Restricting Access to WP Dashboard

  • Resolved farnely

    (@farnely)


    2 years, 2 months ago

    I have the following custom function to prevent non admin users from accessing wp-admin:-

    <code>if ( ! current_user_can( 'administrator' ) && ! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) { wp_safe_redirect( site_url( '/' ) );
exit;}</code>

    BUT I also need guest users to be able to submit a frontend form which is processed using admin-post.php.

    How do I adjust my code to allow admin-post.php requests for guests for form submission AND keep them from accessing the dashboard? Is it even possible or should guest forms be processed another way?

    Many thanks

Viewing 2 replies - 1 through 2 (of 2 total)
  • Moderator bcworkz

    (@bcworkz)

    You could check the requested URL in $_SERVER and not redirect if it’s for admin-post.php.

    Or you could process the form using Ajax so DOING_AJAX is defined. Or utilize a custom template for the page on which the form resides so it can conditionally process form data itself.

    Thread Starter farnely

    (@farnely)

    Thank you for this; it’s been a great help.

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Restricting Access to WP Dashboard’ is closed to new replies.