the IP addresses and emails of all commentors. I had no answer for this, her response was, "well if I can see them, everyone else can!"

    I assured her that all 'normal' subcribers cannot view this, but the harm has been done in my opinion, and she has told everyone else that there are security issues on the site.

    Yes, I appreciate that you will usually only have trusted authors on ones site, but can you not imagine a situation where you might not? I certainly can.

    Here is just one, that I have:

    A blog which invites multiple authors, and sets the default level of new members to "contributor" and, while moderating their posts - thereby NOT, as you so inaccurately put it "pollute your domain name with their posts" they are in essence 'on trial' - should they be able to view the email addresses of all your other members AND those who make comments???

    No, they should not. Why else do you suppose you get all those spam registrations from Russian email addresses. I always wondered "why spam registrations?" but now I know, in case you have set the initial new member status to "contributor" or higher, then they can scrape all the active email addresses from the "comments" section. This is, in my opinion, a massive security hole, and one which needs plugging, or at least some advice as to how we can do this ourselves.

    Which is what the original poster was asking for. So yes, your comment was entirely unhelpful.

    I, too, would like a solution to this issue.

  8. rabmaster
    Member
    Posted 6 years ago #

    Otto42, should we REALLY have complete trust of contributors?

    What, then, is the point of the "author" "editor" "admin" roles?

    Contributor is clearly supposed to be a lower form of membership, where you are not yet trusted (all your posts must be moderated etc) so these people should not be allowed to spam everyone who has EVER left a comment on your site. I can think of any number of scenarios where this could happen.

    So please, try to think of a way that we can prevent this from happening, or say nothing at all.

  9. bushtool
    Member
    Posted 6 years ago #

    I'm looking for a solution to this also. Just upgraded to 2.3 from 2.06. In 2.06 I modified the user role number to enable only users above a certain number to be able to access the "manage" in the dashboard which is where the comment listings were. Now the comment listing is separate from "manage".

    I agree that this is a security issue. The comment form says the email will not be "published". This implies it will remail hidden from other users and viewers except the admin. My blog allows anyone to be a contributor so that means the email is not being kept private.

    Does anyone know of a way to limit access to the comment listings in dashboard to only users above a certain "setable" level or to just the admin level? Your help on this is appreciated.

  10. bushtool
    Member
    Posted 6 years ago #

    I believe I found the answer to this problem. The plugin is here:

    http://www.laboratoriocaffeina.it/development/2007/07/20/restrict-authors-access-to-edit-comments-the-plugin.html

    Looks like you can restrict access to the dashboard comments section to users below level 9 or change that in the code to whatever you want.

    I just downloaded and activated in wp 2.3 and then signed on with a level 5 user and I was prevented from accessing the dashboard comment section.

    You also cannot edit your own comments once posted. If would be nice like some sites do that you have a few minutes to makes corrections. But I suppose that is why I put in a preview section.

    Anyway this is a solution, albeit not perfect.

  11. bushtool
    Member
    Posted 6 years ago #

    nope, you can still go in through the dashboard manage and click on individual posts and see the comment email addresses.

    so the above solution does not solve the problem.

    if anyone gets any further on how to keep comment emails completely private except for the administrator, please post here. Thanks

  12. bushtool
    Member
    Posted 6 years ago #

    ok I think I found a workaround for this.

    first download and activate this plugin

    http://www.laboratoriocaffeina.it/development/2007/07/20/restrict-authors-access-to-edit-comments-the-plugin.html

    that will prevent only editors and admin from accessing "comments" in the admin section

    then edit "edit.php in wp-admin (make backup first)

    I changed this:

    <?php if ($comment->comment_author_email) { ?>| <?php comment_author_email() ?>

    to this

    <?php if ($comment->comment_author_email) { ?>| <?php comment_author_url_link() ?>

    so in the "manage" of the admin section when you click on the comments link, the comments show the url that was given twice instead of the email.

    Please post here if anything comes up to make this hack a problem or if it still doesn't hide comment emails from everyone except editors and admins.

  13. Samuel Wood (Otto)
    Tech Ninja
    Posted 6 years ago #

    Otto42, should we REALLY have complete trust of contributors?

    Uhhh.. You're not giving them complete trust, but you're giving them enough trust to actually put their words up on your site. It seems to me that that's a higher level of responsibility than just allowing them to see email addresses.

    Email addresses are not some kind of major secret. If you don't want people who are actually in your organization to see them, then don't accept them at all. Remove the email input box, don't require it at all.

    Quite frankly, I think this conversation is ridiculous. If you can't trust your own people to not spam others, then how in the world can you trust them to actually write material for your own site? It doesn't make any sense.

    ...

    Still, if you have some pressing need... create a new capability, called "edit_comment" or something. Change edit-comments.php to use edit_comment instead of edit_post where it does all the checks. You may need to make changes to comment.php as well (also in the wp-admin folder). Then use the roles/capabilities plugin to give that capability to some users. Done and done.

    So please, try to think of a way that we can prevent this from happening, or say nothing at all.

