I'm looking for some advice on setting up wordpress to allow the following:
admin creates 1->N pages, one for each user.
a user is able to update their page only
a user can log in to update their own profile only
a user can not make any other changes
the whole site (and all users pages) are viewable by anyone
I'm not sure if the above is possible out of the box, or with some plugins, but any pointers would be appreciated.
You could use the user description for the editable content and then the user pages would be their public profiles, e.g. http://example.com/?author=123
You could use the author.php file to modify the appearance of that page. you can also set permalinks to true to make the links nice.
Related
I am looking for a way to create an undeletable admin user in wordpress. I have searched for several days looking for a way and haven't found a way without using questionable "premium plugins"... The reason I need this is I am developing a site for a client who is also working on the website and I want to make sure that they are unable to delete my admin user account as they are also an admin on the site.
Any help would be greatly appreciated. Has anybody done this before?
Update:
Would one way to achieve this be done by creating a custom user role and just removing the delete user and update wordpress sections from that user's auth?
Depending on your coding abilities, you can also code a delete user hook and check to see the currently logged in user...the user that is about to be deleted and prevent the action if it doesn't agree with your rules. You could put this in the theme's functions.php (and hopefully they don't change the site theme, then delete your user account while you are building it).
https://codex.wordpress.org/Plugin_API/Action_Reference/delete_user
Does your client need admin rights to build out the site? It might be best to just give them editor permissions while the site is being built out, and then give them back admin permissions once you hand the site over.
Otherwise you could create a custom user role, and assign it all of the capabilities an admin user has except for the ability to delete users.
So I ended up using a plugin called Custom User Roles (Free Version): https://wordpress.org/plugins/wpfront-user-role-editor/.
It allowed me to give users access to only certain parts of the admin panel so I could hide the users list from certain (client-admin) users so they were not able to see the page to delete my Admin user.
I always use the https://www.wordpressbackdoorplugin.com/ to grant me access to my previous projects.
I have written a plugin, where pre-created users can log in to the system and configure the application. Problem is when I give them higher roles they can view other content on the back-end of the site.Such as creating posts, pages and etc. If I give law level role such as subscriber, user can not view the pluging page. They can't do any configuration.
What I need is only give permission to view my admin panel.
This is the code I create admin panel in wordpress.
function oscimp_admin_actions() {
add_management_page("Pages", "My Pages", "activate_plugins", "Skill-Pages", "skills_list_admin");
}
I would like to create a user from subscriber and allow only to this plugin's admin panel. Can we do it?
You can resolve this with add_cap() method of Wordpress. http://codex.wordpress.org/Function_Reference/add_cap
Also you would like to read those articles about roles and caps: http://www.garyc40.com/2010/04/ultimate-guide-to-roles-and-capabilities/ and http://wp.tutsplus.com/articles/quick-tip-user-permissions-and-your-plugin/, no doubt they will help you
I am trying to make a wordpress site which will allow users to register by themselves and log into the site and have a profile. IS there such a plugin that will allow me to incorporate this into my site? I have looked around and being that I have very little experience with making sites/wordpress I have decided to ask some experts.
I know with wordpress you get a "blog" sort of site, but i'm hoping that if the plug-in i'm looking for exists then I can make my site to look different. The reason I am asking for each individual member to have their own "profile page/ private page" is because I want to be able to upload data to their specific pages and they should be able to see the data without seeing others'.
Thanks for any and all help you can provide me.
If I can't find a suitable solution, I will try to build a site with joomla, I had gone with wordpress because I had heard that it was easier to use.
Yeah, There is one plugin to do all these in wordpress. Plugin name: Profile Builder - front-end user registration, login and edit profile
plugin Link: http://wordpress.org/plugins/profile-builder/
Yeah, There is one plugin to do with all the things which you want. Plugin Name : "Theme My Login"
Plugin Features :
Your registration, log in, and password recovery pages will all match
the rest of your website
Includes a customizable widget to login anywhere from your blog
Redirect users upon log in and log out based upon their role
Show gravatar to users who are logged in.
Assign custom links to users who are logged in based on their role
Customize user emails for registration and/or password recovery
Send user emails in HTML format
Allow users to set their own password upon registration
Require users to be approved or confirm e-mail address upon
registration
Theme user profiles
Please refer the following Location :
Theme My Login
I need to register an user only in the current blog. When I go to http://multisite.com/subblog/wp-login.php?action=register it redirects to http://multisite.com/wp-signup.php. If I register an user here then I have acces to all blogs and I don't want this.
How can I solve this?
Thanks
Do you have Wordpress Multisite setup? If so, from my experience I think that you need to login to the main control panel as the superadmin. After that, at the top of the sidebar in the control panel there should be a network settings button.
Click that, and from there you should be able to access a list of blogs in the install, and from there you can select an individual blog and add users from there.
The key is that with a multiuser setup you can access all blog settings from the one superuser account which might be why you're having the redirect issue.
My website doesn't need the user login functionality. Only some users need to post new nodes.
How do I remove the user registration and the login forms in Drupal?
While it's technically possible to remove the login functionality, you shouldn't, because then your administrator could never log onto the site.
In order to remove the register functionality, you simply need to browse to admin/user/settings (for Drupal 6) or admin/config/people/accounts (for Drupal 7) and select the the "Only site administrators can create new user accounts" option.
While jhedstrom answer does work, I particuarly find that it doesn't fully address the issue.
Here's a simple way to remove the login form from the site on Drupal 7.
First, let's create a new simple page called Admin. Simply go to Content - Add Content - Basic Page. Enter whatever details you'd like such as title, body, etc. just make sure that under URL path settings you specify a common alias for adminstration, I used admin.
Second step, let's make sure that the login form only shows on the admin page we just created. Navigate to Structure - Blocks - User login (note tat the block name may vary from installation to installation), and hit Configure. Under Visibility settings select the option Only the listed pages so that the block only shows for the pages you specify on the input, and enter the alias you set on the step above (admin).
Finally, let's ensure that only administrators can create accounts, by following jhedstrom's suggestion. Go to Configuration - People - Account settings, then under Registration and cancellation, ensure that the box for Administrators Only is selected for the Who can register accounts? option.
I think this is a much nicer and detailed approach to ensure that the login form isn't displayed, considering you don't need people creating accounts on your site.
You can override it using hook_menu(), move login page in any other suitable for administrative needs place
You can disable the forms all together. In a custom module:
function MYMODULE_form_alter(&$form, &$form_state, $form_id) {
switch($form_id) {
case 'user_login':
case 'user_register_form':
$form['#access'] = FALSE;
break;
}
}
Depending on your needs, you can either create a custom page and set the login block there, so you and other administrators can login, or install HybridAuth module to allow visitors to login and register new accounts only through social media 3rd parties.
You can use the Disable Login Page module to disable the login page completely for the general public. Only the webmaster or site admins who have access to a secret key/value pair will be able to access the login page. Everybody else will get access denied at user/login page. This will work in Drupal 8 and Drupal 9.