WordPress.org

Support

Support » How-To and Troubleshooting » restrict access level to specific post or page

restrict access level to specific post or page

  • What is the way to go about this:

    We want to have a page on the site that holds confidential information.

    a) we could password-protect it. We find this security level a bit ‘thin’.

    b) what is the other way to do this? Ask users to register and limit a post to a certain user-type? Like the post (or page) would only be for Editors, or Subscribers?
    We basically want it to be visible only after one has logged in.

    Thank for any advice,
    Rob

Viewing 6 replies - 1 through 6 (of 6 total)
  • Similar question. Using WordPress for a church website and want to restrict some pages for different groups/committees. Like committee 1 can access the committee 1 page but committee 2 cannot access the committee 1 page and vis-a-vis.

    Brad

    Similar question.
    Of course WordPress is a blogging tool, not a fullgrown CMS, but the need to restrict certain content to certain visitors seems to be a very common thing. And I do agree that the password protection, as it is currently implemented, doesn´t do it´s job very well (see: http://wordpress.org/support/topic/180743 ), while “roles” and “security levels” weren´t really designed for assigning specific read-permissions.

    Armin

    This is how I do it and I don’t know if this is the best way or anything but at least it works for me:

    To limit the access to one particular page (or some pages) so that only logged in users can reach it, I make a new page template for that purpose and then I put this bit of code in the beginning of the template (right after the <?php /* Template Name: anything_you_want_to_call_it */ ?> ):

    <?php if ( !is_user_logged_in() ) {
    nocache_headers();
    header(“HTTP/1.1 302 Moved Temporarily”);
    header(‘Location: ‘ . get_settings(‘siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER[‘REQUEST_URI’]));
    header(“Status: 302 Moved Temporarily”);
    exit();
    }
    ?>

    (I’ve copied this code almost directly from the Angsuman’s Authenticated WordPress Plugin and it redirects nicely to the login-page and then, after logging in, takes you back to whatever page you tried to reach. So I like that, but of course you can just as well decide that something else should happen to your not logged in visitors).

    Then of course this page-template has to be chosen for the page or the pages you want to restrict access to.

    In the same way I also hide some parts of the content within the templates that I don’t want people to se if they’r not logged in. It could for example be the links to the pages they don’t have access to, like this:

    <?php if ( !is_user_logged_in() ) wp_list_pages(‘exclude=4,21’ );
    else
    wp_list_pages( ); ?>

    Guess that if you want different access for different groups you could use something like the Role Manager-plugin and, for example, assign everyone in committee 1 to the new role “committee 1” and everyone in committee 2 to the role “committee 2”. Then create a new capability for each of the roles, lets say that you are naming them “access one” and “access two” .
    Then, you can make one page-template for each group/committee in the same way as I did in the example above except that you change the part of the code saying “( !is_user_logged_in() )” to “( !current_user_can( ‘access_one’ ) )” in the committee 1 page-template, and “( !current_user_can( ‘access_two’ ) )” in the committee 2 page-template.

    I just found another topic with a lot more information on the same subject:

    I just found another topic with a lot more information on the same subject:
    http://wordpress.org/support/topic/181479?replies=31

    DUDE! EMMI! Thanks a lot for this explanation! you just saved my day..

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘restrict access level to specific post or page’ is closed to new replies.
Skip to toolbar