users can edit their published posts via backend editing (even after editing should not be possible any more), make them sticky if they want, change published date etc. Bug or feature?
-
Hi,
I set up a new site with buddypress, bbpress and some other plugins.
I did not change the user capabilities for the subscribers.
My Problem is that users can use the “edit this page” link that is placed at the bottom of a page that contains a topic (and the viewing user is author of this topic) that leads the user to the backend (/wp-admin/post.php?post=83716&action=edit for example).
There the user is able to change the published date, the status (sticky, ..) of the topic, the text etc.I think this is not normal… Subscibers should not be able to access the backend and to change published topics…
My subscribers do not have any edit_posts capabilities. They have just “level 0” and “read” as capability shown in the user role editor.
Is there a problem known that might depend on one of the modules that is installed at my site?
How can I get users not to be able to edit their topics?
I use the following modules:
akismet
bbpress-stay-checked
buddypress
buddypress-xprofile-custom-fields-type
events-manager
user-role-editor
bbpress
bp-force-profile
buddypress-activity-plus
cd-bp-avatar-bubble
gd-bbpress-tools
regenerate-thumbnails
view-own-posts-media-only
bbpress-post-toolbar
bp-profile-search
buddypress-media
easy-wp-smtp
tdlc-birthdays
wp-ffpc
bbpress-simple-advert-units
buddymobile
buddypress-recaptcha
erident-custom-login-and-dashboard
nextend-facebook-connect
ultimate-tinymce
wp-hide-dashboardThanks for your help!
- You must be logged in to reply to this topic.