    First off, don't ever tell me what to say. I speak my mind as I see fit. Saying such a thing to me in real life would gain you a punch in the nose, so I suggest you keep that in mind when telling other people what to do in the future.

    Secondly, do not tell other people on these forums what they may or may not comment on. If you disagree with what somebody says, then either say so, speak to the mods if you think it's necessary, or leave. But do not attempt to moderate other people yourself. That's the mods job, not yours.

  14. bushtool
    Member
    Posted 6 years ago #

    Otto42

    my blog is not an "organization", it is a local political blog. Unfortunately people will use your posts against you in unfair ways if you identify yourself in our community. It is possible it could lead to something worse like loss of your job, being stalked, etc. Requiring an email address and then allowing anyone who subscribes to the site to see that address prevents anonymity.

    I know a fake address could be given, but I want to assure my content providers and commentors anonymity if they so desire.

  15. anonBug
    Member
    Posted 6 years ago #

    I have the same issue as bushtool.

    I run a blog where people are writing about concerns and do not want others--even perhaps some contributing authors--to know who they are. I should be able to respect their privacy.

    It isn't necessarily about thinking the contributors will send spam. It is about them knowing who all the commenters are.

    As is, I can't post a privacy policy telling them their emails will not be shared with others.

    Some contributing authors have expressed dismay, since they realize they should not be seeing the emails of anonymous commenters.

    This is not a non-issue. It affects some of us very seriously. I love WordPress, and frankly, I think allowing contributors who are not allowed to post without moderation to see every commenter's email (which is not shown to readers) is a design flaw.

  16. Kafkaesqui

    Posted 6 years ago #

    http://wordpress.org/support/topic/143772#post-650132

    One solution to the "design flaw"...

  17. anonBug
    Member
    Posted 6 years ago #

    Thanks Kafka! I am trying it out. I really appreciate your work.

  18. anonBug
    Member
    Posted 6 years ago #

    Thanks--it hides them in the dashboard, unless you know where to look. (It also mails them to authors of the post.) I replied in full here:

    http://wordpress.org/support/topic/143772?replies=8#post-650237

  19. eharmonyblog
    Member
    Posted 6 years ago #

    I'm bumping this because one of my commenters told me he received spam on a throwaway email address he used only on my site. It's embarrassing. Will someone please file a bug report on this problem? I don't know how. Thanks!

    I reviewed the 2.3.2 code and saw that:

    • wp-includes/comment-template.php defines get_comment_author_email(), get_comment_author_IP() and other similar functions. Most of them have apply_filter calls, so a crafty plugin can control whoever uses these functions.
    • Unfortunately, several WP source files access the database column directly (i.e., "$comment->comment_author_IP"):
      • wp-admin/comment.php
      • wp-admin/edit-form-comment.php
      • wp-admin/edit.php
      • wp-admin/export.php
      • wp-admin/import/mt.php
      • wp-admin/includes/comment.php
      • wp-admin/includes/template.php
      • moderation.php
      • xmlrpc.php
      • wp-comments-post.php
      • wp-content/plugins/akismet/akismet.php
      • wp-includes/comment.php
      • wp-includes/pluggable.php

      Someone should review these source files because any plugin based on add_filter can't hide the commenter's email addresses.

    pluggable.php contains the code for the 'new comment' notification email, which asks us site admins to ask our contributors to swear by a privacy policy. Scriptygoddess and Mark Jaquith's Subscribe To Comments plugin is better.

    Until this hole is fixed, the 'Contributor' role can view email addresses in two places: Comments -> Comments (wp-admin/edit-comments.php) in "Mass Edit Mode" and in "View Mode". Bushtool's fix above missed the "view mode" part.

    Until this hole is fixed, I recommend the use of the laboratoriocaffeina.it plugin. Suit the $user_level to taste. 'Author' is 2, 'Editor' is 7 and 'Administrator' is 10.

    "nope, you can still go in through the dashboard manage and click on individual posts and see the comment email addresses."

    bushtool, I can't reproduce this in 2.3.2. Will you care to check again?

  20. prodmod
    Member
    Posted 6 years ago #

    Otto42

    When you wrote:
    But do not attempt to moderate other people yourself. That's the mods job, not yours.
    I was ready to report your behaviour to the moderators until I realized you are a moderator. I'm shocked.

    I come to support forums looking for technical help not attitude, and you have tons of it.

    You are telling members they can't tell you what to say but you have no problem starting with this opinion:

    If you don't trust your authors and contributors, then they probably shouldn't be authors and contributors.

    We never asked for your opinion, we want to do something specific with wordpress and we expect someone to provide a solution. The last person we'd expect to dismiss the request is a moderator. I don't care whether you think it's necessary or makes any sense to you. In fact I don't care about you in the least.

    I am appalled that you are a moderator because you are allowed to say things like this:
    First off, don't ever tell me what to say. I speak my mind as I see fit. Saying such a thing to me in real life would gain you a punch in the nose, so I suggest you keep that in mind when telling other people what to do in the future.
    That is confrontational, we are not confrontational to you. We are asking for help.

