February 02, 2022
Membership type websites need to be customized to prevent Subscribers from accessing certain areas of WordPress core. After setting up a front-end Profile page or Dashboard, it is necessary to redirect to these areas for the appropriate user types.
Below are functions to redirect upon login and logout, restrict backend access, and hide the toolbar.
The redirect URLs can be updated, and roles added / removed as needed.
// redirect upon login - admins to dashboard, all other users to specified front end landing page
if( !function_exists('custom_user_redirect') ) {
function custom_user_redirect( $redirect, $user ) {
$role = $user->roles[0];
$dashboard = admin_url();
if( $role == 'administrator' ) {
// Redirect administrators to the dashboard
$redirect = $dashboard;
} else {
// redirect any other user to home / specified landing page
$redirect = home_url();
}
return $redirect;
}
}
add_filter( 'login_redirect', 'custom_user_redirect', 10, 2 );
// redirect to login / home page on logout for all users
add_filter( 'logout_redirect', function() {
return esc_url( home_url() );
} );
// remove admin bar from front end for all users except Admins
add_action('after_setup_theme', 'remove_admin_bar');
function remove_admin_bar() {
if (!current_user_can('administrator') && !is_admin()) {
show_admin_bar(false);
}
}
// remove backend access for subscribers and users with read-only access
function remove_read_user_access(){
$role = get_role( 'subscriber' );
$role->remove_cap( 'read' );
}
add_action( 'admin_init', 'remove_read_user_access' );