Skip to:

Re: Multiple user types – possible?

Jeff Sayre


Just a little heads up about JQuery. If you rely solely on JQ to display or hide certain fields, sometimes you will not get the intended behavior if a user has disabled javascript in their browser. It all depends on what methods/actions you are using to accomplish the hiding.

BP and WP are relying more heavily on JQ scripting to accomplish certain tasks. So, whenever you are coding JQ functions to hide or show certain objects, you have to be doubly sure to test your JQ scripts on all browser types with javascript turned off just to make sure that the behavior is consistent across the board. In other words, will the very small subset of users who turn off JS be able to inadvertently gain access to fields that they are are not supposed to see.

I struggled with this when coding my BuddyPress Privacy Component. It would have been a lot easier to simply have relied on JQ to accomplish many of the privacy filtering functions, but by doing so I would have been risking a given user’s requested privacy by exposing their data to users who had JS turned off.

The lesson here is that if your intent is to truly sequester a subset of data from certain users, JQ is probably not the best solution. I now look at JQuery as simply a nice tool for effects, for UI/UX experience. It is not a tool for basic security protocols.

Skip to toolbar