[Vladimir]

Hi Jawad,

Thanks for the good feedback.

You may use “Meta boxes access” add-on:

Block meta boxes for role

Do not forget “to show available meta boxes” to this add-on 1st – visit ‘Dashboard’ page in order add-on may see what meta boxes are currently available.

[Vladimir]

Thanks for the information.
User Role Editor allows to see ‘Administrator’ role in the roles drop-down list under WordPress multisite in 2 cases:
1) user has ‘manage_network_users’ capability.
But this gives to a user access to the “Network Admin -> Users”.
2) ure_supress_administrators_protection filter returns true.
In this case be careful, as non-admin users with ‘list_users’, ‘edit_users’ capabilities will can to edit users with ‘Administrator’ role and create other users with ‘Administrator’ role. So use this filter just in case you do not plan to have such users at your site.

[Vladimir]

Does your test user has ‘Administrator’ role at this single site or you assigned him some custom role?

[Vladimir]

WordPress does not store user password at the database. It stores just a password hash value. So it’s not possible to get user password in its original not encrypted form from the database. You should catch a password value earlier, when you change it.

[Vladimir]

… An issue was resolved by e-mail.

[Vladimir]

Hello,

It’s not too secure to send passwords via e-mail. That’s why WordPress uses reset password technique. Why do not use this feature?
User inputs his email after click on the ‘reset password’ link at login page (wp-login.php?action=lostpassword) and gets by email a special protected link to a page, where he can input his new password.

[Vladimir]

Hi André,

I need that widget to test and look on the source code. Is it a WordPress built-in or a custom one?
Custom code may use direct SQL query to the database and, thus, ignore any filters URE Pro sets for the posts queries made via WordPress API. Could you provide that plugin or theme?
Send .zip to the support [at-sign] role-editor.com

I use code received from clients locally and for research purpose only.

[Vladimir]

Check if ‘Network Admin->Settings->User Role Editor->Multisite->Allow non super administrators to create, edit, and delete users’ option is turned on.

[Vladimir]

Hi Nigel,

Thanks for the information. There is a mistake in the condition that prevents single admin from blocking menu items for himself. I will include a fix to the next update.
As a quick fix you may open user-role-editor-pro/includes/pro/classes/admin-menu-view.php and replace line #133

$readonly_mode = (!$lib->multisite && $allowed_roles[0]=='administrator') || ($lib->multisite && !is_super_admin()); 

with this one:

$readonly_mode = (!$lib->multisite && $allowed_roles[0]=='administrator') || ($lib->multisite && !is_super_admin() && $allowed_roles[0]=='administrator'); 

[Vladimir]

Hi Josh,

Unfortunately, this feature is not available right now. But I hope to provide it in the near future.

[Vladimir]

Hi Nancy,

Thanks for the feedback.

[Vladimir]

Hi Nancy,

Thanks for the information. I will enhance this part of the code and include it to the next update.

It seems that WP_DEBUG constant is set to true at your site. It’s not recommended for the live sites. So 1st workaround is to set it to false at wp-config.php file.
2nd way is to modify wp-content/plugins/user-role-editor-pro/includes/pro/classes/other-roles.php file replacing code phragment at lines 72-89 with this one:

        if (is_array($user->roles)) {
            foreach ($user->roles as $role) {
                if (isset($access_data[$role])) {
                    if (!isset($access_data[$role]['access_model'])) { // for backward compatibility
                        $access_model = 1;   // Use default (block selected) access model
                        $data = $access_data[$role];
                    } else {
                        $access_model = $access_data[$role]['access_model'];
                        $data = $access_data[$role]['data'];
                    }
                    if (empty($blocked['access_model'])) {  
                        $blocked['access_model'] = $access_model;    // take the 1st found role's access model as the main one                    
                    }
                    // take into account data with the same access model only as the 1st one found
                    if ($access_model==$blocked['access_model']) {
                        $blocked['data'] = array_merge($blocked['data'], $data);
                    }
                }
            }
        }

That is insert
if (is_array($user->roles)) { just before it. And insert closing } just after it.
I may send a modified file to your e-mail if it’s required.

[Vladimir]

Hi Bira,

This add-on does not give to a user new permission. It setups restrictions for the existing permissions only. So it should not allow to edit others posts until user actually has ‘edit_others_posts’ capability.

Some sites has tens thousands of users. Creation of unique term for every user is not very effective solution…

[Vladimir]

Hi Urs,

I confirm the described bug. Thanks for reporting it.
I will search a solution.

[Vladimir]

Hello,

Is the same problem happened for the built-in role, like ‘author’?
Try to deactivate all plugins and check? If problem will go away, activate plugins back one by one to isolate a problematic code.

[Author]

Posts