Reputation: 550
Disable profile editing for one single account
I have made a public account in wordpress which I will send to 100 users.
So the login would be:
Username: public
Password: 123example
The only thing I want is to hide the profile page for this specific user account so they can't change password, emailadress, etc.
How to achieve this? Maybe change some php?
Upvotes: 2
Views: 1668
Answers (3)
Reputation: 31173
this script cover all the aspects of the question, read the code comments for further explanation.
<?php
/**
* this make sure the public user where redirected
* to home instead of profile page
*/
function redirect_user_to($redirect_to, $request, $user)
{
global $user;
if ($user->user_login == 'public') {
return home_url();
}
else {
return home_url("/wp-admin/");
}
}
add_filter('login_redirect', 'redirect_user_to', 10, 3);
/**
* this remove the profile links from
* the top nav menu
*/
function remove_edit_profile()
{
global $wp_admin_bar, $current_user;
get_currentuserinfo();
if ($current_user->user_login == 'public') {
$wp_admin_bar->remove_menu('edit-profile');
$wp_admin_bar->remove_menu('my-account-with-avatar');
$wp_admin_bar->remove_menu('my-account');
}
}
add_action('wp_before_admin_bar_render', 'remove_edit_profile', 0);
/**
* this remove the "Site Admin" link from
* the WP meta widget, usually placed in
* the side bar.
*/
function my_unregister_widgets()
{
unregister_widget('WP_Widget_Meta');
register_widget('MY_Widget_Meta');
}
add_action('widgets_init', 'my_unregister_widgets');
class MY_Widget_Meta extends WP_Widget
{
function MY_Widget_Meta()
{
$widget_ops = array(
'classname' => 'widget_meta',
'description' => __("Log in/out, admin, feed and WordPress links"),
);
$this->WP_Widget('meta', __('Meta'), $widget_ops);
}
function widget($args, $instance)
{
extract($args);
$title = apply_filters('widget_title', empty($instance['title']) ? __('Meta') : $instance['title']);
echo $before_widget;
if ($title) {
echo $before_title.$title.$after_title;
}
?>
<ul>
<?php
global $current_user;
get_currentuserinfo();
if ($current_user->user_login == 'public') {
}
else {
wp_register();
}
?>
<li>
<?php wp_loginout();?>
</li>
<li>
<a href="<?php bloginfo('rss2_url');?>" title="<?php echo esc_attr(__('Syndicate this site using RSS 2.0'));?>">
<?php _e('Entries <abbr title="Really Simple Syndication">RSS</abbr>');?></a>
</li>
<li>
<a href="<?php bloginfo('comments_rss2_url');?>" title="<?php echo esc_attr(__('The latest comments to all posts in RSS'));?>">
<?php _e('Comments <abbr title="Really Simple Syndication">RSS</abbr>');?></a>
</li>
<li>
<a href="http://wordpress.org/" title="<?php echo esc_attr(__('Powered by WordPress, state-of-the-art semantic personal publishing platform.'));?>">WordPress.org</a>
</li>
<?php wp_meta();?>
</ul>
<?php
echo $after_widget;
}
}
/**
* this prevent from non authorized user ( public )
* to pointing to the profile page by writing into
* the address bar.
*/
function force_profile_redirect()
{
global $pagenow, $current_user;
if (strtolower($current_user->user_login) == 'public') {
wp_redirect(home_url());
}
}
add_action('admin_init', 'force_profile_redirect');
?>
Upvotes: 1
Reputation: 1326
The last portion in @aSeptik's answer could be a little more WP friendly.
function force_profile_redirect() {
global $pagenow, $current_user;
get_currentuserinfo();
if ($pagenow == 'profile.php' && $current_user->user_login == 'public') {
wp_redirect(home_url());
}
}
add_action('admin_init', 'force_profile_redirect');
Upvotes: 2
Reputation: 15802
You'd need to modify your profile page code, to make it not show the editable areas, and not run the "update profile" action, if the user ID is [xyz].
For the page which actually does the updating of the profile, you can just put at the top something like
// Change this line to match however you identify your logged-in user
// And change the id number to the ID of the public user
global $current_user;
get_currentuserinfo();
if ($current_user->ID == 1)
{
// Stop them seeing this page
header('Location: index.php');
// And for good measure
die();
}
For the page on which they can change the profile fields before they submit the form, you can do something like this
// Change this line to match however you identify your logged-in user
// And change the id number to the ID of the public user
global $current_user;
get_currentuserinfo();
if ($current_user->ID == 1)
{
// Say no
echo '<p>You cannot edit your profile on this account.</p>';
// And for good measure
die();
}
Without seeing your code, it's hard to be more specific, but this should work at a push, even if it's not exactly how you want it to work.
Upvotes: 1
Related Questions
- How to stop a user from getting to wordpress' user profile
- Wordpress Disable User Account?
- don't allow user to access profile.php but allow him to access profile.php?username=
- Disable user profile edit?
- WordPress - Hide personal settings from profile page
- Make additional wordpress profile fields uneditable
- How to restrict User can only edit their profile in django?
- How to prevent user form entering other users profile
- how can we disable profile.php for subscriber in wordpress
- How to prevent a users editing other profiles other than own in MVC.NET Web Application?