Add Snippet To Project
Are you trying to maintain a level of control over your WordPress site by limiting the access of certain users to specific templates? While WordPress is ideal for its wide accessibility and customizability, there may be instances where you would want to restrict certain users from accessing certain features. This is where the skill of restricting user access to specific templates comes in handy. In this tutorial, we will guide you on how to enforce these restrictions, ensuring a more secure and managed WordPress site.
function wpturbo_restrict_user_access() {
$restricted_templates = array('template-restricted.php'); // your template file names
$current_user = wp_get_current_user();
if(!current_user_can('administrator') && is_page_template($restricted_templates)) {
wp_redirect(home_url());
exit;
}
}
add_action('template_redirect', 'wpturbo_restrict_user_access');
This code snippet primarily functions to restrict user access to specific page templates on a WordPress website unless the user is an administrator. It is composed of a function that is named wpturbo_restrict_user_access()
, and an action that activates the function.
Let’s delve into the details step by step.
To start with, inside the function wpturbo_restrict_user_access()
, we define an array $restricted_templates
and we provide the names of the templates files to which we want user access to be restricted. In our case, the restricted template is 'template-restricted.php'
.
$restricted_templates = array('template-restricted.php'); // your template file names
This line indicates that you have created a template by the name of template-restricted.php
which you do not want non-admin users to access.
The following line enables us to access the current user’s data by calling the WordPress function wp_get_current_user()
.
$current_user = wp_get_current_user();
This line is crucial because it allows us to ascertain the role of the current user, which is used in the upcoming conditional statement.
The if condition uses the current_user_can('administrator')
function to check if the current user has administrator privileges and the is_page_template($restricted_templates)
function to check if the current page uses a restricted template.
if(!current_user_can('administrator') && is_page_template($restricted_templates)) {
The exclamation mark denotes a logical NOT operator, so the condition translates as: if the current user is not an administrator, and the page viewed uses a restricted template then run the code within the braces {}
.
The inside of the if loop contains the redirection function wp_redirect(home_url())
. It redirects the non-administrator user trying to access the restricted page to the home page of the website. And exit is called after the redirect to ensure no other code is executed.
wp_redirect(home_url());
exit;
Lastly, the function is wired to the template_redirect
hook using the add_action
function.
add_action('template_redirect', 'wpturbo_restrict_user_access');
This ensures that our restricting function runs during the template redirection phase, thus effectively barring non-admin users from accessing selected page templates.