Trying to limit access to wp-admin and more

  • I am trying to hide the dashboard/panel from all my subscribers. My to-do list is as follows:

    1. Redirect users back to main page after login. Accomplished this by editing wp-login.php. Would really like a non-invasive way to do this.

    2. Block users from the dashboard/panel completely. As of now I have edited admin.php and added:


    // Try to not allow lower users into admin area
    if($user_level < 1)
    {
    echo "I don't belong here";
    exit();
    }

    This seems to get the job done but I really am not understanding how user_levels and roles work right now. The site will only have me as admin and a few authors that need to access the admin panel.

    3. I need to rewrite wp-amdin/profile.php so that it doesn’t redirect back to the admin panel. Haven’t started this but I don’t think it’d be too difficult. I don’t plan on hacking up the file. Just creating a new one and changing the redirects.

    I guess I just am looking for a bit of advice before I dive head first into this. Any tips and/or pointing will be greatly appreaciated!

    Thanks,
    Matt

Viewing 2 replies - 1 through 2 (of 2 total)

  • Matt, I recommend that you use the action and filter hooks to avoid hacking the core WordPress files, as doing so will make upgrading and maintenance a pain, and everything you want to do can be done with a plugin.

    For example, I redirect users just like you describe by setting the global variable $redirect_to in a function that has hooked into the ‘wp_authenticate’ action callback. Here’s an example of how to redirect to the home page users with the fewest privileges, who have just logged in:

    function custom_login_redirect () {
    global $redirect_to;
    if ( ! current_user_can('edit_posts') )
    $redirect_to = get_option('home');
    }
    add_action('wp_authenticate', 'custom_login_redirect');

    hi madk! I stumbled by your post when searching support forums. I wonder if you’ve completed your program outlined above? if you could share any details that would be of great help to me

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Trying to limit access to wp-admin and more’ is closed to new replies.

Tags