Per-Post User Level Restrictions feed icon

WordPress 1.2
Per-Post User Level restrictions

(c) 2004 Scott Merrill skippy@skippy.net

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

INTRODUCTION
This modification allows blog authors to assign a minimum user level required to view each post. The default value is zero (retroactively applied to all existing posts), which means anyone can see the post. By choosing the post level on the admin post or edit screen, the author can limit who sees what.

INSTALLATION
PART ZERO
Extract the contents of the file post_level.tgz into your WordPress directory. No files will be overwritten. The contents of the download file are thus:

PART ONE
This modification requires the addition of a new row to the wp_posts table, called "post_level". There are sever al ways to accomplish this:
1) Make sure the included post_level_install.php is in your wp-admin directory. Call this page from your browser:
   http://www.example.com/wordpress/wp-admin/post_level_install.php

2) Edit the included post_level.mysql file to correctly identify the name of your wp_posts table (only necessary if you're using a custom table prefix for your database tables), then execute the following:
   mysql -uusername -p wordpress post_level.mysql
Replace "username" with your database username, as defined in wp-config.php.
Replace "wordpress" with the name of your WordPress database, as defined in wp-config.php

3) Use a tool like phpMyAdmin to manually alter the table. The post_level row must be UNSIGNED INT(2), default zero, not null.

PART TWO
Next, you need to modify five files:

Again, there are several ways to do this:
1) From the command line, run the patch command in your WordPress directory to automatically modify all the files for you using the included post_level.diff file:
   patch -p0 post_level.diff

2) If you haven't modified any of the listed files yourself (to apply other modifications, for example), you can simply copy the files from the modified/ directory to their respective locations:
   cd modified
   cp -r ./* ..

3) You can look through either the post_level.diff file, or the files in the modified/ directory to see what chan ges I've made. I've prefaced all of my modifications with this line:
   // SDM 23-05-2004 post_level modification
to help you identify what has been changed.

USING THE MODIFICATION
Once installed, you'll note that the post and edit screens now have a drop-down select box labelled "Post level". This is the minimum user level required to view the post.

Enjoy!

Update 03-06-2004
By default, WordPress grants the ability to create new posts to any user with a user level greater than 0. So restricting posts with this mod and granting visitors user levels high enough to read your restricted posts means that your readers can become writers and blog on your blog. The fix is easy enogh: In wp-admin/post.php, find the line "default:" (this regex -- ^default: -- will take you right there). It's line 721 in my copy. Below that is a line that reads:

if ($user_level > 0) {

Change that zero to any higher number, depending on the number of restricted levels you want to have. If you only want a single level of restricted posts, change the zero to 1. Then raise your privileged readers up to user level 1. They'll see level 1 posts, but not be able to edit.

My sincere apologies for any trouble this oversight has caused.

