TorgI am trying to create a site where you can register, post only one post and edit this as many times as he want.
with the help of these two post:
http://wordpress.org/support/topic/plugin-tdo-mini-forms-edit-own-posts-only?replies=4
http://wordpress.org/support/topic/tdo-mini-form-how-to-edit-post?replies=2
I'm trying to create the site
To do this I have installed on wordpress 3.0.1
-TDO Mini-Forms 0.13.9
-User-Role Editor 2.1.10
-Theme-My Login 6.0.1
In wordpress General Settings I've checked
-Membership: Anyone can register
-New User Default Role: Author
in User Role Editor I've edited the capabilities to author ticking only
-Edit_published_posts
-Publish_posts
TDO then I created 2 form,
The first is to let each user publish a single post
http://www.comunicazionecivile.it/demo/wordpress_tdo_form1.gif
The other is to let the original submitter edit his post
http://www.comunicazionecivile.it/demo/wordpress_tdo_form2.gif
Then, in single post template, I've add a button
if the current post is submitted by user logged in, show the link "edit my post"
<?php if ( $current_user->ID == $post->post_author ) {
?>
<a href="index.php?page_id=ID_OF_PAGE_WITH_FORM&tdomf_post_id=<?php echo $post->ID; ?>">edit my post</a>
<?php } ?>when logged in user visit this link he go to a page like this:
http://www.mydomain.com/?page_id=1747&tdomf_post_id=1838
This works fine,
but if in the address bar the user changes the ID of his post with another, he can edit posts of other users!
http://www.mydomain.com/?page_id=1747&tdomf_post_id=1310
any solution?
thanks for your attention
ABCDiamond
