From: http://wordpress.org/support/topic/members-breaks-on-installphp-if-a-mu-plugin

This is a somewhat obscure use-case but it appears that the Members plugin throws errors is it is deployed to a new site without an tables it tried to insert 'members_db_version' key into wp_options before wp_options exists.

Adding the following code at the top of /members/includes/update.php solves the problem:

if ( defined( 'WP_INSTALLING' ) && WP_INSTALLING )
  return;

I can work around it by putting the code into my must-use plugin loader, but I thought you might want to know.

Would just like to know before I look into actually using it. Thanks!

Need to use the members_feed_shortcode() function.

How to add capability to individual page and set role for user to edit only that individual page?

It would be awesome to have some way to reset the default roles and capabilities.

I haven't played too much with actually deleting a predefined role from wordpress (like removing the contributor role for example) but if someone were to do this (for any of the predefined roles) it would be really nice to be able to get that default role back. Again I haven't deleted a default role so I don't know if it's even possible (the plugin has a link that implies I can do it) or how that would affect everything, but it would definitely be good to have a reset option of some kind. Just thinking about it, I wouldn't imagine creating a new role with the right capabilities would not be exactly the same because the role ID wouldn't match and I don't know how important that is.

Something I have played with for sure is changing the capabilities of the default roles. In this case it would be great to be able to reset a role back to its defaults. Even better would be to also indicate which capabilities are default for that role when viewing the capability editor, as well as having an easy reset button. Of course custom roles wouldn't have default capabilities so they wouldn't need indicators about default capabilities, or a reset button (unless that button simply removed all capabilities, but that might be undesirable).

Thanks for reading!

Hi Justin,

Question / Enhancement - Is it possible to add a functionality to export/import roles?

get_users_of_blog() is deprecated. Let's use get_users() instead

I have a user role: "Editor". I gave them the capability of: "promote_users" so that they could add certain roles to other lower users who do not have this capability. But how do i prevent these editor's from promoting themselves to a higher role like "administrator" because right now they can choose any roles they want for anybody.

I have a client who is easily confused and I'd like the content control metabox that appears on each post to only display certain roles to chose from.

In the members_content_permissions_meta_box() function you display a checkbox for every role in the global $wp_roles. Would it be possible to add a filter just before the foreach so that I can customize which roles are displayed in the metabox?

Like so:

/* Loop through each of the available roles. */
$roles = apply_filters( 'members_content_permissions_meta_box_roles', $wp_roles->role_names );

foreach ( $roles as $role => $name )

I'm using Members on a multisite instance, and I've added a few types of custom capabilities for CPTs. Somehow, the 'read' permission and a few others have been disabled for Administrators, resulting in them not having permissions to view wp-admin at all.

I can enable them and save, but when I go back into the Admin role, they are disabled again.

I've tried disabling the plugin, but it seems to persist in the DB- people with Administrator capabilities still can't log in.

I'm trying to remove some filters applied by the plugin, but it's not working.

remove_filter( 'get_the_excerpt', 'members_content_permissions_protect');

Any help?

We're on wpengine and since upgrading to wp3.8 we get a 502 when trying to access the options.

Any ideas?

Can the capabilities editor display links for the capabilities to the WordPress Codex page for that capability? For example https://codex.wordpress.org/Roles_and_Capabilities#read

When reaching a custom endpoint with a rewriting api, we have a notice in members_can_user_view_post function :

<b>Notice</b>:  Trying to get property of non-object in <b>.../wp-content/plugins/members/inc/template.php</b> on line <b>97</b>

When creating a custom endpoint, we are not in a wp loop, so the function get_the_ID return false and the line get_post( $post_id )->post_parent return a notice

Thank you for your help

The UI for controlling permissions on media no longer shows, however, the permissions previously configured still work.

When I first created this plugin, user levels had already been deprecated for a long time in core. There was one exception with the author drop-down, which I was told would be fixed by now. But, it's still lingering around:
http://core.trac.wordpress.org/ticket/16841

Members originally hid user levels from the edit role screen so that users could report issues with plugins that were still using them. I haven't gotten a report on this in a long while and have been able to help several plugin authors in the past. Good job by plugin authors!

