An old drawing of an owl.

Simple Content Restrictor Plugin

Origin Story I had a number of emails from people trying to restrict content in various ways. One person wanted to restrict access because they were editing previously published content. Another person wanted more of a traditional membership-style option with the ability to restrict certain content based on user roles. I looked at some of the plugins out there but felt that building something a little less corporate1 would be pretty easy. It’ll likely evolve as I get some people using it but it’s here now if you want to mess with it. Making It This plugin uses the Advanced Custom Fields plugin as it saves me tons of hassle building custom field interfaces. ACF Stuff First, these two pieces enable me to sync up ACF field data without the drama of import/export or hard coding it into PHP.2 Now, I started off hand-writing the user levels as items. While easy, it felt wrong because there might be other user levels created by other plugins and they’d end up left out. I realized I could just add the user roles automatically like so. This will list all the user roles on the site as options. Filtering the Content My original idea was that I could just use use WP’s content filter. That is what I did but things got more […]

Will Wonka asking you to tell him again what WordPress can't do.

Hiding Comment Emails

Obscuring emails in WordPress . . . the comments edition. This is likely overkill but given that VCU has concerns about student emails being divulged via group emails we figured it wouldn’t hurt. I don’t want a class requiring commenting on student sites and that resulting in student unintentionally divulging their VCU emails because they’re logged in. You can see more details on email concerns at VCU (and likely other Virginia universities) at the VCU House Bill 1 site. This is going to go into our production code soon but seems to be working fine in development land. If you’re not a super-admin you will no longer see emails in the main comments view. In the quick edit view, I opted to get a little more nuanced. Email addresses without VCU in them will show normally. I figured this might be useful for contacting outside people. VCU has three or four email patterns but all of them have VCU in the address so I opted to just look for VCU in the email string using strpos. If it finds VCU then it spits back a generic sanitized email, sanitized_email@vcu.edu.1 I thought this would make it more obvious that there wasn’t an error but that emails were being cleaned intentionally. And finally, the single comment edit view. Thanks to Jeremy Felt […]

A drawing of a small terrier dog jumping through a hoop held by a monkey.

WordPress Multisite Email Hider

Virginia recently passed some FOIA legislation (and even more legislation) that says essentially that institutions can’t release student emails without written consent. That includes student directories and other fairly traditional things done with student emails. It led us to look at our WordPress multisite install.1 While a VCU email address is required to sign up for rampages.us, the username can be whatever the person desires. Emails aren’t visible in the user directory. The one place we thought emails would be visible in way that might be unexpected was in the user view of individual sites. If a student is an admin, they’d be able to see the emails of other student users on that site. The following bit of code removes the email column from the users view for everyone that isn’t a super admin. If we see an uproar from teachers about the missing column, we can also add people by user ID by doing something like . . . 2 $ok_people = [1,2,4]; if ( is_array( $super_admins ) && in_array( $current_user->user_login, $super_admins ) || in_array($current_user->ID, $ok_people) ){ [\php] 1 Overkill? Happy to oblige. 2 I didn’t test this yet so …