My Monkey Do

A Log of Coding Solutions

Coding

WordPress Capabilities with map_meta_cap and user_has_cap

by

The two functions, map_meta_cap and user_has_cap allow you to change capabilities on the fly without having to add to roles in the database.  These also allow you to have a ton of flexibility.

Some examples from the talk:

 If you can edit pages, you can edit widgets:
add_filter( 'user_has_cap',
function( $caps ) {
if ( ! empty( $caps['edit_pages'] ) )
$caps['edit_theme_options'] = true;
return $caps;
} );

Give secondary “administrators” less control:
add_filter( 'user_has_cap',
function( $caps, $cap, $args ) {
$user_id = $args[1];
$user = new WP_User( $user_id );
$email = $user->user_email;
if ( $email != get_option( 'admin_email' ) )
$caps['manage_options'] = false;
return $caps;
}, 10, 3 );

Don’t let anyone delete users:
add_filter( 'map_meta_cap',
function( $required_caps, $cap ) {
if ( 'delete_user' == $cap || 'delete_users' == $cap )
$required_caps[] = 'do_not_allow';
return $required_caps;
}, 10, 2 );

Only administrators can delete published posts:
add_filter( 'map_meta_cap',
function( $required_caps, $cap ) {
if ( 'delete_post' == $cap )
$required_caps[] = 'manage_options';
return $required_caps;
}, 10, 2 );

Require editors to approve posts:
add_filter( 'map_meta_cap',
function( $required_caps, $cap ) {
if ( 'publish_post' == $cap || 'publish_posts' == $cap )
$required_caps[] = 'edit_others_post';
return $required_caps;
}, 10, 2 );

WordPress 4.6 crashed my site

by

Fatal error: Cannot redeclare the_post_thumbnail_caption() (previously declared in ….

This error occurs because the_post_thumbnail_caption is a new function in WordPress 4.6.  However, people have been using this function for over 5 years now.  How?  Stackoverflow and other WordPress forums are flooded with questions asking how they can print out the thumbnail caption.  Since this wasn’t a built-in function before, the answer was to make your own function which was appropriately named the_post_thumbnail_caption.

Many theme authors, myself included, are now guilty of simply copy-pasting this function without adding their own theme prefix.  To avoid errors like this, functions within a theme should be prefixed with something unique to the theme like “mymonkeytheme_the_post_thumbnail_caption”.

If you have this error, contact your theme author and ask them to fix the theme.

 

WordPress the_title filter changed in nav menus

by

I haven’t had time to look into the exact reason or the exact version this changed, but as of at least WordPress version 4.5.2 the nav menu uses the_title multiple times for one item.

For example if your theme used something like this:


function menu_title_filter( $title ) {
return $title . ' | ';
}
add_filter( 'the_title', 'menu_title_filter' );

It would have one ” | ” after each menu title in previous versions, but in WordPress 4.5 ish it would show two ” | “.  Again, haven’t looked at the exact cause that changes this, but the solution is to check if the item you’re looking at is a nav_menu_item:

function menu_title_filter( $title, $id ) {
$item = get_post( $id );
if ( $item->post_type != 'nav_menu_item') return $title;
return $title . ' | ';
}
add_filter( 'the_title', 'menu_title_filter', 10, 2 );

Relative positioning of table rows and row groups is now supported. This site may need to be updated because it may depend on this feature having no effect.

by

Firefox displayed this warning in the Firebug console.  This warning indicates an absolutely positioned does not consider a table element relatively positioned so it may not appear as expected.  A better explanation is here:

https://www.sencha.com/forum/showthread.php?289315-Relative-positioning-of-table-rows-and-row-groups-is-now-supported.-This-site-may-nee

and solution to fix is here:

http://stackoverflow.com/questions/5148041/does-firefox-support-position-relative-on-table-elements

Draggable Icon in Font Awesome

by

This is weird.  Font Awesome has a ton of fonts, but no draggable icon.  Issue #816 is on github shows much love for this added feature, open since 2013.

A workaround for this suggested by abanctelchevrel:

/* \f142 is ellipsis-v */
/* \202F is thin unbreakable space */
.fa.fa-grip:before {
content: "\f142 \202F \f142 \202F \f142";
}
.fa.fa-grip-large:before {
content: "\f142 \202F \f142 \202F \f142 \202F \f142 \202F \f142 \202F \f142 \202F \f142";
}

fa-grip-large : <i class=”fa fa-grip-large fa-rotate-90″></i>
fa-grip <i class=”fa fa-grip”></i>

Link from Google Redirecting

by

After years of not having a client get hacked, I got 2 in a few weeks.  One client (client A) has a WordPress site which I developed the theme on.  Another client (client B) was brand new, no WordPress.  Client A’s site was redirecting to a porn site whenever a visitor went through a link from Google.  Client B’s site was redirecting to a 404 page (a php file was not found).  Both sites were fine when visiting the direct link.

I found malicious code in Client A’s .htaccess file redirecting anyone visiting from google, bing, or any of the major search engines.  I found and removed the PHP files that were not supposed to be on the site.

Client B’s site was clean as a whistle. Nothing suspicious in the htaccess file and no mysterious php files.  Needed to contact the host about this one.

In searching for more information on how the attackers may have gotten in, I came across this worrisome forum.  Both clients are on GoDaddy so this is probably the issue they both had:

https://wordpress.org/support/topic/malware-redirect-hacks-specific-question-regarding-vulnerabilities?replies=12