How to Restrict User Access to Specific Templates in WordPress

Home » Snippets » How to Restrict User Access to Specific Templates in WordPress
0

Created with:

Visibility: 

public

Creator: WPTurbo Team

Customize with WPTurbo AI
X

Add Snippet To Project

New Project
Add To Existing Project

Are you trying to maintain a level of control over your WordPress site by limiting the access of certain users to specific templates? While WordPress is ideal for its wide accessibility and customizability, there may be instances where you would want to restrict certain users from accessing certain features. This is where the skill of restricting user access to specific templates comes in handy. In this tutorial, we will guide you on how to enforce these restrictions, ensuring a more secure and managed WordPress site.

					function wpturbo_restrict_user_access() {
    $restricted_templates = array('template-restricted.php'); // your template file names
    $current_user = wp_get_current_user();

    if(!current_user_can('administrator') && is_page_template($restricted_templates)) {
        wp_redirect(home_url()); 
        exit;
    }
}
add_action('template_redirect', 'wpturbo_restrict_user_access');
				

This code snippet primarily functions to restrict user access to specific page templates on a WordPress website unless the user is an administrator. It is composed of a function that is named wpturbo_restrict_user_access(), and an action that activates the function.

Let’s delve into the details step by step.

To start with, inside the function wpturbo_restrict_user_access(), we define an array $restricted_templates and we provide the names of the templates files to which we want user access to be restricted. In our case, the restricted template is 'template-restricted.php'.

$restricted_templates = array('template-restricted.php'); // your template file names

This line indicates that you have created a template by the name of template-restricted.php which you do not want non-admin users to access.

The following line enables us to access the current user’s data by calling the WordPress function wp_get_current_user().

$current_user = wp_get_current_user();

This line is crucial because it allows us to ascertain the role of the current user, which is used in the upcoming conditional statement.

The if condition uses the current_user_can('administrator') function to check if the current user has administrator privileges and the is_page_template($restricted_templates) function to check if the current page uses a restricted template.

if(!current_user_can('administrator') && is_page_template($restricted_templates)) {

The exclamation mark denotes a logical NOT operator, so the condition translates as: if the current user is not an administrator, and the page viewed uses a restricted template then run the code within the braces {}.

The inside of the if loop contains the redirection function wp_redirect(home_url()). It redirects the non-administrator user trying to access the restricted page to the home page of the website. And exit is called after the redirect to ensure no other code is executed.

wp_redirect(home_url()); 
exit;

Lastly, the function is wired to the template_redirect hook using the add_action function.

add_action('template_redirect', 'wpturbo_restrict_user_access');

This ensures that our restricting function runs during the template redirection phase, thus effectively barring non-admin users from accessing selected page templates.

Register an account to save your snippets or go Pro to get more features.