Ask your WordPress questions! Pay money and get answers fast! Comodo Trusted Site Seal
Official PayPal Seal

restrict other authors from viewing my author.php page except... WordPress

  • SOLVED

I want to be able to hide the content of author pages to all users with a defined user-role capability(xyz) except to the author who's page it is and users with another defined user-role capability(abc).

e.g.

author 4 can see the content on xyz.net/?author=4
author 23 can see the content on xyz.net/?author=23
author 15 can see the content on xyz.net/?author=15

author 4 can't see the content on xyz.net/?author=23 or ?author=15
author 23 can'tthe content on xyz.net/?author=4 or ?author=15
and so on
author 4,23,15 all have the user-role capaibility of "xyz"
author 77 can see the other author pages (?author=4,15,23) as he doesn't have the user-role capaibility of "xyz" AND has a user-role capaibility of "abc"

I want it to be a conditional like this...

<?php if (is_user_logged_in() && current_user_can('xyz') && !current_user('IS_THE_AUTHOR')) { ?>
Show this
<?php } elseif ((is_user_logged_in() && current_user_can('abc') && current_user('IS_THE_AUTHOR')) || current_user_can('abc')) { ?>
Show that
<?php } ?>


I think it might be is similar to [[LINK href="http://wpsnipp.com/index.php/functions-php/restricting-authors-to-view-only-posts-they-created/"]]this function[[/LINK]] but on the front end rather than the backend?

Answers (3)

2016-04-20

dimadin answers:

Don't rely on $_GET, use native WordPress functions, like:


if ( is_author( get_current_user_id() ) || current_user_can( 'abc' ) ) {
echo 'Show this';
}


pjeaje comments:

Can you show me how this would fit in?


dimadin comments:

This works for single post pages too:


if ( ( is_author( get_current_user_id() ) || ( get_current_user_id() == get_the_author_meta( 'ID' ) ) ) || current_user_can( 'abc' ) ) {
echo 'Show this';
}


pjeaje comments:

I may not have explained this properly...

There are teachers and schools
teachers have their own role capability
schools have their own capability
All schools can see content on all teacher author pages
All schools can see content on all school author pages
All teachers can see content on all school author pages
Teachers acan only see content on their author pages NOT other teacher pages
admin can see everything


dimadin comments:

So you need to check for role first and then the author is user:


if ( ( current_user_can( 'xyz' ) && ! is_author( get_current_user_id() ) ) && ! current_user_can( 'abc' ) ) {
// show this
} else {
// show that
}


The only thing is this native author archive page or you need to get value of current page's author differently.


pjeaje comments:

that's not working as it stops teachers (xyz) from seeing schools (abc)


dimadin comments:

This is code for teachers (author) pages, not for all pages. You say that schools can be seen by both so there should be no restrictions.

If by only registered users


if ( is_user_logged_in() ) {
// shot this
}


If only by teachers and schools


if ( current_user_can( 'abc' ) || current_user_can( 'xyz' ) ) {
// shot this
}


If problem is that same pages are used for both schools and teachers in which case your last reply is true), you need to see what current page is, you probably store some value for it, then I can alter condition, something like


if ( md_is_page( 'teacher' ) && ( current_user_can( 'xyz' ) && ! is_author( get_current_user_id() ) ) && ! current_user_can( 'abc' ) ) {

// show this

} else {

// show that

}


pjeaje comments:

I'm not sure what md_is_page( 'teacher' ) means?


pjeaje comments:

Found the answer...

Because the author.php has different roles (teacher and school) we need to find a way to find what role the author meta is coming from ([[LINK href="http://wordpress.stackexchange.com/questions/163974/conditional-tag-based-on-the-role-of-author-in-author-php"]]http://wordpress.stackexchange.com/questions/163974/conditional-tag-based-on-the-role-of-author-in-author-php[[/LINK]]), so...

<?php $user_role = get_queried_object()->roles; ?>
<?php if( in_array( strtolower('Teacher'), $user_role ) ) { ?><!-- author meat just for teacher roles -->

<?php if ( ( current_user_can( 'teacher-cap' ) && ! is_author( get_current_user_id() ) ) && ! current_user_can( 'school-cap' ) ) { ?> <!-- start teacher ban -->
Teacher is banned because you can't see other teachers!
<?php } else { ?>
Show teacher meta to all except to banned teachers
<?php } ?> <!-- end of ban teachers -->

<?php } elseif( in_array( strtolower('School'), $user_role ) ) { ?><!-- author meta just for school roles -->
<!-- school meta -->
<?php } ?>

2016-04-20

Hariprasad Vijayan answers:

Hi,

try this,

if((!empty($_GET['author']) && $_GET['author'] == get_current_user_id()) || current_user_can('xyz'))
{
// Add code to display
}
else
{
// Error message
}


or this,


if(!empty($_GET['author']) && $_GET['author'] == get_current_user_id())
{
// show content for current users eg: if user id = 4
}
elseif(current_user_can('xyz'))
{
// show content based on capabilities
}


pjeaje comments:

Can you please comment the code so i know what each part does, thanks


pjeaje comments:

https://www.phparch.com/2010/07/never-use-_get-again/

2016-04-20

Andrea P answers:

hello!
if I understood correctly what you need, this would be the conditional structure.

(I understood that you need this conditional to work in author.php, rather than in a post single page. I hope this is correct)


//get currently viewed author
global $wp_query;
$curauth = $wp_query->get_queried_object();
$authorid = $curauth->ID;

/** show the content only if
* this is the current viewer author page
* OR
* current viewer is a school
* OR
* current viewer is a teacher AND this is a school page
*/

if ( current_user_can('school_capability') || $authorid == get_current_user_id() || ( current_user_can('teacher_capability') && user_can($authorid, 'school_capability') ) ){

// if viewer is allowed, display something

}
else {

// if viewer is not allowed

}


pjeaje comments:

see my answer above