Changing Admin Menu based on Event

  • Resolved soxer1

    (@soxer1)


    7 years, 3 months ago

    Hello everyone i hope i post this in the right place,

    First a short overview of what im trying to do:
    Im creating a WordPress Homepage for a few friends. Not all of them are very good with computers so I would like to alter the Admin Menu (in Dashboard), to add an “Expertmode”.
    Per defaul I would not show most of the Admin Menu. And after clicking the “Expertmode” it should show the full Admin Menu.

    What I did so far (gonna use one example to simplify the problem):
    I did everything in the functions.php of my child theme (just for easy testing)

    global $expertmode;
$expertmode = false;

if (!$Expertenmodus):	
function remove_menu_pages_for_non_experts(){
		if ( current_user_can( 'manage_options' ) ) {
			remove_menu_page( 'edit.php?post_type=page' );    //Pages
			remove_menu_page( 'themes.php' );                 //Appearance
		}
	}
endif;
//Call the Function
add_action( 'admin_menu', 'remove_menu_pages_for_non_experts' );

    That removes all of the mentioned AdminMenus.

    Adding a new AdminMenu for the expertmode and a checkbox to activate the expertmode:

    // Function for the output on the expertmode page
function expertmode_output (){
	echo '<body>
    <h1>Expertenmodus</h1>
	<p>Click the Checkbox for ExpertMode</p><br />
	<input type="checkbox" value="expertmode" name="ch[]" id="expertmode"/><label for="expertmode">expertmode</a>
</body>';
}

if ($_POST['expertmode'] == 'expertmode'):
	$expertmode = true;
	endif;

    The problem i encounter:

    – Since the variable ($expertmode) is changed after the function, it has no effect at all

    Is there a way to do this, so that expertmode stays activated until you log out?
    And how could i make it work that the checkbox actually changes the Admin menu?

    My coding experience is limited, and I only started with WordPress a few days ago.
    Thanks in advance for any help.

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator bcworkz

    (@bcworkz)

    Altering the menu display might be effective for the users you have in mind, but it offers no real security. Users who know the correct URL could still access the dangerous admin screens even if the menu picks are hidden. You may as well do this the proper, secure way if you’re going to do this at all.

    Utilize roles and capabilities to manage who can do what. Non-expert users should not have administrator roles. Assign them to roles that fit their abilities. There are a number of plugins available that allow for easy management of roles and capabilities. A summary of what capabilities each default role has is on the Roles and Capabilities Codex page.

    With one of these plugins, you can rearrange capabilities so the so called administrator role is actually limited and a new “root” (or whatever) role has all the true administrator capabilities. Then no one’s feelings are hurt, they can remain as administrators. They just can’t do certain things ??

    Thread Starter soxer1

    (@soxer1)

    thanks for your reply.
    The thing with doing it with a new role and such plugins is.
    Since they should be able to do all the things, once they are used to it, I would need to give them the root login aswell. And they would most likely just log in with that. And the added security is gone anyway.

    That there is no true security with removing the menus is true, but I would have said. If someone know the URL)Slug to get to these menus he already knows what he does anyway. Noones just randomly entering URLs because he feels that there could be something.

    Is there another way to do it? Or is my thinking just out of place and complicates it to much for no reason?

    Moderator bcworkz

    (@bcworkz)

    Your original concept is workable, if not very secure. You need to reload the page through JS when the checkbox status changes, passing the new value in the URL. Or if you prefer, save the value in user meta. The initial routine to remove the items should check the URL or user meta to determine checkbox state and to determine if removal should occur.

    Thread Starter soxer1

    (@soxer1)

    OKay, ill do that. Thanks alot.

    Have a nice day

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Changing Admin Menu based on Event’ is closed to new replies.

Tags