Categories
PHP wordpress

How to prevent someone or some role from accessing the WordPress admin panel

It might be required sometime to prevent a user or all users with a specific role from accessing the WordPress admin panel. It’s not tough. Let’s think that we want that all users with author role will not be able to access the admin panel. All you have to do is just add the following code in your functions.php and you’re done

add_action( "init", "prevent_from_admin_panel" );
function prevent_from_admin_panel() {
  if ( ! current_user_can( "manage_categories" ) ) {
    if ( is_admin() && !defined( 'DOING_AJAX' ) ) {
      $pageurl = get_author_posts_url( get_current_user_id() );
      wp_redirect( $pageurl );
    }
  }
}

The code checks if the currently logged in user has the necessary capability manage_categories. This particular capability is only available to the users with Editor or higher roles, like an Administrator. So, if the current user doesn’t have it, he must be someone with an Author role. Now we will just get the url of his posts page and redirect him over there.

this particular code is_admin() && !defined( 'DOING_AJAX' ) makes sure that for ajax calls, we will not perform this redirection.

If you want to block a particular user from accessing the admin panel, then just get his id by using get_current_user_id() function. And then redirect him to homepage if it matches with the user id that you want to prevent.

That’s it. I hope you’ve enjoyed this article.

Categories
PHP wordpress

Changing Author Homepage URL Properly in WordPress

photo-1446280525466-6be29b257fdb
* Photo by Michael Fertig

Authors in WordPress have a homepage url like http://domain.com/author/authorname where all their posts are shown. And many of us who think it doesn’t look attractive want to change that url format. The middle part of that url, which says author, is called an author_base and it is possible to change this using some rewrite rules and filters. Let’s get our hand dirty 🙂

Modifying the permalink

To change the author base in permalink, you need to use the global $wp_rewrite class, like this

[code lang=php]
add_action("init","change_author_base_in_permalink");
function change_author_base_in_permalink() {
global $wp_rewrite;
$wp_rewrite->author_base = "users";
$wp_rewrite->flush_rules();
}
[/code]

Now, as soon as you visit http://domain.com/author/authorname you will see that it’s a 404. Good, eh? At the same time, this link http://domain.com/users/authorname will display all the posts for this particular user.

If you want to revert this change and go back to the old url structure, then all you have to do is comment that action, and then flush the permalink for once.

Other fixes

There is one small problem. Though the new permalink has been effective, but get_author_posts_url() still returns an url with the old format. So we need to fix that part too. Luckily, there is a filter 🙂

[code lang=php]
add_filter("author_link","fix_author_link");
function fix_author_link($link){
if($link){
return str_replace("author","users",$link);
}
}
[/code]

That’s mainly it. I hope you find this article useful.