Description
Adds an avatar upload field to user profiles if the current user has media permissions. Generates requested sizes on demand just like Gravatar! Simple and lightweight.
Just edit a user profile, and scroll down to the new “Avatar” field. The plug-in will take care of cropping and sizing!
- Stores avatars in the “uploads” folder where all of your other media is kept.
- Has a simple, native interface.
- Fully supports Gravatar and default avatars if no local avatar is set for the user – but also allows you turn off Gravatar.
- Generates the requested avatar size on demand (and stores the new size for efficiency), so it looks great, just like Gravatar!
- Lets you decide whether lower privilege users (subscribers, contributors) can upload their own avatar.
- Enables rating of local avatars, just like Gravatar.
Screenshots
Installation
- Install easily with the WordPress plugin control panel or manually download the plugin and upload the extracted folder to the
/wp-content/plugins/
directory - Activate the plugin through the ‘Plugins’ menu in WordPress
- If you only want users with file upload capabilities to upload avatars, check the applicable option under Settings > Discussion
- Start uploading avatars by editing user profiles!
Use avatars in your theme using WordPress’ built in get_avatar()
function: https://codex.wordpress.org/Function_Reference/get_avatar
You can also use get_simple_local_avatar()
(with the same arguments) to retrieve local avatars a bit faster, but this will make your theme dependent on this plug-in.
FAQ
-
Does Simple Local Avatars collect personal data of website visitors?
-
No. Simple Local Avatars neither collects, stores, nor sends any PII data of visitors or avatar users on the host site or to 10up or other services.
Reviews
Contributors & Developers
“Simple Local Avatars” is open source software. The following people have contributed to this plugin.
Contributors“Simple Local Avatars” has been translated into 20 locales. Thank you to the translators for their contributions.
Translate “Simple Local Avatars” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
2.8.3 – 2024-11-18
- Changed: Only allow images that were uploaded by the same user be used when setting the avatar via a REST request (props @dkotter, @justus12337, @faisal-alvi via #317).
- Fixed: Only allow image files to be set as the avatar in REST requests (props @dkotter, @justus12337, @faisal-alvi via #317).
- Security: Bump
@10up/cypress-wp-utils
from 0.2.0 to 0.4.0,@sentry/node
from 6.19.7 to 8.38.0,@wordpress/env
from 9.2.0 to 10.11.0,cypress
from 13.2.0 to 13.15.2,cypress-mochawesome-reporter
from 3.6.0 to 3.8.2,puppeteer-core
from 23.3.0 to 23.8.0 (props @dkotter via #319).
2.8.2 – 2024-11-12
- Fixed: Ensure dependencies are (actually) included properly in the release (props @dkotter via #316).
2.8.1 – 2024-11-12
2.8.0 – 2024-11-12
Note that this release bumps the minimum required version of WordPress from 6.4 to 6.5.
- Added: Support for the WordPress.org plugin preview (props @faisal-alvi, @jeffpaul via #297).
- Changed: Update PHP compatibility check to use
10up/wp-compat-validation-tool
(props @Sidsector9, @jeffpaul, @faisal-alvi via #291). - Changed: Bump WordPress “tested up to” version 6.7 (props @sudip-md, @jeffpaul, @dkotter via #310, #312).
- Changed: Bump WordPress minimum supported version to 6.5 (props @sudip-md, @jeffpaul, @dkotter via #310, #312).
- Fixed: Ensure all strings are properly translated (props @pedro-mendonca, @dkotter via #295).
- Fixed: Properly handle malformed
simple_local_avatar
user data (props @adekbadek, @dkotter, @faisal-alvi via #302). - Security: Run a user capability check before we clear the avatar cache (props @dkotter, @truonghuuphuc, @Sidsector9 via #309).
- Security: Ensure REST API requests to set an avatar only allow existing attachment IDs to be used (props @dkotter, @justus12337, @faisal-alvi via GHSA-wfjh-m788-w2c5).
- Security: Bump
axios
from 1.6.7 to 1.7.4 (props @dependabot, @faisal-alvi via #298). - Security: Bump
webpack
from 5.90.0 to 5.94.0 (props @dependabot, @faisal-alvi via #303). - Security: Bump
ws
from 7.5.10 to 8.18.0 and@wordpress/scripts
from 27.1.0 to 30.4.0 (props @dependabot, @faisal-alvi via #305, #311). - Security: Bump
body-parser
from 1.20.2 to 1.20.3,express
from 4.19.2 to 4.21.0,send
from 0.18.0 to 0.19.0 andserve-static
from 1.15.0 to 1.16.2 (props @dependabot, @faisal-alvi via #306).
2.7.11 – 2024-07-18
Note that this release bumps the minimum required version of WordPress from 6.3 to 6.4.
- Changed: Bumped WordPress “tested up to” version 6.6 and minimum version to 6.4 (props @sudip-md, @ankitguptaindia, @jeffpaul via #289, #290).
- Security: Add nonce check when saving the default avatar ID (props @faisal-alvi, @aaemnnosttv, @rafiem, @dkotter via GHSA-46pw-6m35-9m7x).
- Security: Bump
braces
from 3.0.2 to 3.0.3,pac-resolver
from 7.0.0 to 7.0.1,socks
from 2.7.1 to 2.8.3 and removesip
(props @dependabot, @Sidsector9 via #286). - Security: Bump
ws
from 7.5.9 to 7.5.10 (props @dependabot, @faisal-alvi via #287).
