[Resolved] Delete link not working for all users except admin

[Author]

Posts

[Rita]

Hi there

PROBLEM 1
I have recently discovered that the DELETE link on custom posts is no longer working. The delete link works for Admin but no other logged in users - in this case Authors. This is the shortcode in the 'story template':
[cred_delete_post_link action='delete' redirect='50' class='cred-refresh-after-delete button' message='Are you sure you want to delete this story forever? This cannot be undone.' message_show='1']Delete[/cred_delete_post_link]

PROBLEM 2
Sometimes, not always, when an Author tries to create a post the post is created but on the front end it throws a 404.

TESTS
I have tried removing before and after message, class and redirect in the shortcode. No change.
I have updated wordpress and all plugins and tested but there is no clash with the plugins.
I have tried on all users. Admin works find. All other users cannot do these two tasks anymore.
I have tried with Access plugin and without Access plugin, but no change.

ACCESS TO TEST
I have provided you with admin access but to test this for yourself you need to login as one of the authors. Please allow me a private reply message and I will send these credentials to you promptly .

Look forward to hearing from you!
Rita

[Christian Cox]

Hello, sorry for the delay getting back to you. I have activated private reply fields here and will be happy to take a closer look when I receive author login credentials.

Sometimes, not always, when an Author tries to create a post the post is created but on the front end it throws a 404.
Is this happening when a post is created using Forms on the front-end of the site, or when a post is created from wp-admin, or some 3rd-party process?

If you go to wp-admin > Settings > Permalinks, then resave your site permalinks, does the post begin to show up?

Now temporarily switch to a different Permalink format, like "Month and Name". Try to reproduce the 404 error again.

Please let me know what you find out from these tests and provide login credentials in the private reply fields here.

[Christian Cox]

I can see the problem you are describing, but I'm not quite sure why it's happening. The exact same code on my own test site works without any problems for Author users, so there must be something else going on. May I create a clone of your site using the Duplicator plugin so I can run some additional tests?

[Rita]

Yes, go for it!

[Christian Cox]

The problem seems to be related to this custom code:

add_action('admin_init', 'no_mo_dashboard');
function no_mo_dashboard() {
  if (!current_user_can('manage_options') && $_SERVER['DOING_AJAX'] != '/wp-admin/admin-ajax.php') {
  wp_redirect(home_url()); exit;
  }
}

In my local environment when I'm logged in as author and I try to delete a post, I see this notice triggered in my server logs:

PHP Notice:  Undefined index: DOING_AJAX in /path/to/site/wp-content/themes/astra-follyfox/functions.php on line 55

If I comment out the add_action line, the problem is resolved. Perhaps there is a different way to test for DOING_AJAX instead of looking for it in $_SERVER? I've seen it like this in other code samples that restrict the admin dashboard:

if (  ! defined( 'DOING_AJAX' ) || ! DOING_AJAX  ) {
        wp_redirect( site_url() );
        exit;
    }

[Rita]

Ahhhhhh yes.... I understand.... Will try your idea.
Thankyou for your time Christian.

[Rita]

Closing this thread. Thank you!