  • Blogging Pro - Blog News, Tools and Hacks » Privatize Posts
    May 25th, 2004
  • Blogging Pro - Blog News, Tools and Hacks
    May 25th, 2004
  • Weblog Tools Collection
    May 25th, 2004
  • Carina
    June 1st, 2004 at 12:25am
    Hey! You stole my idea!
  • scriptygoddess.com
    June 3rd, 2004
  • Carla
    June 3rd, 2004 at 3:20am
    Hi, sorry if this is a stupid question but I'm a bit confused. The scriptygoddess post made it seem as if it was a user registration type thing to just be able to view and comment on posts but here it seems the user registration is just to restrict what entries authors can view. I guess my dilema is I don't want to register people as authors, just viewers because I can restrict who does that. Am I wrong?
  • skippy
    June 3rd, 2004 at 3:30am
    This modification restricts who can see what. When an author composes a new post, they choose the minimum user level required to view that post. For example, on my blog right now I have one post that requires a user level of 1 or greater to view it. Since I have no registered users, no one can see that post except for me. I think your confusion stems from the fact that user level 1, by default, allows people to author posts. So granting registered users a user level greater than zero in order to allow them to see posts would also allow them to post new blog items. In your admin section, under Options -> General Options is a checkbox labelled "Any registered member can publish articles". Make sure that is _unchecked_. Next, edit wp-admin/menu.php, and find these two lines (toward the top):
      array(__('Write'), 1, 'post.php'),   array(__('Edit'), 1, 'edit.php'),
    Change the digit "1" there to any higher number. In this way, user level 1 can be used for your "elevated" users, allowing them to see restricted posts. If you find yourself wanting several levels of restricted posts, you may need to edit other items inside menu.php, to ensure registred users don't gain access to control of your site. I hope this clears it up. Do please let me know if you have any questions or problems!
  • girl
    June 3rd, 2004 at 11:14am
    Is there a way to redirect the user back to the blog page? I've included the sign-in form right on my blog, but I want it to redirect right back to the blog when someone signs in - NOT to any of the WP admin pages. Thanks!
  • girl
    June 3rd, 2004 at 11:17am
    scratch that - I think I got it. Thanks.
  • Tek
    June 3rd, 2004 at 3:01pm
    You know, I installed this and everything looked okay... got no errors or anything but it doesn't seem to work for me. =( Its hard to troubleshoot because there are no errors... and nothing seems broken, but the posts are showing up.
  • tormodh
    June 11th, 2004 at 11:56am
    Made a hack/mod to how this behaves within the WordPress Users control panel. Users at level 1 show up as users and not authors. Read here: spesifications and such here
  • fotomatch
    July 7th, 2004 at 9:43am
    Why not restrict the post level to those who are lower than the poster? If anyone is interested to do that, it is easy. Modified both edit-form.php, and edit-form-advanced.php replace the line <?php for ($i = 0; $i <= 10; $i++) { with <?php for ($i = 0; $i <= $user_level; $i++) {
  • washburn
    September 8th, 2004 at 10:36pm
    Just installed this--it seems to work well. Except for one strange thing. When I visit my site at "http://thisdarkqualm.com/" user level posts are correctly displayed. But if I visit my site at "http://www.thisdarkqualm.com/" no messages above level zero appear, even when I'm logged in at level 10. I am new at all this and have no idea why this is. Shouldn't my site be the same, with or without the "www."? I wonder if my wp install (which my server did automatically) is misconfigured or contains duplicate files, or something. Also, have you seen this? ( http://www.furbona.org/viewlevel.html ). Her plug-in seems similar to yours. Her idea of a little "locked" icon designating restricted posts is kind of a nice one. Perhaps such an icon or a "public" "private" tagline would be a nice touch for your modification as well.
  • scriptygoddess
    October 7th, 2004
  • miguel
    November 3rd, 2004 at 10:36am
    I was trying to install this hack in wordpress 1.3 alpha... every file seems to be the same exept wp-blog-header.php which is very different... did you try to implement per post user in WP 1.3 ? it must not be very difficult.... thanks. www.gatodante.com/wpress
  • Ron
    November 25th, 2004 at 6:21am
    Been trying to unpack the post_level.tgz file using a number of decompressors with no success. Just get an invalid archive error. Any chance you can post the archive in a ZIP format?
  • skippy
    November 27th, 2004 at 6:52pm
    I just downloaded the file and confirmed that it's a valid gzipped tarball. WinZip ought to handle this. If you're on GNU/Linux of Mac OSX you can execute tar zxvf post_level.tgz. But to make things easier, I have made a zip file. post_level-1.2.zip
  • Ron
    November 30th, 2004 at 6:24am
    Thanks! The zip file worked. Ron
  • Tom Croucher
    December 22nd, 2004 at 11:15am
    Seems good, but I think my RSS is still showing restricted post. It would be a nice option to have the RSS show the post name but say something like 'restricted to level x users'.
  • Lily
    February 11th, 2005 at 5:43pm
    Hi, is there a 1.5 port of this for Wordpress? :)
  • skippy
    February 11th, 2005 at 6:41pm
    I haven't fiddled with WordPress 1.5 very much at all, and _none_ at all in terms of plugins / modifications. I no longer have a need for this plugin, so I'm unlikely to spend much effort on it. If there's a real swell of interest, I might pick it up again; but that's pretty unlikely.
  • Carla
    February 16th, 2005 at 7:02am
    I was wondering the same thing.
  • skippy
    February 16th, 2005 at 6:25pm
    I haven't used this yet, but it looks to be exactly what I had in mind: http://fortes.com/projects/wordpress/postlevels
    Post Levels is a Wordpress plugin which allows you to restrict access to posts based upon the user level. Wordpress 1.3/1.5 or greater required.
    It's a plugin, not a hack, and it leverages the new Plugin API hooks (posts_join) exactly as I would have done it.
  • Carla
    February 22nd, 2005 at 5:23am
    Thank you for your comment the other day. I set this up and while it works, just wanted to say yours was a little more user friendly which I really appreciated. Thank you. :)
  • Giles
    March 7th, 2005 at 7:48pm
    I wanted yours to work .. the post levels plugin while good is not user friendly, I would much rather have a drop down menu. I installed yours only to realise it wasn't 1.5 compatable .. oh well Giles and the View-Level one has disappeared too.
  • Maxwell Smart
    March 28th, 2005 at 10:02pm
    Yes I would be interested agree. The post levels hack is not user friendly... and I have been searching high and low for something better.
  • Boon
    May 8th, 2005 at 8:41pm
    To hide the RSS feed text for restricted posts, just add the following line in viewlevel.php (just put it right under the other add_filter statements): add_filter('the_excerpt_rss','hide_text'); After that, the RSS feed only shows the $private_message line ("Sorry, you need to be logged in to see this post.") but no text.
  • Boon
    May 8th, 2005 at 8:46pm
    Oops, sorry that last comment is a bugfix for viewlevel, not post_level...
  • Anonymous
    June 21st, 2005 at 5:21pm
    geeze man could you have made it any more complicated ? lol part zero - where exactly do you put each of the pages ? ? part one - (1) doesn't work results in error (2) execute the following: mysql -uusername -p wordpress
  • onga
    June 21st, 2005 at 5:23pm
    the post_level plugin for wordpress doesn't work with 1.5 and above its a useless plugin unless you hack it to death

About | Policies | skippy.net