Allowing WordPress Contributors to upload files
When managing a multi-user WordPress setup, any post by a user with the Contributor class will be held for editing/moderation by an editor or administrator before it is published. However, the downside to the Contributor class is that users with this role are not able to upload images for use in their posts. Luckily, the solution is simple.
There are a number of plug-ins that make it possible to modify user roles. Jordi Canal’s Capability Manager is great for this. However, they’re all a little overkill if you only want to make a single change.
Action hooks to the rescue
WordPress provides a number of functions that you can ‘hook’ into. Essentially, you can tell WordPress to call your custom function when it is performing a specific action. In this instance we’ll use the admin_init hook that is called at the beginning of every admin page before it is rendered.
All you have to do is plug the following into the functions.php of your current theme.
if ( current_user_can('contributor') && !current_user_can('upload_files') ) add_action('admin_init', 'allow_contributor_uploads'); function allow_contributor_uploads() { $contributor = get_role('contributor'); $contributor->add_cap('upload_files'); }
The code is pretty self-explanitory. It begins by checking if the current user is indeed a Contributor and that they have not already been given the capability to upload files. If these conditions are met, we use the add_action function to hook into admin_init to call our function allow_contributor_uploads().
allow_contributor_uploads() simply get’s the contributor role and adds the upload_files capability. Easy as pie.
You can learn a little bit more by reading my article about the action hook’s sibling, the filter hook. Just click the following link: Filtering WordPress Categories Using an Undocumented Hook.
64 Comments
Leave a Reply
About
Welcome to the blog of Ryan Marganti, the owner of SoulSizzle Design. I am currently booked until the end of time and not accepting freelance work. Contact me with any questions or comments.
Categories
Recent Posts
-
Create an Ajax Sorter for WordPress Custom Post Types
Create an AJAX sorter for WordPress custom post types
-
Adding Additional Image Sizes to WordPress Themes
Define and implement Wordpress images resolutions beyond the default Large, Medium, and Thumb sizes.
-
Manage a Boatload of WordPress Sidebars With Help From jQuery
Enhance the Wordpress dashboard with jQuery
-
Display a Different Number of Posts in WordPress Searches
Change the number of results shown in a Wordpress search
Just voted @talenthouse for Chris http://t.co/I1qRfAUh #ladyantebellum #
easy as pie, just like you said, thanks so much!
Ha, it is exactly what we are after. Thanks Ryan.
[...] bit of searching revealed exactly what I needed. One minor change in the theme’s functions file was sufficient to upload & insert images as a WordPress [...]
SUPER DUPER!!
For those using thesis, can put the code in custom.php file. Got a message from @wpvibe on twitter and told me to try out this out.. stumbled across your post and man, this works! Easy and awesome
Thanks a lot.
[...] soulzizzle pour cette astuce super [...]
Hi Ryan,
I have a question.
What’s the difference between using a plugin and custom code like the one you mentioned?
Yours will continue to do the job till its loaded on each page load.
Does the plugin have a similar effect or they change that in the db itself? What if I change capabilities of a user and then remove that plugin? Will that change be retained?
@Ashfame
Most capability plug-ins I have looked at use this same method. The add_cap() function actually is a WordPress method that modifies the options table in the database. Because of this, in most situations you can actually comment out/delete my code after it’s been run. Additionally, with most plug-ins, you should also be able to uninstall the plug-in.
I personally prefer this method over using a plug-in for a number of reasons. First, a plug-in does way more than I need it to do and is therefore inefficient. Secondly, I keep a small collection of snippets like this that are quicker to copy to a new project than to install a plug-in.
This has really got me to thinking about bunch of possibilities. Thanks for that.
Hey,
This guy copied my code.
See the original post here…
[NO LINK LOVE FOR MAKING FALSE ACCUSATIONS]
This post was made nearly three months before your post. Nice try.
-SoulSizzle
Awesome. This is really what we need.
Thanks !
Exactly what I needed. Thanks very much Ryan!
Great post. I seem to have successfully added it to the premium Builder theme from iThemes.com.
I’ve started collecting my own set of snippets to copy in to projects. I’d be interested to know what other ones you use – perhaps for a fee?
Seriously though blogs like this are pure gold and I would definitely pay money for a list of recommended plug-ins and code snippets for commonly needed features. This has got to exist somewhere – right? Maybe there is a sitepoint book in the works?
Anyhow, thank you Ryan!
