prevent_admin_access() breaks admin-post.php functionality

  • Resolved vixm

    (@vixm)


    4 years, 10 months ago

    The plugin has an option to choose what roles won’t be able to access the admin area, which is great, but it also breaks handling form data with admin-post.php

    I ended up leaving that option empty, copying this function to my functions.php and hardcoding $option_roles = array('subscriber');.

    To allow users to reach admin-post.php, I added this to my copied function:

    
  $adminPostFilename = '/wp-admin/admin-post.php';
  if(substr($_SERVER['PHP_SELF'], -strlen($adminPostFilename)) === $adminPostFilename){
		return;
	}

    This is not a great solution, but works. If there’s a better way to do that, I’m all ears, but it would be nice to have that in the official code.

    • This topic was modified 4 years, 10 months ago by vixm.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Deepak Sharma

    (@sharmadpk03)

    4 years, 10 months ago

    Hi @vixm,

    Can you please let us know exactly what breaks in case you use the plugin’s default functionality?
    Please let me know so that I can test it in my local environment and then forward the results to our developer team which will help them to fix the issue.

    Also, I will also ask them to consider your fix and include it if it is better than the one that is currently existing.

    So, let me know and I will get back to you.
    Regards!

    Thread Starter vixm

    (@vixm)

    4 years, 10 months ago

    Hi,
    I’ve a template in the frontend from which registered users can add posts. In order to do that, I hook into:

    
add_action('admin_post_nopriv_save-new-post', 'handle_new_post_form_data');
add_action('admin_post_save-new-post', 'handle_new_post_form_data');

    Those actions are managed by WordPress in wp-admin/admin-post.php, but once the form is submitted to that file, the plugin thinks the user is trying to access the admin area and redirects to the my-account page. That’s why I had to bypass wp-admin/admin-post.php the way I did.

    Let me know if you need more info.
    Thanks!

    • This reply was modified 4 years, 10 months ago by vixm.
    Deepak Sharma

    (@sharmadpk03)

    4 years, 10 months ago

    Hi @vixm,

    Sorry for the delayed response.
    Thank you for the details. The information has been passed to the developer team. If the team finds it useful to add in the code then they will surely do it. We will notify you if there is any update regarding the addition of the code that you proposed.

    Thank you for the information.
    Regards!

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘prevent_admin_access() breaks admin-post.php functionality’ is closed to new replies.