But, WordPress is still the problem. Basically, when you create new user roles, they need to be assigned a level to appear in the author drop-down on the edit post screen. For most users, this hasn't been an issue. I still get the occasional support question on this though.

Therefore, I'm probably going to add a checkbox (on the settings page) to show user levels on the edit role screen (disabled by default).

I have a custom post type defined as follows:

  // Videos 
  $labels = array(
    'name'               => _x( 'Videos', 'post type general name' ),
    'singular_name'      => _x( 'Video', 'post type singular name' ),
    'add_new'            => _x( 'Add New', 'book' ),
    'add_new_item'       => __( 'Add New Video' ),
    'edit_item'          => __( 'Edit Video' ),
    'new_item'           => __( 'New Video' ),
    'all_items'          => __( 'All Videos' ),
    'view_item'          => __( 'View Video' ),
    'search_items'       => __( 'Search Videos' ),
    'not_found'          => __( 'No Videos found' ),
    'not_found_in_trash' => __( 'No Videos found in the Trash' ), 
    'parent_item_colon'  => '',
    'menu_name'          => 'Videos'
  );
  $args = array(
    'labels'        => $labels,
    'description'   => 'Holds our Videos specific data',
    'public'        => true,
    'taxonomies' => array('category', 'post_tag'),
    'menu_position' => 3,
    'supports'      => array( 'title', 'editor', 'thumbnail', 'excerpt', 'comments', 'author'),
    'has_archive'   => true,
    'map_meta_cap' => true,
        'capability_type' => 'video',
        'capabilities' => array(
            'publish_posts' => 'publish_videos',
            'edit_posts' => 'edit_videos',
            'edit_others_posts' => 'edit_others_videos',
            'delete_posts' => 'delete_videos',
            'delete_others_posts' => 'delete_others_videos',
            'read_private_posts' => 'read_private_videos',
            'edit_post' => 'edit_video',
            'delete_post' => 'delete_video',
            'read_post' => 'read_video',
        ),  
  );
  register_post_type( 'video', $args ); 

With the following map_meta_cap filter code

    add_filter( 'map_meta_cap', 'my_map_meta_cap', 10, 4 );
    function my_map_meta_cap( $caps, $cap, $user_id, $args ) {

        /* If editing, deleting, or reading a movie, get the post and post type object. */
        if ( 'edit_video' == $cap || 'delete_video' == $cap || 'read_video' == $cap ) {
            $post = get_post( $args[0] );
            $post_type = get_post_type_object( $post->post_type );

            /* Set an empty array for the caps. */
            $caps = array();
        }

        /* If editing a movie, assign the required capability. */
        if ( 'edit_video' == $cap ) {
            if ( $user_id == $post->post_author )
                $caps[] = $post_type->cap->edit_posts;
            else
                $caps[] = $post_type->cap->edit_others_posts;
        }

        /* If deleting a movie, assign the required capability. */
        elseif ( 'delete_video' == $cap ) {
            if ( $user_id == $post->post_author )
                $caps[] = $post_type->cap->delete_posts;
            else
                $caps[] = $post_type->cap->delete_others_posts;
        }

        /* If reading a private movie, assign the required capability. */
        elseif ( 'read_video' == $cap ) {

            if ( 'private' != $post->post_status )
                $caps[] = 'read';
            elseif ( $user_id == $post->post_author )
                $caps[] = 'read';
            else
                $caps[] = $post_type->cap->read_private_posts;
        }

        /* Return the capabilities required by the user. */
        return $caps;
    }  

When i visit /wp-admin/users.php?page=roles&action=edit&role=administrator
I can see the capabilities tab for Video. If i click on it, and set any of the capabilities to grant, then save. I can see that the data is being posted, e.g. grant-caps[]:edit_videos
But in class-role-edit the foreach loop loops through members_get_capabilities(). This function does not return any of the video capabilities. So when saving, the grant settings are omitted and not saved for these capabilities.

Any idea why? or how to fix this?

I have wp_debug on and am getting the following PHP Notice:

Notice: has_cap was called with an argument that is deprecated since version 2.0! Usage of user levels by plugins and themes is deprecated. Use roles and capabilities instead

Wondering if this is due to the new roles not being recognized and the system just assumes members_get_capabilities() is returning depreciated user_levels?

