Last Saturday, a faithful support forum participant reported a bizarre bug involving Category checkboxes on the WordPress Post Edit form.  Role Scoper adds "Readers", "Contributors" and "Editors" boxes - each containing checkboxes to grant access to a specific User or Group.  It seems that some of these checkboxes, when clicked, caused one of the Category checkboxes to be (un)checked accordingly.  Obviously, this is a major bug for sites using Category Roles.

I tracked this error to the WordPress javascript!  WP 2.9 includes a change in wp-admin/js/post.js which makes any plugin-inserted checkbox array an involuntary vehicle of this error.  I have submitted a ticket in the WordPress bug tracking database, but don't know whether it will be corrected in the WP 2.9 branch.  To manually patch your installation, edit wp-admin/js/post.dev.js as follows:

change:

$('#in-category-' + id + ', #in-popular-category-' + id).attr( 'checked', c );

to:

if ( id && t.parents('#categorydiv').length )
  $('#in-category-' + id + ', #in-popular-category-' + id).attr( 'checked', c );

Then rename post.dev.js to post.js

An updated version of the Role Scoper plugin for WordPress is now available.  This is an important release for anyone using the File Filtering function, which controls direct access attempts to files that are attached to your private or restricted posts.  If you have previously given up on that option due to ugly errors with past RS versions, give it another try.

Thanks to those who have provided patient feedback as I work to make this difficult operation work reliably on all server configurations.  The other fixes and changes in this version will only affect a minority of users:

File Filtering Fixes:

• BugFix : File Filtering failed if WP was installed in html root folder, possibly causing an Internal Server Error

• BugFix : In WP-MU with File Filtering enabled, .htaccess file in uploads folders was regenerated on each site access (since 1.1.2) - possibly causing Internal Server Error or poor performance

• BugFix : In non-MU installations, .htaccess file was not immediately updated on activation / deactivation of File Filtering - making the selection appear ineffective

Other Changes:

• BugFix : Non-Administrators could not modify any Roles or Restrictions via bulk admin forms, even if some are delegated to them

• Lang : Added Spanish translation

• Change : Use https link for Role Scoper css and js files if ssl is being used / forced for the current uri

• BugFix : Archives listing using postbypost listing type did not display private posts to logged Administrator

• BugFix : Template function is_protected() / is_restricted() did not work with secondary queries

• BugFix : Private posts / pages not sometimes hidden from logged Administrators in front-end custom query results

• BugFix : PHP warnings on Edit Post / Page form (if WordPress debug mode enabled)

• BugFix : PHP notice for undefined constant (SCOPER_FORCE_FILE_INCLUSIONS)

• Feature : Support SCOPER_TEASER_HIDE_PAGE_LISTING definition, to suppress teased pages from front-end listing (while still applying teaser on direct access)

An updated version of the Revisionary plugin for WordPress is now available.  It includes a handful of bug fixes, features and plugin compatibility fixes.  Check the change log to determine whether any of the changes affect you:

• BugFix : Submitting a Pending Revision to a published Post failed with Fatal Error

• BugFix : PHP short tag caused Parse Error on servers which were not configured to support it

• Compat : Support TinyMCE Advanced and WP Super Edit for custom editor buttons on Revision Management form

• Feature : Revision preview bar can be styled via CSS file

• Lang : Fixed several string formatting issues for better translation support

• Change : Use https link for Revisionary css and js files if ssl is being used / forced for the current uri

Role Scoper has been translated into Spanish!  This translation applies to the Role Scoper Options form and all Restriction and Role setting interfaces.  Just extract the scoper.po and scoper.mo files into your plugins/role-scoper/languages folder.  Those files will be bundled in the next Role Scoper release.

Thanks to Rafael Pérez Gana of Rafo® Computación & Web for volunteering this work.

Those of you who experienced a fatal error after installing the last RS version can now fix that by upgrading to Role Scoper 1.1.5.  My apologies.

An updated version of Role Scoper is available to address remaining problems with WP-MU compatibility. Under some configurations, the File Filtering functionality caused corruption of the .htaccess file at the time of Role Scoper activation. The cause of this error is now pinpointed and corrected.

Other WP-MU users may have found that File Filtering was ineffective in version 1.1.3. This too is corrected.

There is no need to install this upgrade on standard (non-MU) WordPress installations.

An updated version of the Role Scoper plugin is now available.  It resolves a fatal error which occurred on WordPress MU version upgrades, corrects the filtering of trashed posts/pages in the wp-admin listings, and corrects a number of other bugs which emerged in the heavily modified version 1.1 code base.

