Not letting subscribers use the admin backoffice

scasquiov
(@scasquiov)

18 years ago

I’m using the PageRestrict Plugin (http://wp-plugins.net/plugin/page_restrict.php/) to make some pages available only to registered users (registered as subscribers that is).
When getting to a restricted page the user will be advised to login, and when he does so he is redirected to the restricted page he came from.
The thing is, the user doesn’t have a direct link to the administration, but he can still have access to it if he adds “/wp-admin” in the addressbar…

Is there any way to restrict access to the administration for subscribers? A plugin would be excelent, but a plain hack will also do 🙂
I don’t want subscribers to be able to change their profile details as I will be the one managing those accounts.

thanks in advance!

Viewing 7 replies - 1 through 7 (of 7 total)

Tom Lany
(@tomthewebmaster)

18 years ago

I would be interested in this feature, as well. Is a plugin possible, or would wp-login.php and the wp-admin files have to be modified instead?

katesgasis
(@katesgasis)

18 years ago

Create a plugin. The example below will show the Author & Users page under Profiles Menu only if you are the admin. Check in the admin/menu.php for the menu array you wish to restrict. Please do not hack the core files. Do everything in a plugin.

function restricted_pages(){
global $submenu;
if(!current_user_can(‘level_10’)){
unset($submenu[‘profile.php’][10]);
}

}

add_action(‘admin_head’,’restricted_pages’);

Thread Starter scasquiov
(@scasquiov)

18 years ago

Ok, I think I’ll give it a shot then. I haven’t got any experience in writing plugins, but your snippet seems like a pretty good starting point, thanks!

Thread Starter scasquiov
(@scasquiov)

18 years ago

For testing purposes I tried changing the PageRestrictPlugin I’m already using. The ideia is to make it also block the administration.

I’ve added the following:

//——————————————————-
function pagerestrict_admin_hook() {

//…

add_action(‘admin_head’,’page_restrict_adminhead’);
}

function page_restrict_adminhead() {
global $submenu, $menu;

if(!current_user_can(‘level_10’)){
unset($menu[0]); // hide dashboard
unset($menu[35]); // hide Users or Profile
unset($submenu[‘profile.php’]);
}
}
//——————————————————-

The menu is gone, which is great. However, the profile page and the dashboard remain acessible if I add “/wp-admin/profile.php” and “/wp-admin/index.php” in the addressbar. Is there a way to actually block these?

When using a “subscriber” account if I try to access “/wp-admin/edit.php” the following message is shown: “You do not have sufficient permissions to access this page”
This would be just the thing I’m looking for… Any thoughts on how to achieve this for profile and dashboard?

Cheers!

syncbox
(@syncbox)

17 years, 9 months ago

I’m interested in hiding the dashboard for subscribers. I want to use the dashboard for admin level users only, providing links to stuff I wouldn’t want subscribers to see.

lnicoletti
(@lnicoletti)

17 years, 5 months ago

With my code the profile page become inaccessible. If I try to access “/wp-admin/profile.php” the following message is shown: “You do not have sufficient permissions to access this page”.

function page_restrict_adminhead() { global $submenu, $menu; if(!current_user_can('level_10')){ unset($menu[35]); // hide Users or Profile unset($submenu['profile.php']); if (preg_match('|/wp-admin/profile.php|', $_SERVER['REQUEST_URI'])) { die(__("You do not have sufficient permissions to access this page.")); } } }

Clicknathan
(@clicknathan)

17 years, 5 months ago

I’m also looking for what syncbox is asking…

Viewing 7 replies - 1 through 7 (of 7 total)

The topic ‘Not letting subscribers use the admin backoffice’ is closed to new replies.

Not letting subscribers use the admin backoffice

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics