Never Moderate Registered Users

Description

This plugin prevents comments from registered users from ever going into the moderation queue or getting automatically marked as spam, regardless of the apparent spamminess of the comment.

To be recognized as a registered user, the user must be logged into your site at the time they post their comment.

This plugin assumes that you trust your registered users. It will automatically approve any comment made by registered users, even if the comment stinks of spam. Therefore, it is recommended that you do not allow users to register themselves (uncheck the setting “Anyone can register” in the WordPress admin under Settings -> General).

You can still allow open registration, whereby these “subscribers” are moderated as usual, while other more privileged users do not get moderated. The plugin provides a filter, ‘c2c_never_moderate_registered_users_caps’, which allows you to specify the roles and capabilities that can bypass moderation. See the FAQ for an example.

This plugin is a partial successor to my now-defunct Never Moderate Admins or Post Author plugin. In addition to preventing admins and the post’s author from being moderated, that plugin also allowed you to prevent registered users from being moderated. WordPress has long since integrated that functionality, so the main thrust of that plugin became moot. However, the ability to never moderate registered users is still a valid need that requires this plugin.

Links: Plugin Homepage | Plugin Directory Page | GitHub | Author Homepage

Hooks

The plugin is further customizable via two filters. Typically, code making use of filters should ideally be put into a mu-plugin or site-specific plugin (which is beyond the scope of this readme to explain).

c2c_never_moderate_registered_users_caps (filter)

The ‘c2c_never_moderate_registered_users_caps’ filter allows you to define the capabilities that are automatically trusted, any one of which a user must have in order to never get moderated.

Arguments:

  • $caps (array): Array of capabilities, one of which a user must have in order to bypass moderation checks. Default is an empty array (meaning any registered user bypasses moderation checks.)

Example:

/**
 * Require that a user have at least 'contributor' capabilities in order to be
 * trusted enough not to be moderated.
 *
 * @param array $caps Array of trusted capabilities. If blank, then any user registered on the site is trusted.
 * @return array
 */
function dont_moderate_contributors( $caps ) {
    $caps[] = 'contributor';
    return $caps;
}
add_filter( 'c2c_never_moderate_registered_users_caps', 'dont_moderate_contributors' );

c2c_never_moderate_registered_users_approved (filter)

The ‘c2c_never_moderate_registered_users_approved’ filter allows for granular control for whether a comment by a registered user that would otherwise be moderated or marked as spam should automatically be approved. Note: this filter only runs when a comment is from a registered user and is flagged for moderation or spam.

Arguments:

  • $approved (int|string) The approval status. Will be 1 unless changed by another plugin using this hook. May be passed 1, 0, or ‘spam’. Hooking function can return any of those in addition to ‘trash’ or WP_Error.
  • $commentdata (array) Comment data.
  • $user (WP_User) The commenting user.

Example:

/**
 * Always moderate comments by registered users if they mention "Google".
 *
 * @param int|string $approved  Approval status. Will be one of 1, 0, or 'spam'.
 * @param array      $commentdata        Comment data.
 * @param WP_User    $user               The commenting user.
 * @return int|string|WP_Error Can a registered user's comment bypass moderation? Either 1, 0, 'spam', 'trash', or WP_Error.
 */
function c2c_even_registered_users_cannot_say_google( $approved, $commentdata, $user ) {
    if ( $approved && false !== stripos( $commentdata['comment_content'], 'google' ) ) {
        $approved = 0;
    }
    return $approved;
}
add_filter( 'c2c_never_moderate_registered_users_approved', 'c2c_even_registered_users_cannot_say_google', 10, 3 );

Installation

  1. Install via the built-in WordPress plugin installer. Or download and unzip never-moderate-registered-users.zip inside the plugins directory for your site (typically wp-content/plugins/)
  2. Activate the plugin through the ‘Plugins’ admin menu in WordPress
  3. Optional: Use one or more of the provided hooks in custom code to control specific capabilities that should be exempted from moderation and spam or to control the feature on a comment-by-comment basis.

FAQ

Hey, why did I get some obvious spam from a registered user?

This plugin assumes that any comment made by a registered user (or a user with a specified capabilities) is not spam, regardless of the spamminess of their comment. If you don’t trust your registered users you probably shouldn’t have this plugin activated. Or at least follow the directions above to increase the minimum threshold for trusted users.

I don’t trust registered users who are just “subscribers”, but I trust “contributors”; can this plugin moderate accordingly?

Yes. You can specify the capabilities and roles that can bypass moderation. See the example provided for the ‘c2c_never_moderate_registered_users_caps’ filter.

Does this plugin include unit tests?

Yes.

Reviews

June 1, 2018
J'ai beau chercher, mais vu que tout ramène à du php, je pense que ce plugin est destiné aux programmeurs d'autres plugin. Pour un utilisateur lambda, autant intaller un distributeur de barbe à papa sur votre site, vous obtiendrez la même chose....rien.
Read all 2 reviews

Contributors & Developers

“Never Moderate Registered Users” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

2.3.1 (2020-08-27)

  • Change: Restructure unit test file structure
    • New: Create new subdirectory phpunit/ to house all files related to unit testing
    • Change: Move bin/ to phpunit/bin/
    • Change: Move tests/bootstrap.php to phpunit/
    • Change: Move tests/ to phpunit/tests/
    • Change: Rename phpunit.xml to phpunit.xml.dist per best practices
  • Change: Note compatibility through WP 5.5+
  • Change: Tweak some documentation in readme.txt
  • Unit tests: Check if WP is 5.5+ to use renamed option names

2.3 (2020-05-10)

  • Change: Disallow handling comments flagged with WP_Error
  • Change: Update inline docs for c2c_never_moderate_registered_users() and filter c2c_never_moderate_registered_users_approved to reflect that a WP_Error and ‘trash’ are also valid potential values
  • Change: Use HTTPS for link to WP SVN repository in bin script for configuring unit tests
  • Change: Note compatibility through WP 5.4+
  • Change: Update links to coffee2code.com to be HTTPS
  • Change: Unit tests: Remove unnecessary unregistering of hooks

2.2.2 (2019-11-25)

  • New: Add CHANGELOG.md and move all but most recent changelog entries into it
  • Change: Update unit test install script and bootstrap to use latest WP unit test repo
  • Change: Note compatibility through WP 5.3+
  • Change: Update copyright date (2020)
  • Change: Split paragraph in README.md’s “Support” section into two

Full changelog is available in CHANGELOG.md.