Title: Restrict users from editing published posts Last modified: August 20, 2016 --- # Restrict users from editing published posts * Resolved [gpspake](https://wordpress.org/support/users/gpspake/) * (@gpspake) * [13 years, 5 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/) * Again, Excellent Plugin. Beautiful code! * I have configured the plugin so that posts are submitted as pending and must be approved and published by an admin from the backend. However, after a post has been published, it still appears in the dashboard, giving the user the freedom to edit an already published post. Obviously this could be a problem as a user could replace a previously approved submission with unapproved content. * I can’t prevent this as the plugin dashboard overrides user capabilities that I already have in place. * [http://wordpress.org/extend/plugins/wp-user-frontend/](http://wordpress.org/extend/plugins/wp-user-frontend/) Viewing 12 replies - 1 through 12 (of 12 total) * [Runamok81](https://wordpress.org/support/users/runamok81/) * (@runamok81) * [13 years, 5 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342341) * Try installing the [User Role Editor](http://wordpress.org/extend/plugins/user-role-editor/) Plugin and removing the edit_published_posts capability from your users. * [professor99](https://wordpress.org/support/users/professor99/) * (@professor99) * [13 years, 5 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342383) * This issue was mentioned by me on this [forum post](http://wordpress.org/support/topic/security-problem-doesnt-observe-user-capabilities) with a fix provided. My [development version](http://wordpress.org/support/topic/frontend-updates-2rrr-fork?replies=27) includes this fix which is enabled by setting the admin “Others” tab option “ User can edit their posts” to “Default” * Thread Starter [gpspake](https://wordpress.org/support/users/gpspake/) * (@gpspake) * [13 years, 5 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342416) * [@runamok81](https://wordpress.org/support/users/runamok81/) I already have the user role editor plugin installed; wp-user front-end overrides it though. Even if the user has no editing capabilities, they can still edit posts from the front end dashboard. * [@professor99](https://wordpress.org/support/users/professor99/) Thanks for the response, I’m going to check your fix out and see if it works for me. I’ll post here with the results. * Thread Starter [gpspake](https://wordpress.org/support/users/gpspake/) * (@gpspake) * [13 years, 5 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342463) * Fixed! * To prevent the edit and delete links from appearing in the dashboard for published posts, you only need to amend two lines in wpuf-dashboard.php… * Change line 154 from to post_status, array(‘publish’) ) ) { ?> * and change line 164 from to post_status, array(‘publish’) ) ) { ?> * Now, this prevents the edit and delete buttons from appearing for published posts for all users. If you would like admins to be able to see the links you would have to alter it some more but anyone who needs to be editing published posts most likely already has back end access. * I hope this helps someone out there and gets more people to download this great plugin. * Thanks Tareq and I’ll hope you’ll consider this issue in future updates. * [professor99](https://wordpress.org/support/users/professor99/) * (@professor99) * [13 years, 4 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342469) * As mentioned in other responses Version 4.0 of my [development ](http://wordpress.org/support/topic/frontend-updates-2rrr-fork) release should of fixed this. * However thanks gpspake for your effort in investigating this. Having this code here is useful for those who want to stay with the official version but want to tighten their security here. * Thread Starter [gpspake](https://wordpress.org/support/users/gpspake/) * (@gpspake) * [13 years, 4 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342500) * Ok, It just realized how the fork handles this much better through the backend. Thanks professor99! * [ninofrenn](https://wordpress.org/support/users/ninofrenn/) * (@ninofrenn) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342539) * this only hide the edit and delete link at the dashboard, but users still can edit and (surely) delete post if they know the post ID… * I think a few wp conditional tags (publish, draft, or pending) need to implement in wpuf-edit-post.php * [professor99](https://wordpress.org/support/users/professor99/) * (@professor99) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342540) * Hi ninofrenn, * Your right about gpspake’s code but wrong about the development release. It applies wordpress defaults on the server side as well. * Thread Starter [gpspake](https://wordpress.org/support/users/gpspake/) * (@gpspake) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342541) * Yeah, that certainly was not a final solution. This is one of the main features that encouraged me to install the development fork, which fixes this properly. * [ninofrenn](https://wordpress.org/support/users/ninofrenn/) * (@ninofrenn) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342542) * [@professor](https://wordpress.org/support/users/professor/) set the “default” for user can edit or delete will disable subscribe to edit or delete their pending/ offline post. * What I need exactly is 1. User (in any role included subcriber) can edit or even delete their post if the post still pending/unapprove. But if their post have been published/approve then these option (edit & delete) should be disable at all in wpuf default editor ( but any backend accesibility user still could edit published post such admin and editor). * [ninofrenn](https://wordpress.org/support/users/ninofrenn/) * (@ninofrenn) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342543) * hey, just found a way for my problem i added one conditional code in wpuf-edit- post.php * ``` else if ($post->post_status == "publish") { $can_edit = 'no'; $info = 'You cannot Editing this post anymore! Cheating huh?'; } ``` * [professor99](https://wordpress.org/support/users/professor99/) * (@professor99) * [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342544) * Thanks ninofrenn, * That could be a good option to have for subscribers. Viewing 12 replies - 1 through 12 (of 12 total) The topic ‘Restrict users from editing published posts’ is closed to new replies. * ![](https://ps.w.org/wp-user-frontend/assets/icon-256x256.gif?rev=2818776) * [User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration](https://wordpress.org/plugins/wp-user-frontend/) * [Frequently Asked Questions](https://wordpress.org/plugins/wp-user-frontend/#faq) * [Support Threads](https://wordpress.org/support/plugin/wp-user-frontend/) * [Active Topics](https://wordpress.org/support/plugin/wp-user-frontend/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wp-user-frontend/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wp-user-frontend/reviews/) * 12 replies * 4 participants * Last reply from: [professor99](https://wordpress.org/support/users/professor99/) * Last activity: [13 years, 3 months ago](https://wordpress.org/support/topic/restrict-users-from-editing-published-posts/#post-3342544) * Status: resolved