Prevent Profile View for Users in WP

Categories: Blog, Development, WordPress
Tags: , , , , ,

Sep 24
2011

I was recently working with a plugin that allows users to sign up for your website.  Now visitors can sign up for the website while the plugin creates a WordPress user based on the default user level (in my case ‘Subscriber’).

This handy little plugin allows me to limit areas of the site to only those who have registered.  Excellent!  However, what I didn’t want is for these subscribers to be able to edit their profile information via the WordPress admin area. The plugin does not disable this area for you so you’re left on your own.  While there’s no direct link to the profile page on the site I can’t stop someone from typing in the address in the address bar of their web browser.

So…. I needed a way to block the profile page for users who are ‘Subscribers’ but still allow the profile page (and others) to be visible for all other WordPress users.

Enter a quick little function and hook.

function dmg_restrict_profile(){
  global $submenu_file;
  if(!current_user_can('edit_posts')){
    $page = get_bloginfo('wpurl');
    $name = get_bloginfo('name');
    echo '<h1>Restricted Access</h1>';
    echo '<p>There is nothing for you to see here. You are being redirected to <a href="' . $page . '" title="' . $name . '">' . $name . '</a>.</p>';
    unset($submenu_file);
    echo '<script>window.location.replace("' . $page . '");</script>';
    exit();
  }
}

add_action('admin_head','dmg_restrict_profile');

I dropped this little puppy into my functions.php file for my theme and all was well again. WordPress users above ‘Subscribers’ are still able to see everything in the admin area while those ‘Subscribers’ are blocked out from all areas of the admin section.  Life is good.

 

Comments

Leave a comment

 

Leave a comment

Read comments

 



Please do not submit your comment more than once. It will appear once it has been approved.