Allow vendors to upload only specific file types in EDD Frontend Submissions

Easy Digital Downloads - Front-End Submissions - Allow only specific mime types upload

Frontend Submissions is an add-on that turns Easy Digital Downloads powered WordPress website into a complete multi-vendor marketplace. Based on your marketplace, you may need to restrict the certain file type uploads or allow specific file types upload only for your vendors.

I am sharing a code snippet that I just have written, and implemented on one of my client’s EDD FES website. Inserting it into WordPress theme’s functions.php will restrict vendors to upload any other file types and allow only zip file type upload.

// FES form field name : Prices and Files
add_filter( 'upload_mimes', 'dcg_restrict_mime_types', 1, 1 );
function dcg_restrict_mime_types( $mime_types )
{
$user = wp_get_current_user(); // get the current user
// if user is shop vendor or a shop manager
if ( in_array( 'shop_vendor', (array) $user->roles ) || in_array( 'shop_manager', (array) $user->roles ) ) {
// add the mime types you want to allow to upload
$mime_types = array(
'zip' => 'application/zip',
);
// Use unset to remove specific mime types uploads.
// unset( $mime_types['xls'] ); // Remove .xls extension
// unset( $mime_types['xlsx'] ); // Remove .xlsx extension
// unset( $mime_types['docx'] ); // Remove .docx extension
return $mime_types;
}
}

view raw
functions.php
hosted with ❤ by GitHub

Have you any better solutions? I would love to read your comments.

Customise WordPress Dashboard for Clients

To keep your clients from risky places or to restrict access to specific pages from the clients, you can customise your WordPress dashboard by adding the below code in your theme’s functions.php. This code allows you to hide parts of the WordPress dashboard menu.

function dcg_customise_dashboard() {
// remove_menu_page( 'index.php' ); //Dashboard
// remove_menu_page( 'jetpack' ); //Jetpack*
// remove_menu_page( 'edit.php' ); //Posts
// remove_menu_page( 'upload.php' ); //Media
// remove_menu_page( 'edit.php?post_type=page' ); //Pages
// remove_menu_page( 'edit-comments.php' ); //Comments
// remove_menu_page( 'themes.php' ); //Appearance
// remove_menu_page( 'plugins.php' ); //Plugins
// remove_menu_page( 'users.php' ); //Users
// remove_menu_page( 'tools.php' ); //Tools
// remove_menu_page( 'options-general.php' ); //Settings
}
add_action( 'admin_menu', 'dcg_customise_dashboard' );

view raw
functions.php
hosted with ❤ by GitHub

You need to uncomment the line ( remove // ) for the page that you want to hide/remove from the WordPress menu.

Be aware that this only hides the menu items from the dashboard and clients can still theoretically access these menus with a direct link (if they know).

How to fix Error 404 when Password Protect a WordPress Subdirectory with .htaccess

When you try to password protect a WordPress subdirectory by adding .htaccess and .htpasswd under subdirectory, you sometimes (in fact most of the times) get Error 404 – Page not found when you visit that subdirectory location in the browser.

To fix this error, add the following line at the top of .htaccess located in the root of your WordPress installation (yes, root .htaccess and not .htaccess of your password protected subdirectory), and you’re good to go now.

ErrorDocument 401 default

Do you have any different solution? I would love to hear your comments.