[Plugin: WP Bannerize] WP-Bannerize Dashboard link shows even to Subscriber, Contributor and Author?

@foobarph we’re experiencing the exact same issue (using ‘User Role Editor’ plugin instead of ‘Members’).

Any fix here would be GREATLY appreciated (even if we have to roll up our sleeves and modify some code).

Thx!

-Brian & WR

Specs:

WordPress v3.3 + v3.3.1
Plugin v3.0.32

hi womensradio,

i even disabled my MEMBERS plugin to see if there is a conflict between the two plugins but to no avail, wp-bannerize still works.

T_T

@foobarph We’ve been in correspondence with the developer (prior to this issue) and hope that they are as attentive to this issue as they have been in the past. Fingers crossed.

Hi,

now every user that has “edit_posts” capabilitiy can use WP-Bannerize.

I know it isn’t the right solution (because everyone knows how to edit urls can bypass it easily), but for the moment I simply hide the menu items… in functions.php:

//hide wp-bannerize menu items to non administrators
if ( is_admin() && ! current_user_can( 'administrator' ) ) {
	add_action( 'admin_menu', 'mwr_remove_wpbannerize' );
	function mwr_remove_wpbannerize() {
		remove_menu_page( 'wp-bannerize-mainshow' );
	}
}

and for a minimal control I added:

//restrict to non administrators
if ( ! current_user_can( 'administrator' ) ) {
	return __( 'Error: you have not sufficient privileges!', 'wp-bannerize' );
}

at the top of methods insertBanner(), setBannerToTrash(), unsetBannerToTrash(), deleteBanner(), updateBanner() and:

if ( ! current_user_can( 'administrator' ) ) {
	echo __( 'Error: you have not sufficient privileges!', 'wp-bannerize' );
	return;
}

at the top of method settings()… all these methods
of class WPBannerizeAdmin{} in wp-bannerize/Classes/wpBannerizeAdmin.php of WP-Bannerize 3.0.32.

Hope this can be helpful until this feature will not be well developed directly in the plugin. ??

MoiKano

Thanks MoiKano!

We added the first snippet of code to functions.php and this seems to be working well at the moment. Hopefully the developer will work this into a future update!

Thanks Again!

-Brian & WR

Hi to everybody,
we are working about this workaround.

How you know, WordPress manages its permissions through Roles and Capabilities.

Without install third part plugin, WordPress manages only the Roles! This is a very annoying, becouse a new “WP Bannerize” role wich capabilities must have?

So, we are working to build an embed manager for role and capabilities.
Then, in the next version of WP Bannerize, will introduce two news:

1. A new role “WP Bannerize”
2. A new capability “wp_bannerize_manage”

The question is: Wich capabilities have be inherit for “WP Bannerize” role?

Thanks to all for your support and suggestions
Regards
GF

Hello gfazioli and thank you for supporting your awesome plugin!

We’d like to give you quality feedback regarding your question and can certainly recommend adding the capability of allowing/disallowing certain user roles (Contributor, Author, etc.) access to WP Bannerize via the Admin Dashboard.

Also, an e-commerce integration, allowing Subscribers / Contributors / Authors etc. the ability to PAY $$$ to upload / insert advertisements would be amazing!

Please let us know if you require any different / more precise suggestions.

Thanks again!

-Brian & WR