GDPR Compliance and the plugins

The amr-users and amr-users-plus* suite of programs enable websites to list their user data from the wordpress user database and related tables (eg CIMY user tables).  See the individual addon plugin descriptions to see the tables they access. The plugins do not add or store any other personal user data – they are aimed at simplifying the development of lists or reports of user data.

The design of the user data and the decision to display the data in a user list generated by the plugins is the website’s responsibility. The base plugin currently caches user lists to simplify querying the website user data for the designed user list. The cache content is determined by the website – it is the user list content. These caches are temporary. They are stored in the wordpress database and are subject to the same protections as other website data in that websites wordpress database. If a user record is updated or deleted, the next cache run will delete all existing user data for that list and create a new cache.

Privacy and consent to the display of any personal data in a user list is the website’s responsibility. The base plugin offers a setting to determine whether a user list is can be shown publicly or not. The website is responsible for determining what goes into any such user list and whether these lists are made publicly available or simply run in admin by an appropriately authorised person.

The plugin offers the feature of a csv extract of a user list. If a list is public, the csv extract is stored as a file on the websites server. Security and safety of this file is the website’s responsibility. If the list is not public, the csv extract can be generated real time by a user who has the appropriate security capability.

When the plugin is deleted, the cache tables and plugin options are also deleted.

Many of the add-on plugins merely format the user data or offer searching, filtering and navigation features unrelated to the capture or tracking of the data.  In some cases they are merely example plugins and it is the website’s responsibility as to how these plugins are modified and what they data they might then make it possible to store.

The above applies to the following user related plugins:

  • amr-users
  • amr-users-plus
  • amr-users-multisite
  • amr-users-agequery
  • amr-users-plus-buddypress
  • amr-users-plus-cimy
  • amr users plus contexture groups
  • amr users plus date ranges
  • amr users plus edd
  • amr users plus gravity
  • amr users plus groupings
  • amr users plus itthinxgroups
  • amr users plus magicmembers
  • amr users plus mytreasures
  • amr users plus pmp
  • amr users plus post counts by dates
  • amr users ranking
  • amr users plus s2member
  • amr users plus social
  • amr users plus subscribe2
  • amr users plus symposium
  • amr users plus upme
  • amr users plus video link
  • amr users plus wishlist
  • amr users list users like me
  • amr user to user emails

 

Field types and formats

Many fields will have default formats, but what if you want a different format? Or if the field was added by another plugin?    There are add-ons for some third party plugins which may offer suitable formats.   Alternatively from version 4.0 of amr-users and up, one can control the format via the settings.

Tell the amr-users plugin what sort of data you have in your fields (the fieldtype) and the plugin will offer you some predefined formats for that field.   In some cases the option may be greyed out if the format function is not available in the system.

Some formats are available in the free version and some may require amr-users-plus versions >= 3.0 or may require a custom add-ons.

This is for example very useful if dealing with a third party plugin that stores date and time fields as Unix timestamps.  (Why do they do this?, ok I know why, it’s just that if wordpress doesn’t do it, it’s not necessary for plugins to do it is it?.  It obfuscates the data and makes to hard for you when you look at the raw data.)

Priorities

  1. Custom format specified in settings & custom function for that exists
  2. Else Custom format specified in settings – default pluggable function
  3. Else Linktype with default format
  4. Else Custom pluggable field specific function
  5. Else Default pluggable function if available (no settings, no linktype)

Instructions

In the “Fields and nice names” screen, select the field type for the field that the plugin has found.  For example:

  • user registration date is stored in date time format YYYY-MM-DD hh:mi:ss
  • various S2 member date time fields are stored in Unix timestamp format

In the “configure list” screen for each list,  choose formats that make sense for that field-type.   Each list can have a different format. For example, one list might have a high level date format for the user registration date, and another list might choose to include the date and the time.

Date Time fields and Unix time-stamp fields could currently be formatted as:

  • Date and time
  • Time
  • Date
  • Ago (human time difference)
  • Age
  • Birth month

The actual format of the date, time and datetime options can also be customised.  The options are the usual wordpress options AND the custom options from your general settings screen.

Email example:

Usually the user_email field will be formatted with the ‘mailto’ linktype and then each site can tailor this with their own css.  Perhaps use wordpress dashicons to show a email icon?  Two format options have also been provided.  If functions are defined for the format dropdown options, they will become ‘available’.  Eg:

  • function ausers_format_email_mailto($email)  or
  • function ausers_format_email_icon_mailto($email)

If a custom format is specified in the settings, these will generally override any coded custom formatting routine (except for amr-users-plus-s2member version 2.0 and lower) and any default formatting.

You should ensure that your data adheres to the field type specified.  Any invalid data will generally be shown unformatted.

Change the displayed text in a plugin or theme

Changing the text in a plugin or theme without editing the plugin or theme files is surprisingly easy IF the plugin or theme has made the text translateable.

Using a plugin like https://wordpress.org/plugins/loco-translate/, ensure the language chosen matches your wordpress language, and choose a location for your files (loco translate helps) that
will be accessed by the plugin or theme (some help with this) and
will not be overwritten by updates – loco translates helps and some plugins/themes help too by offering another lookup location. The recommended custom language file location is /wp-content/languages/.

For more information see http://icalevents.com/3445-an-accent-for-your-website/

change wordpress plugin text

Search users text replaced using translation tools – translating english into english!

Controlling access to user lists

The amr-user plugin offers wordpress capability control of access to users lists.  In wordpress roles have capabilities, and the capabilities determine what the users can do.  User lists can also be tagged as ‘public’ so  that a viewer with no role can see the list if used on the front end.

Summary of access control options:

  • public lists (ie lists ticked ‘public’ in the settings) can be viewed by anyone
  • non-public lists can only be viewed by people with ‘list_users’ capability
  • manage_options‘ or ‘manage_userlists‘ (custom capability) can create and edit user lists.

Tailoring access to the lists for roles:

If you want to isolate the ‘manage_userlists’ capability to a non-administrator and you don’t already have a plugin to do that for you, something like Justin Tadlock’s Members plugin is useful.

Registered Days Ago and Registration Date

There are two fields that show details of date of registration.  When the plugin started I wanted to see a human based ‘days ago’ view as I found that much more helpful to assess how long a user had been a member.

Thus that is the real wordpress registration date fields default formatting.  If one hovers over the field full details of the actual date will show.

It is also possible for you to write your own formatting function to format the date any way you would like.   For those people who are unable to write their own functions from the example and just want to display the registration date, there is a ‘pseudo’ field created which is called ‘Registration Date’ – it is not a real field though and does not sort well.

 

Days ago for registration date

Days ago for registration date

Registered days ago

  • real registration date field formatted using wordpress’s human time difference date time function
  • has hover text so you can see the actual date
  • will sort by date
  • will display the date in the csv extract

Registration date

  • pseudo field created on the fly in display only
  • doesn’t sort.  Sort by the ‘days ago’ field and then remove the display order to hide the field
  • doesn’t show in csv
Registration and days ago in excel

Registration and days ago in excel

Future

In the future there may be the possibility for one to choose from a range of formats. For  example I can imagine a number of possibilities:

  • a range of date formatting options using php date format options
  • human time diff, days ago
  • birthday (no years)