2.7.10 – 2024-05-24
- Fixed: Fix Default Avatar Fallback (props @amirhossein7, @faisal-alvi, @dkotter, @qasumitbagthariya via #281).
- Security: Bump
express
from 4.18.2 to 4.19.2 (props @dependabot, @faisal-alvi via #269). - Security: Bump
follow-redirects
from 1.15.5 to 1.15.6 (props @dependabot, @faisal-alvi via #269). - Security: Bump
ip
from 1.1.8 to 1.1.9 (props @dependabot, @faisal-alvi via #269). - Security: Bump
webpack-dev-middleware
from 5.3.3 to 5.3.4 (props @dependabot, @faisal-alvi via #269).
2.7.9 – 2024-05-14
- Fixed: Ensure default Gravatar avatars are shown correctly (props @faisal-alvi, @dkotter, @horrormoviesgr, @inpeaks, @lillylark, @rafaucau, @janrenn via #278).
2.7.8 – 2024-05-08
Note that this release bumps the minimum required version of WordPress from 5.7 to 6.3.
- Added: “Testing” section in the
CONTRIBUTING.md
file (props @kmgalanakis, @jeffpaul via #274). - Changed: Bumped WordPress “tested up to” version 6.5 (props @sudip-md, @dkotter, @jeffpaul via #270).
- Changed: Move
simple_local_avatar_deleted
action toavatar_delete
(props @lllopo, @faisal-alvi, @dkotter via #255). - Changed: Clean up NPM dependencies and update node to
v20
(props @Sidsector9, @dkotter via #257). - Changed: Update
CODEOWNERS
of the plugin (props @jeffpaul, @dkotter via #253). - Changed: Disabled auto sync pull requests with target branch (props @iamdharmesh, @jeffpaul via #263).
- Changed: Upgrade
download-artifact
from v3 to v4 (props @iamdharmesh, @jeffpaul via #265). - Changed: Replaced
lee-dohm/no-response
withactions/stale
to help with closingno-response/stale
issues (props @jeffpaul, @dkotter via #266). - Fixed: Broken default avatar when
Local Avatars Only
is unchecked (props @faisal-alvi, @ankitguptaindia, @qasumitbagthariya via #260). - Fixed: Ensure high-quality avatar preview on profile edit screen (props @ocean90, @dkotter via #273).
- Fixed: Possible PHP warning (props @BhargavBhandari90, @dkotter via #261).
- Fixed: Fixed typos (props @szepeviktor, @dkotter via #268).
2.7.7 – 2023-12-13
- Fixed: Revert the Host/Domain support for local avatar URL (props @faisal-alvi, @jakejackson1, @leogermani, @dkotter via #247).
- Security: Bump
axios
from 0.25.0 to 1.6.2 and@wordpress/scripts
from 23.7.2 to 26.18.0 (props @dependabot, @faisal-alvi via #250).
2.7.6 – 2023-11-30
- Added: Check for minimum required PHP version before loading the plugin (props @kmgalanakis, @faisal-alvi via #226).
- Added:
pre_simple_local_avatar_url
filter to allow an avatar image to be short-circuited before Simple Local Avatars processes it (props @johnbillion, @peterwilsoncc via #237). - Added: Repo Automator GitHub Action (props @iamdharmesh, @faisal-alvi via #228).
- Added: E2E test for checking the front end of avatars (props @Firestorm980, @iamdharmesh via #219).
- Changed: Bumped WordPress “tested up to” version 6.4 (props @zamanq, @ankitguptaindia, @faisal-alvi, @qasumitbagthariya via #230, #244).
- Changed: Update the Dependency Review GitHub Action to leverage our org-wide config file to check for GPL-compatible licenses (props @jeffpaul, @faisal-alvi via #215).
- Changed: Documentation updates (props @jeffpaul, @faisal-alvi via #242).
- Fixed: Address conflicts with other plugins and loading the media API (props @EHLOVader, @dkotter via #218).
- Fixed: Prevent PHP fatal error when switching from a multisite to single site installation (props @ocean90, @ravinderk, @faisal-alvi via #222).
- Fixed: Local avatar urls remain old after domain/host change (props @jayedul, @ravinderk, @jeffpaul, @faisal-alvi via #216).
- Security: Bump
word-wrap
from 1.2.3 to 1.2.4 (props @dependabot, @faisal-alvi via #223). - Security: Bump
tough-cookie
from 4.1.2 to 4.1.3 (props @dependabot, @faisal-alvi via #225). - Security: Bump
@cypress/request
from 2.88.10 to 3.0.0 (props @dependabot, @faisal-alvi via #225, #234). - Security: Bump
cypress
from 11.2.0 to 13.2.0 (props @dependabot, @faisal-alvi, @iamdharmesh via #234, #236). - Security: Bump
postcss
from 8.4.21 to 8.4.31 (props @dependabot, @faisal-alvi via #238). - Security: Bump
@babel/traverse
from 7.20.12 to 7.23.2 (props @dependabot, @faisal-alvi via #240). - Security: Bump
@10up/cypress-wp-utils
version to 0.2.0 (props @iamdharmesh, @faisal-alvi via #236). - Security: Bump
@wordpress/env
version from 5.2.0 to 8.7.0 (props @iamdharmesh, @faisal-alvi via #236). - Security: Bump
cypress-mochawesome-reporter
version from 3.0.1 to 3.6.0 (props @iamdharmesh, @faisal-alvi via #236).