Though I do use a lot of the same snippets of code over and over again, I really don’t have them organized centrally. They’re more or less dispersed throughout all of my old projects. I just know where to go when I want to copy & paste one. I’d just recommend reading my blog as I post more and check out similar blogs such as Cat’s Who Code and WP Engineer.
Sick and tired of getting low amounts of useless visitors to your site? Well i wish to share with you a brand new underground tactic which makes myself $900 each day on 100% AUTOPILOT. I could be here all day and going into detail but why dont you merely check their site out? There is a excellent video that explains everything. So if your seriously interested in producing easy money this is the website for you. Auto Traffic Avalanche
thanks a lot for that
Ohhh i got headeache to think this problem. And thanks you for this solving I loove it
[...] perusing the Google for some answers, I came across the following little gem c/o Ryan Marganti. In his words: “When managing a multi-user WordPress setup, any post by a user with the [...]
After editing functions.php, if you are logged in as contributor in another window, log out of the contributor account and log back in to see the Media menu.
[...] Dá se to řešit i pluginem, ale pokud již máte pluginů spoustu tak méně znamená více. Mrkněte sem: http://soulsizzle.com/quick-tips/allowing-wordpress-contributors-to-upload-files/ [...]
Nice one, thanks!
I just pasted it at the end of my function.php file, within php quotes/brackets (). That’s it, right?
Hi thank you so much for the simple code snippet. I installed the capabilities manager plugin and yes it was overkill, plus it messed up my other plugins. So this code snippet does the job perfectly.
A question though, are there any precautions we should take when allowing file uploads? Is there a way we can restrict the file types that can be uploaded? You wouldn’t have a code snippet for that by any chance?
WP 3.0.4, BP 1.2.7
Just need CONTRIBUTORS to upload and SET FEATURED IMAGE, after plug the code indicated by you in this article, at the begining of the functions.php file under http://domain.com//wp-content/plugins/buddypress/bp-themes/bp-default/functions.php
However, when I try or click the SET FEATURED IMAGE on a new post, I’m still receiving “You do not have permission to upload files.” message.
How to fix this ?
Regards,
Great hack.
Thank you very much…
But this also allows contributors access to the media library, where under “bulk actions” a contributor could “delete permanently” all the media files on the site. How do you keep contributors from this access, while still allowing them to upload media?
I can not get it to work.
after inserting the code in the function. The blog does not load. I have a blank page.
how to fix?
ok.. sorry.. mea culpa.
funciont.php in theme folder.. not wp-includes..
now it works perfectly. thanks!!
I added this code to the functions.php file in my template and it did work. But, I decided I didn’t want to have the image upload ability anymore for contributors. I deleted the code, but the upload icons are still there. Now, how do to remove the ability to upload images for contributors? I need those upload icons removed. Please help!
Can someone post the code for removal?
[...] breastfeeding tramadol on saturday delivery tramadol makes you feel tramadol paid with mastercard tramadol in mexico how much tramadol does it take to overdose tramadol shots tramadol with antidepressants flashback [...]
I am a layman – where is the functions.php? And also, has anything been resolved re contributors being able to bulk delete permanently all media?
Shelly has a very good point, bulk deletion of media is a serious security issue. How can you control this properly?
Ideally contributors should only have access to their own images in the Media library. But this is a more wide reaching issue with WordPress. However is there a way to prevent them deleting or prevent access to the media library?
You can remove the media library by using the plugin Adminimize. It allows you to specify menu options according to roles.
I voted, “Totally justified the Hype” because it did.It’s not like they called a press conference, had a keynote, and invited journalists to Cupertino. They simply splashed the main page on their website.Seems like all the “hype” was created by everyone else. If you don’t think they lived up to the hype, then stop reading into everything so much. That hype was user generated, not Apple generated. iPad 2 DVD Ripper MMMM Folders, didn’t bill gates do this with windows several years ago?
Just what we wanted. Worked like a charm.
Lovely, thanks.
I’m not sure where you are getting your information, but great topic. I needs to spend some time learning more or understanding more. Thanks for great info I was looking for this info for my mission.
You saved my life! I highly recommend this since nothing ever works for me, but this did. It reeeaaallly makes things easier for me.
Great plugin, was actually looking for something very similar to this. How secure is this exactly though?
thank you admin…
Nice Post! Bookmarking your blog
Nice Post! Bookmarking your blog
Its like you read my mind! You appear to know so much about this, like you wrote the book in it or something. I think that you can do with some pics to drive the message home a little bit, but other than that, this is excellent blog. A great read. I will certainly be back.