Can you add a select all/none checkbox in the capabilities editor for both grant and deny columns? Just kind of a nice touch.

Since you have the capabilities split into sections like general, posts, pages, etc, it would be great to go to one of those sections and select all for just that section and move on to another section. Of course viewing the "all" section and having a select all/none checkbox would be nice too.

I realize you're actively working on the dev branch (like a couple hours ago actively). But just in case you weren't aware, I just noticed I no longer see an option to clone.

Hi. I've found this being logged on a vanilla WP 3.6.1:

PHP Strict Standards: Redefining already defined constructor for class Members_Load in ...public_html/wp-content/plugins/members/members.php on line 50

Just need a wrapper for the current user list function.

See: http://themehybrid.com/board/topics/members-listing

Allow devs to filter the roles checked by default in the Content Permissions meta box. Reference: https://wordpress.org/support/topic/default-content-permission-several-have-ask-no-answer

Not sure why, content in shortcode [members_access role=""] just don't show up. Not sure if that's related to members_user_has_role() require the user ID as well? I made some changes locally on functions-shortcodes.php:128

Hi,
Is there any plans to add the option to propagate a page restriction to the corresponding child pages?

Thanks

Cap groups should be have a priority argument. That way, plugin authors can customize the order or simply move their group to a higher position.

Quick link under the role name on the roles list table to clone a role. This link should copy the caps for whatever role is selected and take the user to the add new role page. From there, they can save or customize then save.

Users keep asking for it. I keep explaining that roles aren't hierarchical. But, there is some use for it, particularly when a user has the ability to assign roles to users.

So, we should filter editable_roles and run some checks based on the site admin's setup of a hierarchy. This should either be a part of this plugin or as a companion plugin.

To reflect latest WP admin interface

Hey Justin: I'm running the latest version of your plugin on a dev server with PHP 5.4.6 and it's kicking out the error: Creating default object from empty value in line 21 of includes/functions.php

It can be fixed by adding the last line below:

function members_get_setting( $option = '' ) {
    global $members;
    $members =& new stdclass;

Currently the plugin allows us to select if a post is visible or not.

But to make it easier for users it would be awesome to be able to set apply content permissions to a full category.

So all posts in categoryX would only be visiable to logged-in users, or a role.

I upgraded to WP 4 a few weeks ago and I see too late that members is only tested through 3.7.1. My users can't edit pages and the role indicates they can so now I'm stuck. Any chance this will be upgraded soon. I will probably break my site if I try to revert to WP 3.7.1

Hi Justin, great work on members! I use it in almost every site I build!

But this time I'm facing an odd problem.

When I go to the page for creating new role i see that message (in the thread title) followed by a pretty huge mysql dump starting with

INSERT INTO `wp_options` (`option_name`, `option_value`, `autoload`) VALUES ('_transient_pods_get_all',

followed by what seems to be serialized data 'a:5:{i:51;a:35:{s:11:"object_type";s:3:"pod";s:4:"type" etc... closed by these statements:

 ON DUPLICATE KEY UPDATE `option_name` = VALUES(`option_name`), `option_value` = VALUES(`option_value`), `autoload` = VALUES(`autoload`)

Looks like transients from pods framework are involved. The error is shown only on the pages of your plugin.

It's nothing deadly. All the operations are working well. It's just annoying to have a page several thousands of pixel high and wide to scroll around :)

Would it be possible to display human readable descriptions for the capabilities in the roles/capabilities editor when editing a role? Personally I would still like to see the capability's actual name, but a brief description next to the name would certainly be handy!

Would it be possible for the login widget to redirect the user to the previous page, instead of the Dashboard?

Need a more professional banner and icon for the WordPress.org page: https://wordpress.org/plugins/members

I haven't looked into the feasibility of this, but here's the scenario I imagine:

• Go to Add New Role Page.
• Add a checkbox at the bottom (shown only if is_super_admin() and is_multisite()).
• The checkbox would be something like "Create this role across the entire network?"

I'd have to look more into it. I'm fairly certain it's possible to create the role across all existing sites in the network. I'm not sure if it's easy to have those roles for new sites after the role has been created.

I'm not that familiar with multisite, but I do know that roles are saved on a per-site basis. If anyone wants to help out with this, please do.

