Disabling ‘Take Over Post’ Button

  • Resolved TrishaM

    (@trisham)


    4 years, 1 month ago

    For a long time I’ve used a snippet of code in custom plugin that disables the “Take Over Post” button for all users except Admins, it recently caused a fatal error (I think after updating WP to a minor version update) and the theory I have based on reading very old posts here and on StackExchange is that the function I’m using was moved and is now loading *after* my code instead of before as previously, so I need some help fixing this so it will work again.

    Current WP version on the site where I am having this problem is 5.2.3
    Here’s what I’ve used that worked perfectly in the past: 

            if(is_admin()) {
          if ( !current_user_can('update_core') ) {
	    add_filter( 'override_post_lock', create_function("", 'return false;' ));
         }
       }

    The error I now get is this:

    Fatal error: Uncaught Error: Call to undefined function wp_get_current_user() in …

    …followed by a list of core files and my plugin.

    While I believe I can wrap it in another if statement to test if current_user_can exists (yet) as a function, which would eliminate the error, I don’t know how to then have the code run or to load the dependent function first, because I also read on StackExchange that calling the necessary file using require_once (before WP wants to load it) can introduce security vulnerabilities.

    So how can I maintain security and let WP load in its preferred order, and still block all users except Admins from the ability to take over a post from someone else who is editing it?

    • This topic was modified 4 years, 1 month ago by TrishaM. Reason: wrapped code in tick marks
    • This topic was modified 4 years, 1 month ago by bcworkz. Reason: code fixed
Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator bcworkz

    (@bcworkz)

    You’re calling WP functions too early if your code is where I think it is. Place your conditionals within the callback instead before adding. Thus your callback is always added, but only returns false under certain conditions.

    BTW, you don’t really need create_function() any more, PHP now supports closures.
    add_filter('foo', function(){ return false; });

    Thread Starter TrishaM

    (@trisham)

    Thank you @bcworkz – that is super helpful. So if I understand correctly, I should put that snippet in my Child Theme’s functions.php file instead of in the custom plugin that it’s now in?

    And I appreciate the lesson on no longer needing create_function() but not sure I understand because in this case I only know of the filter, not an actual function that I can use…and not sure this would work – or would it? 

            if(is_admin()) {
           if ( !current_user_can('update_core') ) {
	   add_filter( 'override_post_lock','return false;' );
           }
         }

    (Also, not sure why but there is no preview any longer, and all attempts to make my code appear as code do not work – using ticks or code button or leading spaces…..has this changed? I have never had problems prior to my last post and have been a forum member for many years…..) (meant to add that I know I must be doing something wrong but I don’t know what it is ?? )

    • This reply was modified 4 years, 1 month ago by TrishaM.
    • This reply was modified 4 years, 1 month ago by TrishaM.
    • This reply was modified 4 years, 1 month ago by TrishaM.
    • This reply was modified 4 years, 1 month ago by bcworkz. Reason: code fixed
    Moderator bcworkz

    (@bcworkz)

    Well, plugins load very early, and themes load sort of late, so functions.php may solve the problem. That’s not what I’m suggesting though. It’s reasonable for plugins to need to disable post lock behavior, but it needs to be done differently. Something like this:

    add_filter('override_post_lock', function( $lock ) {
    if ( is_admin() && !current_user_can('update_core')) {
        return false;
    } else {
        return $lock;
    }
});

    The reason your code didn’t format correctly is the initial backtick did not occur at col 0 of the line. It must by at the very start of a line for block style code formatting to be applied. No preceding white space allowed. This little known requirement catches a lot of people off guard. We appreciate your effort to properly format code all the same ??

    Thread Starter TrishaM

    (@trisham)

    Thank you very much, @bcworkz – that works perfectly and no more error!

    I deeply appreciate both the coding lesson and the info on how to properly format code now, perhaps I was confusing how to do that here with how I do it on StackExchange, which still uses leading spaces.

    Hugs!!
    Trisha

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Disabling ‘Take Over Post’ Button’ is closed to new replies.