The full change log:

WP-mu Fatal Error

• BugFix : Fatal error on wp-MU version upgrade, due to failed get_home_path() call (since 1.1.RC1)

File Filtering

• BugFix : .htaccess file was not regenerated when File Filtering is re-enabled following a disable (since 1.1.RC1)
• BugFix : File Filtering was not imposed for new attachments to private / restricted posts (since 1.1 RC1)

WP 2.9 Trash Function

• BugFix : Trashed posts / pages were included in edit listing when status filter set to default "All"
• BugFix : Trashed pages were included in Page Parent dropdown

Significant, Prevalent Bugs (new in 1.1 code base)

• BugFix : Main Page was not selectable when Quick Editing a Page
• BugFix : Posts were included in get_pages listing if "Include private pages in listing" option was disabled and Hidden Content Teaser turned off
• BugFix : When Contributor / Author category selection is limited, valid default category was not automatically selected
• BugFix : Some Category Roles were inappropriately auto-deleted on blogs which originated with WP < 2.3 (and have cats with term_taxonomy_id != term_id)
• BugFix : With Limited Editing Elements option enabled, some Post/Page Edit Form elements were inappropriately hidden from Editors / Authors / Contributors

Significant but Obscure 1.1 Bugs (only affect nonstandard config)

• BugFix : "Not valid" error message when a non-administrator saves a post/page with Role Type option set to "WP"
• BugFix : If RS Realm was customized for Page Roles only, the Restrictions menu included an invalid link to Category Restrictions
• BugFix : Some custom taxonomy queries were not filtered correctly
• BugFix : If "Remap terms" option was disabled, Category Edit Form did not list editable categories whose parent is uneditable

Significant but Rare 1.1 Bugs (only affect some installations)

• BugFix : New Pages / Posts did not inherit parent restrictions, in some installations
• BugFix : New Role assignments fail if MySQL does not convert nullstring to zero value for datetime storage
• BugFix : If Additional Object Roles option was enabled for some role, Page/Post assignments of that role could not be removed
• BugFix : PHP Warning on Group creation, in some installations

Hidden Content Teaser

• BugFix : Template function is_teaser_rs() did not work unless post ID was explicitly passed in (should default to ID of global $post)
• BugFix : Hidden Content Teaser, when applying "first x chars" teaser, stripped out img tag but not image caption
• Feature : Support SCOPER_NO_FEED_TEASER constant definition to prevent teasing of feed items even if teaser is enabled for main posts/pages listing

Nuisance Bugs

• BugFix : Convenience links to Category / Page Restrictions and Roles (within caption text) were invalid
• BugFix : "Browse Members" link on User Groups management page was broken
• BugFix : On General Roles assignment attempt, role selections were not preserved if user/group selection is missing

Plugin Compatibility

• Compat : PHP Warnings with WP Facebook Connect plugin

Some WordPress mu administrators have reported severe errors after updating to Role Scoper 1.1.

These appear to be caused by Role Scoper's revised file filtering mechanism, which inserts custom .htaccess directives.  Although designed and tested specifically for WP-mu, these changes have crashed at least two sites.  Since the cause and prevelance of this error is not yet known, I have published Role Scoper 1.1.2, which disables File Filtering by default for new installations, and turns it off for existing WP-mu installations.

If you are already hit by this error, recover by restoring the contents of your .htacess file to .htaccess-dist. Next, turn off File Filtering ( Site Admin > Role Options > File Filtering), or by adding the following line to wp-config.php:

define('DISABLE_ATTACHMENT_FILTERING', true);

By doing so, you will disable Role Scoper's file attachment filtering feature.

I expect to correct this error once I get some detailed feedback on the WP-mu error condition.  Until then, feel free to turn the feature back on manually and correspond with me on the details of any errors that arise.

I'm pleased to announce the first stable release of the Revisionary plugin for WordPress.

Revisionary enables moderated editing of currently published posts and pages.  It also allows you to schedule changes to existing content.  For a full description and screen captures, take a look at the Revisionary Overview.

Changes since the Release Candidate are as follows:

• Feature : Use Blog Title and Admin Email as from address in revision notices, instead of "WordPress <wordpress@>"

• BugFix : Revision Approval / Publication Notices used ?p=ID link, now uses standard permalink

• Compat : Display workaround instructions for FolioPress conflict with visual revision display

Role Scoper 1.1 is now available as a stable release, the first such update since August.  To review the many new features and improvements since version 1.0.8, see the version 1.1-RC1 change log.

Changes since the last release candidate are as follows:

• Feature : Additional "Lock Top Pages" option to allow any Page Author to set or remove top-level pages

• Feature : If HTTP authentication is enabled, append the http_auth argument to Category, Tag, Author and Comment feed links also

• BugFix : Contributors could not upload an image before a category is set, if editing rights are based on category

• DevBugFix : Changes to restrictions, roles did not clear internal cache for anonymous user (since 1.1.RC1)

• DevBugFix : Edit Posts listing for Published status included non-published posts (since 1.1.RC1)

• DevBugFix : Edit Pages listing for Published status included non-published pages (since 1.1.RC1)

• DevBugFix : Category Restrictions were not correctly noted in Edit Posts listing or front-end template functions (since 1.1.RC1)

• DevBugFix : In WP-mu dashboard, PHP warnings on first execution (since 1.1.RC1)

• DevBugFix : Attachments Utility did not load (since 1.1.RC1)

• Compat : Simple Section Nav: page selection list in Widget setup was broken with latest SSN version