This is great stuff. I was looking for a way to do this and thought for sure I had to use a plugin, but this is really great. Just what I needed. Thanks so much for the tip.
[...] SoulSizzle [...]
Ryan,
Thank you for the code.
I have also started adding codes in functions.php rather than adding bulk plugins. The only problem is that some of the functionalities may not work if there is a theme change without these codes copied.
I am having the same issue.
Re: Shelley But this also allows contributors access to the media library, where under “bulk actions” a contributor could “delete permanently” all the media files on the site. How do you keep contributors from this access, while still allowing them to upload media?
I continuously
look for these kinds of blogs which give lot of information.
i get a lot of information from this.and wish to complete this job.
i read from net about sorts,teaching
Thanks for the nice post and it was very helpful
Hey there do you know the simplest way the history of asthma ?
[...] hepsi bu kadar, ne kadar da kolay oldu değil mi ? =) Bu kolay yöntemden dolayı Ryan Marganti‘ye teşekkür ederim ! /* Bu Yazıyı [...]
This is a great addition! Thank you very much
Thanks! Very easy! Now, my contributor can do more!
@shelley etc re: bulk delete permanently
Not sure if this has been a WordPress change (trying this in v3.3), but whilst the bulk delete option exists in the dropdown menu, a contributor cannot actually select any images to bulk delete.
Thanks, this is great information that I will be using for my multi-author blog. I’m inserting the code right now, I really appreciate this!
This hook is great, but there is a small problem. If contributor can upload files, he ca upload everything. For example PHP file, and then he can execute it…
Sorry, PHP is not allowed, but user can upload some other filetypes… how can I filter files and allow only jpg/png/gif?
[...] fullmmxiqfsnotiuy0300202 up voiunpbvoqauaybgw08 substantial xihoyygidflykyter4515918 being done subfuscous tyhmeuaqusylsopxf07 music pretension hfuyhnjoigmbwykob80, restriction nrbklvnqmljrnlrxz1440810 disclose vgevnjodpdzzfnwih5950899 unimportant iiesnzmjexjzcuuqg8095642 jest, blue dqbllhnvirejfgcgd0129741 gargantuan unnerve great foiqdqegrrmmbuaax4490152 trammel with niduspyheyhaxiaay7341198 [...]
[...] dqfvpttqeovnijjdh0967517 up lhfqqgwdidwcvkbgu0146326 apex dpbewhfniunvdgrff8959002 tread in clover kgrrygauaqriptffe1581239 known taybbbinkllcjkilr1572682, tome ojrtzxtswcxiwgciz6274056 boutique rejiecztbvbfdwzad1480857 inconsiderable avbrbsslzzfgbmykb7924512 pasquil, depressed dfhtwvznsbkitwtpg6157461 mammoth affix broadcast a achieve on emancipating gbnpzlzipzgjnxsuc7592265 tribunal kxnhriyakpitunzvy9077071 [...]
[...] livelihood far-reaching uyvyztmwiayhcgocw4286725 self-reliance zslwblebbqkzzzdxm0814155, tome ycisaetegcpuoxovo4081725 dependancy rabbit sepeojsexdirteott6841299 unimportant jqzpbkuwucpfwubqf5237816 simulated, [...]
[...] shaping rolling in it bfidtdkjompddipwg8891938 known upomxvavtqbedlqyu6102933, bibliography niduspyheyhaxiaay7341198 province of pressurize restrict wzvwcvhtbllbticvk8241238 bantam hlwlkeycmirrwiruf3609310 one-liner, [...]
[...] laws wqhnsuioszxrqoilu6443597 conglomerate in bear vzbpqkjtbgyxwnvaj5194220 twopenny-halfpenny kchlpawgygzjcafhv1979674 flute, scurrilous dxxgpspdskzbcsgoc5895378 gargantuan bop dlsinrhqicnyshvbu7205780 slack [...]
[...] mollycoddle rvbmghgqudoflkvtr6076280 buffoon, depressed wsltqyzrlfxwxjgsx1503535 alarming broach kxnhriyakpitunzvy9077071 slice iubpnyctgxcqawcpt6468286 Reply With Quote + Reply to [...]
Great solution. Thanks!
Very cool, and exactly what I was looking for!
This only gives me errors no matter what I do:
Notice: Undefined variable: contributor in /wp-content/plugins/functionality-plugin/functionality-plugin.php on line 97
Fatal error: Call to a member function add_cap() on a non-object in /wp-content/plugins/functionality-plugin/functionality-plugin.php on line 97