    And this:

    Secondly, do not tell other people on these forums what they may or may not comment on. If you disagree with what somebody says, then either say so, speak to the mods if you think it's necessary, or leave. But do not attempt to moderate other people yourself. That's the mods job, not yours.

    you are basically doing the exact thing you are telling us not to do. You are ridiculous, not the discussion.

    WordPress is open source and only exist because WE use it, not you. No one has more right to tell a moderator they are not helpful then the members. You are not in charge. You do not have a purpose in this community without us. If you cannot answer our questions properly and if WordPress the organization does not continually improve their program to our satisfaction we will go elsewhere. As a moderator you should represent WordPress with a positive and helpful attitude. We are your customers. And yes we can and will tell you how you should behave on this forum because it is we million members that matter to WordPress not you.
    We are your moderator.

  21. Samuel Wood (Otto)
    Tech Ninja
    Posted 6 years ago #

    prodmod: I was not a moderator when I wrote those words. I have became one since then. This is a several month old thread here.

    You are telling members they can't tell you what to say but you have no problem starting with this opinion:

    Stating your opinion is fine. Telling other people what to do (not to reply) and that they are not being helpful is not.

    We never asked for your opinion

    What you asked for is irrelevant. Other people are free to speak their opinions in this forum, and you will not tell them otherwise.

    That is confrontational, we are not confrontational to you. We are asking for help.

    I am sorry, but the person whom I was replying to (who was not you) was indeed being confrontational and dismissive.

    There is more than one way to do things, I agree. However, these ways are not always equal. Quite often on these forums, we have people ask questions like "how do I make a list of posts from a category on this static Page I made", and we have to explain to them that there are better ways to do things like that. We try to guide them into doing things better, not just answering the questions they asked.

    This happens all the time in different ways, so when somebody asks what seems like a strange question, it's commonplace to ask them questions or suggest alternative methods, instead of simply answering the question outright. The idea often being to make the question asker see the problem in a different way. People who are dismissive of these types of answers are therefore often the problematic ones.

    So, my words stand. Do not give other people orders in this forum. Respect other people's opinions and advice. If you disagree, then fine, you can disagree. You can even say that you disagree and why. But do not give commands. Do not tell other people that they are not being helpful. And you absolutely will not tell other people what to say (or to "say nothing").

    We are your moderator.

    Not here you are not. And you are free to leave if you do not agree.

  22. prodmod
    Member
    Posted 6 years ago #

    ok. then according to your recommendation I will only share my opinions because I am free to do so.

    I agree with your statement
    We (moderators) try to guide them into doing things better, not just answering the questions they asked.

    However, in my opinion, you did not guide us into doing anything better in this thread but only questioned why we would want to.

    In my opinion, moderators like jeremyclark13 and kafkaesqui actually tried to help members find a solution without the slightest hint of attitude or opinion. I cannot confirm that they are perfect solutions but they seem to have contributed positively to this thread which others can build from.

    In my opinion you have spent more time reacting to members comments, tone, and behavior than providing any value.

    In my opinion, as a wordpress user, I would not feel comfortable if all moderators on this forum acted and reacted to members questions and comments the way that Otto42 has on this thread. Reasons why can be explored above. Search this page for "punch in the nose" for a sample. Unless you are only 13 years old, this behaviour is a bit unsettling.

    But that's just my opinion for you to consider or dismiss as you wish.

  23. trig338
    Member
    Posted 6 years ago #

    This issue is must be taken seriously by the development team. It should be key to have a feature in which you can hide any part of the dashboard that CAN contain personal information.

    I'm running a citizen journalism social site where many people can post articles and moderate comments. And everyone can post comments - even with phony names and e-mail addresses.

    To give good writers even freer leash I must be able to hide the commentators details. Otherwise I must completely trust any writer which is impossible.

    In our local community there is growing curiosity who hides behind the user names.

    If anyone can guess the right person behind a username and spread the word the site's credebility goes down the drain.

  24. trig338
    Member
    Posted 6 years ago #

    Addition:
    We had one incident where a contributor cross references an ip-address whith a users different aliases and finally came upp with a proper email-adress that pointed out the real person.

  25. Ripose
    Member
    Posted 5 years ago #

    First: Read This http://wordpress.org/support/topic/199569?replies=1

    Second: The original question from jwesseldyke is a VALID question.

    Third: I have been answering computer questions for 28 years and I would NEVER cloud the issue with the BS like I read above (excluding the truly helpful ones of course).

    Fourth: Don't forget that some of the people who "control" a forum turn into TROLLS very easily.

    Fifth:trig338 summed it up nicely.

    Sixth: I am looking for the solution to exactly this problem, I don't have an (easy) answer yet, but I could not resist responding to way this thread progressed.

    When I find a solution I will post back here, I apologize for not having any helpful information at this point.

Topic Closed

This topic has been closed to new replies.

About this Topic

Tags