7 months ago
Hiding the WordPress admin panel to your subscribers
In this post, I’ll just share a code snippet that will allow you to hide the WordPress admin elements to users who have signed up your site under the Subscriber roll.
The Problem
You’ve found a cool plugin that allows people to signup on your WordPress site and have access to something that the plugin provides on the frontend of your site, but now that a user is logged in there are two problems:
- They see the WordPress admin bar at the top of your website.
- They can go to http://yoursite.com/wp-admin/ — Not that they can do any harm with a low-level user account, but still maybe seems unprofessional in some cases.
An example? — I’ve personally come across this recently in building sites where I used bbPress to make a support website and Easy Digital Downloads to make a little online store. In both of these websites, I didn’t want users doing anything in the WordPress admin panel because both of these plugins provide ways to give the users everything they need on the frontend of the site when logged in.
The Solution
These two functions should help you solve that little dilemma. Below I’ve picked a capability of “edit_posts” which is just outside of the roles of a Subscriber user (see roles vs capabilities table). I picked the “edit_posts” capability as the example here because this is about as low as a user can be on the capabilities table.
And so we’re basically saying the following:
- If the user is logged in, but can’t edit posts, then hide the admin bar on the frontend of the website.
- If the user is logged in, but can’t edit posts, do not allow them to access the WordPress admin panel.
This code could go in functions.php of your theme or in a plugin you create.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | /** * Disable admin bar on the frontend of your website * for subscribers. */ function themeblvd_disable_admin_bar() { if( ! current_user_can('edit_posts') ) add_filter('show_admin_bar', '__return_false'); } add_action( 'after_setup_theme', 'themeblvd_disable_admin_bar' ); /** * Redirect back to homepage and not allow access to * WP admin for Subscribers. */ function themeblvd_redirect_admin(){ if ( ! current_user_can( 'edit_posts' ) ){ wp_redirect( site_url() ); exit; } } add_action( 'admin_init', 'themeblvd_redirect_admin' ); |
6 comments
Hi Jason, thanks for that information. I’ve just launched my website on WordPress and have just had someone register as a User/Subscriber… but I have no comments form/subscribe areas visible on my website. Should I be worried? How did they do that? Thanks if you can help. Regards, Lesley
You know, I honestly am not sure how someone could signup if you don’t have enabled anywhere? Or no kind of signup form? It sounds like something isn’t right there. You should post on the wordpress.org support forums to see if some other people have some better ideas.
Hey, thanks for this! The first time I created a members site it took forever to style the WP admin area to match the branding of the website. In addition, there are many plugins that still showed up in the sidebar menu, even though the user had no control to edit them. Almost every other time I activated a plugin I found myself manually removing a menu item.
From that point, I decided to never allow access to the admin area. As long as you use nonces and good validation I see no reason not to have users edit things right on the front end.
thank you very much Jason, it works.
and would you like to tell me how make a page for subscriber to edit their profil and change their gravatar but not in wp-admin?
regards,
Febry
awesome working this function, thank q jason
It works. Thanks! I have added this feature in my site.