Support » Plugin: Mihdan: Ajax Edit Comments » Setting to forbid users to edit name and e-mail does not work

  • Resolved shrttrsrs


    Hello. WP AJAX edit comments plugin helped me a lot, but it is causing a trobulesome problem that I’m hesitating to keep this plugin activated.
    As I do not want my registered users to edit their name and email and URL of their comments, I selected ‘No’ options for such behavior. But readers still have such capability to edit such forbidden items.
    (Only these options do not work. Other options are working, such as ‘Delete Request or Delete’ option, or time limit option for comment edit do work)

    I love this plugin’s power to let my users edit and delete their own comments, but I do not want them to be anonymous.
    How can I fix this problem? Thanks!

    I also do now want my users to edit their ‘advanced’ details of their comments.
    I think one way to solve all these hard problems is just deactivate the ‘edit’ feature and leave only ‘delete’ button. Is such customization possible?
    As long as I am using a customized theme that does not permit me to access comments.php, I want to deal with plugin itself. Thank you!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Ronald Huereca



    I was only able to duplicate the behavior you said by being logged in as an author of a post and editing a comment.

    When I’m logged in as the same user and leave a comment on a different post (one that the user hasn’t authored), then the rules of limiting work.

    I’ve observed that when a user is an author of a post, he has the same rights as an admin when it comes to editing comments (this is default WordPress behavior if I’m not mistaken).

    Please get back to me how I can duplicate this so a registered user can erroneously edit all fields.

    Ronald Huereca,

    Yes. This erroneous edit permission happens to subscriber role users. As you know, subscriber role users cannot post their own post.
    They do not have any capability for comments in setting options, but they still can edit whatever they want to.

    Plugin Author Ronald Huereca


    Ack, that definitely should not be happening. I’ve tested with a subscriber and wasn’t able to duplicate the problem.

    Do you have any role modification plugins running that would add extra capabilities to the subscriber role?

    The only users who should see the “advanced” comment editing dialog are those who can edit_users, edit_page, edit_post, and moderate_comments.

    Ah, Thank you very mush. It was a problem associated with ‘Role Scoper’ plug-in. This complicated plug-in assigned users edit capability somehow… By tuning some subtle option, I fixed problem!
    Now I can use this lovely AJAX plugin unlimitedly.

    Thank you so much!

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Setting to forbid users to edit name and e-mail does not work’ is closed to new replies.