Hi friends,
I’ve just found a way to add a demo user to WordPress without any worry, I posted the way in the mailing list , but I had no feedback, We use the demo @ persian wordpress project without any problem, here is the original message :
[WORDPRESS 2+ ONLY]
For a wordpress i18n project I needed to run a demo version of a wordpress (ADMIN) without being worry about miss-usages/hacks/attacks, After working a bit I found a simple way , I will explain my way. Before I announce this soloution and putting it into action , I need some experts’ comments.
First of All I changed wp-includes/wp-db.php (function query) :
Original Code:
$this->result = @mysql_query($query, $this->dbh);
++$this->num_queries;
Changed to :
global $userdata;
if (($userdata->user_login == ‘demo’) && (preg_match(“/^\\s*(insert|delete|update|replace) /i”,$query)))
$_stop = true;
else
$_stop = false;
if (!$_stop) {
$this->result = @mysql_query($query, $this->dbh);
++$this->num_queries;
}
This code will prevent user identified by DEMO to change database, After that we should turn the wp cache off to avoid option caching,
This method would work, and will show the demo user all the power of WP ADMIN area without changing the DB at all ??
There’s just one point remains : editing files
This can be overcome by using “WP2 Roles”, I used plugin “Role Manager” and revoked “Edit Plugins”, “Edit Files”, “Import” and “Edit Themes” from a Role named “Demo” and assigned the user demo the role demo!
