infohowdy

Thanks ??

Thankyou ??

My question is: where I can find a documentation to substitute invalid and deprecated attributes, the online documentation still learn invalid attributes (like microformats wiki).

At this time I follow your solution, switch html5 templates to xhtml 1.0 transitional…

hello apljdi,
yes but I need to spend a lot of time to modify themes…

I miss the file xmlrpc.php

Thankyou very much anmari !

justinfyi in the file wp-admin/users.php around line 171

if ( $id == $current_user->ID ) {

add some rule here

if ( $id == $current_user->ID || $user->user_level == 10) {

I know this is not flair solution…

justinfyi this hide options but if you bypass by a url query you can delete administrators.
I think the only way is to modify the wp-admin/users.php page

this sound strange, in this part of code user with minor level can’t delete user with upper lever…

// We have to vulnerable queries id users admin interfase which should be processed
// 1st: https://blogdomain.com/wp-admin/user-edit.php?user_id=ID&wp_http_referer=%2Fwp-admin%2Fusers.php
// 2nd: https://blogdomain.com/wp-admin/users.php?action=delete&user=ID&_wpnonce=ab34225a78
// If put Administrator user ID into such request, user with lower capabilities (if he has ‘edit_users’)
// can edit, delete admin record
// This function removes ‘edit_users’ capability from current user capabilities
// if request has admin user ID in it
function ure_not_edit_admin($allcaps, $caps, $name) {

global $ure_userToEdit;

$userKeys = array(‘user_id’, ‘user’);
foreach ($userKeys as $userKey) {
$accessDeny = false;
if (isset($_GET[$userKey])) {
$ure_UserId = $_GET[$userKey];
if ($ure_UserId==1) { // built-in WordPress Admin
$accessDeny = true;
} else {
if (!isset($ure_userToEdit[$ure_UserId])) {
// check if user_id has Administrator role
$accessDeny = ure_has_administrator_role($ure_UserId);
} else {
// user_id was checked already, get result from cash
$accessDeny = $ure_userToEdit[$ure_UserId];
}
}
if ($accessDeny) {
unset($allcaps[‘edit_users’]);
}
break;
}
}

return $allcaps;
}
// end of ure_not_edit_admin()

function ure_init() {

global $current_user;

if (!empty($current_user->ID)) {
$user_id = $current_user->ID;
} else {
$user_id = 0;
}

// these filters and actions should prevent editing users with administrator role
// by other users with ‘edit_users’ capabilities
if (!ure_is_admin($user_id)) {

// Exclude administrator role from edit list.
add_filter(‘editable_roles’, ‘ure_excludeAdminRole’);
// Enqueue jQuery
add_action(‘admin_enqueue_scripts’ , ‘ure_admin_jquery’ );
// Hide Administrator from list of users
add_action(‘admin_head’ , ‘ure_admin_user_hide’);
// prohibit any actions with user who has Administrator role
add_filter(‘user_has_cap’, ‘ure_not_edit_admin’, 10, 3);

}

}
// end of ure_init()

justinfyi: the Superadmin plugin doesn’t work correctly with User Role Editor.

I’m interested too

Thankyou ! ??

Hello Chip, thank you very much for your reply.
This add new options to themes but I need without edit directly the original admin css to change the admin_print_style and load them like wp…

P.S. Nice blog !

solved I found a great plugin in the repository to do this.
‘download manager’