MailChimp List Subscribe Form
bad choice for capability check (3 posts)

  1. Steve Taylor
    Posted 4 years ago #

    This plugin has a similar issue to this:


    Basically, edit_plugins is used as the capability to include the settings page. However, I like using this line in all my wp-config.php files:

    define( 'DISALLOW_FILE_EDIT', true );

    I never want any of my clients editing theme or plugin files via the admin interface, and after a nightmare experience bringing a client's site down by careless use of it, I never want to give myself the temptation! It's useless at best to me, so I turn it off.

    When edit_plugins is used as an "admin-only" check and the above constant is true, the plugin is rendered useless.

    Why not use manage_options? It's admin-only, there's no reason (as above) that it would be disabled, and it's, let's say "semantic" (i.e. it makes sense!).

  2. mc_nate
    Plugin Author

    Posted 4 years ago #

    Hey Steve!

    We'll definitely put this question in front of the developers to have a peek at, as that goes a little above and beyond what we do here.

    If you do see any other weirdness, give us a shout!


  3. Steve Taylor
    Posted 4 years ago #

    Thanks Nate. I've just realized, it's possible they weren't seeing edit_plugins as a general "admin-only" capability. I'm finding more and more plugins that use edit_plugins as a check for editing the plugin settings, and I've realized that some people might be mistaken in thinking that edit_plugins refers to editing plugin settings. Let your developers know that this capability is meant to refer to editing the plugin files themselves (http://codex.wordpress.org/Roles_and_Capabilities#edit_plugins). The capability for editing settings / options is manage_options.

Topic Closed

This topic has been closed to new replies.

About this Plugin

  • MailChimp List Subscribe Form
  • Frequently Asked Questions
  • Support Threads
  • Reviews

About this Topic