This website uses cookies to allow us to see how the site is used. If you continue to use this site, we assume that you are okay with this. If you want to use the sites without cookies, please see our privacy policy.

Restricting Access to the WordPress Dashboard By User Role

I see this a lot with people using the WP User Manager plugin to turn their WordPress site into a community or membership site. Users register for the site from the front end form, they are given a certain role (eg. subscriber), they then can manage their own profile from the front end of the site, but then also have access to the WordPress dashboard (via /wp-admin).

This isn’t the best experience for users who shouldn’t be seeing any form of wp-admin (even if they can’t do much in it). Here’s how you can lock down the dashboard to only administrators:

/**
 * Only allow access to the wp-admin dashboard for users with the manage_options capability (administrators).
 * Customize the capability as needed https://wordpress.org/support/article/roles-and-capabilities/
 */
function wpum_restrict_wp_admin_access() {
	if ( defined( 'DOING_AJAX' ) && DOING_AJAX ) {
		// Don't hijack AJAX requests
		return;
	}

	if ( ! is_admin() ) {
		// We aren't in the admin
		return;
	}

	if ( current_user_can( 'manage_options' ) ) {
		// User has the correct role
		return;
	}

	// Redirect to the homepage. Customize as needed
	wp_safe_redirect( home_url() );
	exit;
}

add_action( 'init', 'wpum_restrict_wp_admin_access' );

The admin bar will still appear for users on the front end of the site, which WP User Manager has a setting to disable it, but you can do this manually with the following:

/**
 * Only show the wp-admin bar for users with the manage_options capability (administrators).
 * Customize the capability as needed https://wordpress.org/support/article/roles-and-capabilities/
 *
 * @param bool $show_admin_bar
 *
 * @return bool
 */
function wpum_hide_admin_bar( $show_admin_bar ) {
	if ( ! current_user_can( 'manage_options' ) ) {
		return false;
	}

	return $show_admin_bar;
}

add_filter( 'show_admin_bar', 'wpum_hide_admin_bar' );

Change the “Enter Title Here” for Custom Post Types

Custom post types in WordPress are a powerful feature. If you are creating one chances are you want to customise every aspect of the CPT’s look in the WordPress admin area from labels to messages.

If you ever need to change the “Enter Title Here” for Custom Post Types this little filter snippet allows just that when a user is adding a new post.

function cpt_enter_title_here( $title ){
    $screen = get_current_screen();
    if ( 'custom_post_type' == $screen->post_type ) {
        $title = 'Custom Post Type Title Text';
    }
    return $title;
}

add_filter( 'enter_title_here', 'cpt_enter_title_here' );

Source – http://flashingcursor.com/wordpress/change-the-enter-title-here-text-in-wordpress-963

Handy WordPress Debugging and Logging in Development

This handy WordPress debugging and logging snippet during development will help no end when developing themes or plugins, it is always a good idea to have these switched on in the WordPress wp-config.php file.

Replace in wp-config.php

define('WP_DEBUG', false);

with

define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);
define('WP_DEBUG_DISPLAY', false);

Then for helpful logging of values and arrays to the debug.log file add this snippet to the wp-config.php below the previous code:

if(!function_exists('_log')){
  function _log( $message ) {
    if( WP_DEBUG === true ){
      if( is_array( $message ) || is_object( $message ) ){
        error_log( print_r( $message, true ) );
      } else {
        error_log( $message );
      }
    }
  }
}

Then whenever you need to log anything use

_log( $somevalue );

Source – http://fuelyourcoding.com/simple-debugging-with-wordpress/