Currently, the "all" cap group doesn't take into account capabilities from post types and taxonomies that are not assigned to roles or those from custom groups.

See: #66 (comment)

I have noticed that using this plugin when I use the content restriction options to limit certain pages for example to only be seen by admin and editor, all users regardless of role can still see the link to that page in the navigation menu (using built in WP menu editor for my menus in my themes). There is another plugin similar to this one that allows those links for restricted pages to be hidden, but this plugin has more benefits so i'd prefer to fully switch to just this plugin. Could it be possible for this plugin to hide links from navigation menus when the person viewing is not assigned to a role capable of viewing said item?

(I am copying this from my wordpress.org support forum post https://wordpress.org/support/topic/hide-restricted-content-from-menus to github as an issue, it seems to make more sense here)

PR #58 adds an action at the top and bottom of the content permissions metabox allowing us to hook in here and add other ways in which the content can be restricted. I'm building a way to join the members plugin and JJJ's WP User Groups plugin

Would be awesome to have the ability to create a new role based off another existing one.

Hi Justin

Thank you for a super and free plugin. Much appreciated.

I was just trying to see if the plugin adds any CSS to posts. One thing I am looking to do is style pages so a user knows they are in a restricted area. That is, they know they can see it and others cannot.

I don't see it in the plugin, but thought I would check in.

Once again, many thanks.

Regards
Mike

Viewing the "Roles" screen under the "Users" menu...

By default, the "Contributor" Role is supposed to have THREE capabilities, yet this plugin is showing "5" in the "capabilities" column. When I click "edit" I only see the three defaults.

By default, the "Subscriber" Role is supposed to have ONE capability, yet this plugin is showing "2" in the "capabilities" column. When I click "edit" I only see one (default: read).

The WooCommerce "Customer" Role is supposed to have the same capabilities as "Subscriber" Role, which is ONE... but "3" is shown in the "capabilities" column. Then when I click on "edit" I only see one capability (default: read). I edited it to add two more capabilities and went back to the Roles screen where it still shows "3" capabilities although I just added two! I added two, so why doesn't it show five and what happened to the two that were apparently hidden?

This is scary stuff... are there hidden capabilities and did this plugin just delete them? What's really happening here?

Thank-you.

Only Issue i have with the members plugin is that i have custom fields on the pages. so even with the plugin activated to hide from users. You can still see the contents of the custom fields.
If you look at the link you will see what i mean.
http://www.chubbmarketinglibrary.com/uki/

Thanks again for your help.

error message is displayed only based on status or role. if not logged in or if not editor you'll see the error message. You don't see it if you're logged in or editor and above.

Styling via css would be appreciated as well as custom wording based on the single shortcut.

Hi Justin,

Question / Enhancement - Do you think it would be worth displaying non members an error or message when viewing content hidden by one of the members shortcodes?

So for example if I use [is_user_logged_in] to wrap (and hide) some member only content - instead of just displaying nothing it might be nice to show one of the member error messages. Like so -> findingsimple@ef8b295

Perhaps for a nicer implementation the output could just be wrapped with a filter so that it can be hooked into within a theme or another plugin?

This is a feature requested by users every so often.

I've never even played around with bulk editing before, so I'll have to dig into this. The first step should probably be testing out quick editing. At least try to roll out quick editing in v.0.3.0.

If anyone's looking into this, keep in mind that content permissions (the roles checked) are saved as multiple meta values on a single meta key.

Using the Redirect all logged-out users to the login page before allowing them to view the site option.
But would like them to register as well, but it seems it blocks the sign up page as well.
So no new users can register only Login.
Any Help would be appreciated.
Thanks

Hi @justintadlock

I was wondering if as an enhancement, you could implement per-user capabilities? This would allow groups of users to access certain posts, but also for these groups to be flexible (some users from a group could access several kinds of posts, for example). This isn't possible using Roles without creating one for each user.

The PHP for achieving per-user roles is:

$user = new WP_User( $user_id );
$user->add_cap( $capability );

All the best and thanks for the fantastic plugin,

Robert

Currently capabilities are listed by permission level (all read, then all edit, etc.). It would be nice to have them grouped by type, so all the 'post' permissions are grouped together, 'page' permissions are grouped together, and if there is a custom post type, all those permissions would be grouped together.