[Plugin: Backend User Restrictor] Where Are the Settings?

Drover
(@drover)

13 years, 11 months ago

Description says you can choose which pages are seen, but I can’t find any place to specify this?

Thanks.

http://wordpress.org/extend/plugins/backend-user-restrictor/

Viewing 3 replies - 1 through 3 (of 3 total)

Anonymous User 357386
(@anonymized-357386)

13 years, 9 months ago

Same problem 😐

Christoph
(@camthor)

13 years, 8 months ago

I think you have to edit the plugin directly:
/wp-content/plugins/backend-user-restrictor/backend-user-restrictor.php

I changed a bit to make it more flexible. It’s running on a multi-site installation with WP 3.1. But I haven’t made any extensive testing.

This is the changed content:

<?php
/*
Plugin Name: Backend User Restrictor
Plugin URI: http://www.lloydengland.com/
Description: Blanket backend restriction for users who are not administators. Users are still able to access their profiles or whichever paths are specified. Also supports https connections.
Version: 1.1
Author: Lloyd England
Author URI: http://www.lloydengland.com/
Contributors: Dustin Vietzke

Copyright 2010 Lloyd England (email : lloyd@lloydengland.com)

This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*/

add_action(‘admin_init’, ‘bur_plugin_enforceRestriction’);

function bur_plugin_enforceRestriction() {
global $current_user;

/* START ADMIN SETTINGS */

// whitelist of paths that can be accessed (relative to blog URL)
$allowed_paths = array(
“/wp-admin/my-sites.php”,
“/wp-admin/profile.php”,
“/wp-admin/edit.php”,
“/wp-admin/post-new.php”,
“/wp-admin/post.php”,
“/wp-admin/edit-tags.php”,
“/wp-admin/link-manager.php”,
“/wp-admin/link-add.php”,
“/wp-admin/edit-link-categories.php”,
“/wp-admin/tools.php”,
“/wp-admin/edit-comments.php”
); // dashboard /wp-admin/ itself doesn’t work because of boxes

// redirect rejected requests to e.g. “/” (frontend) or “/wp-admin/post.php” – only use /wp-admin/… if whitelisted above
$redirect_path = “/wp-admin/post.php”;

/* END ADMIN SETTINGS */

// block subscribers
if (!current_user_can(‘edit_posts’)) {
header(“Location:”.get_bloginfo(‘url’).”/”);
}

if (current_user_can(‘manage_options’)) {
return;
}
else{
$pageURL = ‘http’;
if ($_SERVER[“HTTPS”] == “on”) {$pageURL .= “s”;}
$pageURL .= “://”;
if ($_SERVER[“SERVER_PORT”] != “80”):
$pageURL .= $_SERVER[“SERVER_NAME”].”:”.$_SERVER[“SERVER_PORT”].$_SERVER[“REQUEST_URI”];
else:
$pageURL .= $_SERVER[“SERVER_NAME”].$_SERVER[“REQUEST_URI”];
endif;

// removing query strings
$pageURL = array_shift(explode(‘?’, $pageURL));

// compare request with whitelist
foreach($allowed_paths as $check_path) {
if (substr($pageURL, -strlen($check_path)) == $check_path) {
return;
}
}
header(“Location:”.get_bloginfo(‘url’).$redirect_path);
}
}

?>
Anonymous User 357386
(@anonymized-357386)

13 years, 6 months ago
I’ve changed your 1.1 to this (i don’t want permit to edit profile and i don’t want use 1.0):
```
<?php
/*
Plugin Name: Backend User Restrictor
Plugin URI: http://www.lloydengland.com/
Description: Blanket backend restriction for users who are not administators. Users are still able to access their profiles or whichever paths are specified. Also supports https connections.
Version: 1.1
Author: Lloyd England
Author URI: http://www.lloydengland.com/
Contributors: Dustin Vietzke

Copyright 2010  Lloyd England  (email : lloyd@lloydengland.com)

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
*/

add_action('admin_init', 'bur_plugin_enforceRestriction');

function bur_plugin_enforceRestriction() {
	global $current_user;
	if (!current_user_can('manage_options')) {
		$pageURL = 'http';
		if ($_SERVER["HTTPS"] == "on") {$pageURL .= "s";}
			$pageURL .= "://";
		if ($_SERVER["SERVER_PORT"] != "80"):
			$pageURL .= $_SERVER["SERVER_NAME"].":".$_SERVER["SERVER_PORT"].$_SERVER["REQUEST_URI"];
		else:
			$pageURL .= $_SERVER["SERVER_NAME"].$_SERVER["REQUEST_URI"];
		endif;

		header("Location:".get_bloginfo('url')."/");
	}
}

?>
```
And seems to works fine 🙂

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘[Plugin: Backend User Restrictor] Where Are the Settings?’ is closed to new replies.

[Plugin: Backend User Restrictor] Where Are the Settings?

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics