Context Navigation

← Previous Changeset
Next Changeset →

Changeset 3392566

Timestamp:

11/10/2025 12:57:21 AM (5 months ago)

Author:

shawon786

Message:

Release Version- 2.0.0

Changelog

2.0.0 (2024-11-09)

Major Update - Complete rewrite with new features
Added: Settings page for easy configuration
Added: Granular role-based restriction controls
Added: Custom redirect option for restricted users
Added: Automatic hiding of Profile menu for restricted users
Added: Checkbox interface for selecting restricted roles
Improved: Code structure using OOP approach
Improved: Security with proper sanitization and validation
Improved: User experience with informative settings page
Maintained: Backward compatibility with default restrictions
Updated: Tested with WordPress 6.8.3

Location:

wp-user-profile-restriction/trunk

Files:

: 2 edited

README.txt (modified) (1 diff)
wp-upr.php (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

wp-user-profile-restriction/trunk/README.txt

-                      r3056466
+                      r3392566
 === WP User Profile Restriction ===
 Contributors: shawon786
 Tags: user profile restriction, disable editing user profile, disable updating my profile, my profile restriction, profile.php restriction, wp user profile
+=== WP User Profile Restriction ===
+Contributors: shawon786, innovs, theinnovs
+Tags: user profile restriction, disable editing user profile, disable updating my profile, my profile restriction, profile.php restriction, wp user profile, role-based restrictions
 Requires at least: 4.0.3
+Tested up to: 6.4.3
+Tested up to: 6.8.3
+Stable tag: 2.0.0
 License: GPLv2 or later
 License URI: http://www.gnu.org/licenses/gpl-2.0.html
 Restrict user profile so that an user can't update his profile if he is not an Admin, Editor, Author.
+Restrict user profile editing with granular role-based controls, custom redirects, and automatic menu hiding for enhanced WordPress security.
 == Description ==
 A little plugin to restrict user profile so that an user can't update his profile if he is not Admin, Editor, Author. Secure your WordPress website or demo sites by disabling User Profile Updation for random and regular users. Now normal users won't be able to update or change anything of his profile like email, password etc. And in this way your website will remain fully secured.
+**WP User Profile Restriction** is a powerful yet simple plugin that allows you to restrict profile editing capabilities for specific user roles. Perfect for demo sites, membership websites, or any WordPress installation where you need to maintain control over user profile modifications.
+> Just install > Activate & Enjoy! No additional setup required!
+= Key Features =
+* **Granular Role-Based Restrictions** - Choose exactly which user roles should be restricted from editing their profiles
+* **Custom Redirect Options** - Redirect restricted users to a specific URL instead of showing an error message
+* **Automatic Menu Hiding** - Profile links are automatically hidden from admin bar and dashboard menu for restricted users
+* **Easy Settings Page** - Configure all options from a user-friendly settings page in WordPress admin
+* **Backward Compatible** - Maintains default security by restricting Subscribers and Contributors by default
+* **No Coding Required** - Simple checkbox interface for all configurations
+* **Lightweight & Fast** - Minimal impact on site performance
+= How It Works =
+. **Install and Activate** - The plugin works immediately with secure defaults
+. **Configure Settings** - Go to Settings > Profile Restriction to customize
+. **Select Roles** - Check which user roles should be restricted
+. **Optional Redirect** - Set a custom redirect URL if desired
+. **Done!** - Restricted users can no longer edit their profiles
+= Default Behavior =
+By default, the plugin restricts **Subscribers** and **Contributors** from editing their profiles. This maintains security while allowing Editors, Authors, and Administrators full access. You can customize this behavior at any time from the settings page.
+= Perfect For =
+* Demo and staging websites
+* Membership sites
+* Multi-author blogs
+* Educational institutions
+* Client websites
+* Any site requiring profile editing restrictions
+= What Gets Restricted =
+* Direct access to profile.php page
+* Profile link in admin bar
+* Profile submenu in dashboard
+* All profile editing capabilities for selected roles
+= Administrator Protection =
+Administrators always retain full access to edit any profile, regardless of plugin settings. This ensures you never lock yourself out of critical functionality.
 == Installation ==
+### Direct Install From WordPress Dashboard
+= Automatic Installation (Recommended) =
+. Go to Plugins page
+. Add New and search for 'WP User Profile Restriction'
+. You will see the plugin in the search list.
+. Install and activate the plugin. That's all.
+. Log in to your WordPress dashboard
+. Navigate to Plugins > Add New
+. Search for "WP User Profile Restriction"
+. Click "Install Now" and then "Activate"
+. Go to Settings > Profile Restriction to configure
+= Manual Installation =
+### Manual Install From WordPress Dashboard
+. Download the plugin ZIP file
+. Log in to your WordPress dashboard
+. Navigate to Plugins > Add New > Upload Plugin
+. Choose the downloaded ZIP file and click "Install Now"
+. Activate the plugin
+. Go to Settings > Profile Restriction to configure
+If your server is not connected to the Internet, then you can use this method-
+= FTP Installation =
+. Download the plugin. A ZIP file will be downloaded.
+. Login to your site’s admin panel and navigate to Plugins -> Add New -> Upload.
+. Click choose file, select the plugin file and click install
+###Install Using FTP
+If you are unable to use any of the methods due to internet connectivity and file permission issues, then you can use this method-
+. Download the plugin by clicking on the blue button above.A ZIP file will be downloaded.
+. Unzip the file.
+. Launch your favorite FTP client. Such as FileZilla, FireFTP, CyberDuck etc. If you are a more advanced user, then you can use SSH too.
+. Upload the folder to wp-content/plugins/
+. Log in to your WordPress dashboard.
+. Navigate to Plugins -> Installed
+. Activate the plugin
+. Download and unzip the plugin file
+. Upload the `wp-user-profile-restriction` folder to `/wp-content/plugins/` directory
+. Activate the plugin through the Plugins menu in WordPress
+. Go to Settings > Profile Restriction to configure
 == Frequently Asked Questions ==
+= Is this plugin needs any additional settings? =
+No, this plugin does not need any additional settings.
+= Does this plugin require any configuration? =
+No! The plugin works immediately upon activation with secure defaults (Subscribers and Contributors are restricted). However, you can customize the behavior from Settings > Profile Restriction.
+= Which user roles are restricted by default? =
+By default, **Subscribers** and **Contributors** are restricted from editing their profiles. This provides security while maintaining backward compatibility with version 1.0.6.
+= Can I choose which roles to restrict? =
+Yes! Version 2.0 introduces a settings page where you can select exactly which user roles should be restricted using simple checkboxes.
+= Can administrators still edit profiles? =
+Yes, administrators always have full access to edit any profile, regardless of plugin settings.
+= What happens when a restricted user tries to access their profile? =
+By default, they see an error message. Optionally, you can enable custom redirect to send them to a specific page (like the homepage or a custom access denied page).
+= Will restricted users see the Profile menu? =
+No, the Profile link is automatically hidden from both the admin bar and the dashboard sidebar menu for all restricted users.
+= Can I redirect restricted users to a custom page? =
+Yes! In the settings page, you can enable custom redirect and specify any URL where restricted users should be redirected.
+= Is this plugin compatible with the latest WordPress version? =
+Yes, the plugin is regularly tested and updated to ensure compatibility with the latest WordPress releases.
+= Will this affect my existing users? =
+If you're upgrading from version 1.0.6, the plugin maintains the same default behavior (restricting Subscribers and Contributors). Your existing security settings remain intact.
+= Can I restrict Editors or Authors? =
+Yes, you can select any combination of user roles to restrict from the settings page.
+= Does this work with custom user roles? =
+Yes, the plugin automatically detects all user roles on your site, including custom roles created by other plugins.
+== Screenshots ==
+. Settings page with role-based restriction options
+. Custom redirect configuration
+. Restricted user attempting to access profile
+. Admin bar with profile menu hidden for restricted users
 == Changelog ==
+= 2.0.0 (2024-11-09) =
+* **Major Update** - Complete rewrite with new features
+* Added: Settings page for easy configuration
+* Added: Granular role-based restriction controls
+* Added: Custom redirect option for restricted users
+* Added: Automatic hiding of Profile menu for restricted users
+* Added: Checkbox interface for selecting restricted roles
+* Improved: Code structure using OOP approach
+* Improved: Security with proper sanitization and validation
+* Improved: User experience with informative settings page
+* Maintained: Backward compatibility with default restrictions
+* Updated: Tested with WordPress 6.8.3
+= 2.0.0 =
+Major update with new settings page, granular role controls, custom redirect options, and automatic menu hiding. Fully backward compatible with default security settings maintained.
 = 1.0.6 =
 *[Fix] - Compatibility with the latest WP
+* Fix: Compatibility with the latest WordPress version
 = 1.0.5 =
 * Compatiblity Fix with the latest WP 5.8.2
+* Compatibility fix with WordPress 5.8.2
 = 1.0.4 =
 * Compatiblity Fix with the latest WP
+* Compatibility fix with latest WordPress
 = 1.0.3 =
 * Compatiblity Check
+* Compatibility check
 = 1.0.2 =
 * Compatiblity with 5.3.2
+* Compatibility with WordPress 5.3.2
 = 1.0.1 =
 * Compatiblity with 5.1
+* Compatibility with WordPress 5.1
 = 1.0.0 =
 * Initial Release
+* Initial release
+== Additional Information ==
+= Support =
+For support, feature requests, or bug reports, please visit the plugin's support forum on WordPress.org.
+= Privacy =
+This plugin does not collect, store, or transmit any user data. All settings are stored locally in your WordPress database.
+= Credits =
+Developed by Shawon C for TheInnovs LLC

wp-user-profile-restriction/trunk/wp-upr.php

-                      r3056466
+                      r3392566
 Plugin Name: WP User Profile Restriction
 Plugin URI: https://wordpress.org/plugins/wp-user-profile-restriction/
+Description: Disallow users to edit their own profile if he is not an Admin/Editor/Author.
+Author: Shawon
+Version: 1.0.6
+Author URI: http://shawon.co
+Description: Disallow users to edit their own profile if he is not an Admin/Editor/Author. Now with granular role-based restrictions and custom redirect options.
+Author: Shawon, theinnovs, innovs
+Version: 2.0.0
+Author URI: https://theinnovs.com
+Text Domain: wp-user-profile-restriction
+Domain Path: /languages
 */
 // don't call the file directly
 if ( ! defined( 'ABSPATH' ) ) exit;
+function wpupr_disable_editing_my_profile () {
+   $user = wp_get_current_user();
+   $allowed_roles = array('editor', 'administrator', 'author');
+   if( !array_intersect($allowed_roles, $user->roles ) )
+   {
+       wp_die( 'You are not permitted to change your Profile information. Please contact Site Admin to update your profile if necessary.' );
+   }
+/**
+ * WP User Profile Restriction Class
+ */
+class WP_User_Profile_Restriction {
+    /**
+     * Plugin version
+     */
+    const VERSION = '2.0.0';
+    /**
+     * Option name for settings
+     */
+    const OPTION_NAME = 'wpupr_settings';
+    /**
+     * Constructor
+     */
+    public function __construct() {
+        // Initialize plugin
+        add_action( 'admin_init', array( $this, 'init_settings' ) );
+        add_action( 'admin_menu', array( $this, 'add_settings_page' ) );
+        add_action( 'load-profile.php', array( $this, 'restrict_profile_access' ) );
+        // Note: Menu hiding removed - menus remain visible, restriction happens on profile.php load
+        // Set default options on activation
+        register_activation_hook( __FILE__, array( $this, 'activate' ) );
+        // Hook: After plugin initialization
+        do_action( 'wpupr_init', $this );
+    }
+    /**
+     * Plugin activation
+     */
+    public function activate() {
+        // Set default options if not exists
+        if ( false === get_option( self::OPTION_NAME ) ) {
+            $default_options = array(
+                'restricted_roles' => array( 'subscriber', 'contributor' ),
+                'redirect_url' => '',
+                'redirect_enabled' => '0'
+            );
+            // Filter: Modify default options on activation
+            $default_options = apply_filters( 'wpupr_default_options', $default_options );
+            update_option( self::OPTION_NAME, $default_options );
+        }
+        // Action: After plugin activation
+        do_action( 'wpupr_activated' );
+    }
+    /**
+     * Get plugin settings
+     */
+    public function get_settings() {
+        $defaults = array(
+            'restricted_roles' => array( 'subscriber', 'contributor' ),
+            'redirect_url' => '',
+            'redirect_enabled' => '0'
+        );
+        $settings = get_option( self::OPTION_NAME, $defaults );
+        // Ensure restricted_roles is always an array
+        if ( ! isset( $settings['restricted_roles'] ) || ! is_array( $settings['restricted_roles'] ) ) {
+            $settings['restricted_roles'] = $defaults['restricted_roles'];
+        }
+        // Filter: Modify retrieved settings
+        return apply_filters( 'wpupr_get_settings', $settings );
+    }
+    /**
+     * Check if current user role is restricted
+     */
+    public function is_user_restricted() {
+        $user = wp_get_current_user();
+        $settings = $this->get_settings();
+        $restricted_roles = $settings['restricted_roles'];
+        // Filter: Modify restricted roles list
+        $restricted_roles = apply_filters( 'wpupr_restricted_roles', $restricted_roles, $user );
+        // Check if user has any restricted role
+        $is_restricted = (bool) array_intersect( $restricted_roles, $user->roles );
+        // Filter: Override restriction check
+        return apply_filters( 'wpupr_is_user_restricted', $is_restricted, $user );
+    }
+    /**
+     * Restrict profile access
+     */
+    public function restrict_profile_access() {
+        // Action: Before restriction check
+        do_action( 'wpupr_before_restrict_profile' );
+        if ( ! $this->is_user_restricted() ) {
+            // Action: User is not restricted
+            do_action( 'wpupr_user_not_restricted' );
+            return;
+        }
+        // Action: User is restricted
+        do_action( 'wpupr_user_restricted' );
+        $settings = $this->get_settings();
+        // Check if custom redirect is enabled
+        if ( $settings['redirect_enabled'] === '1' ) {
+            $redirect_url = ! empty( $settings['redirect_url'] ) ? $settings['redirect_url'] : home_url();
+            // Filter: Modify redirect URL
+            $redirect_url = apply_filters( 'wpupr_redirect_url', $redirect_url, wp_get_current_user() );
+            // Action: Before redirect
+            do_action( 'wpupr_before_redirect', $redirect_url );
+            // Use wp_redirect instead of wp_safe_redirect for external URLs
+            wp_redirect( esc_url_raw( $redirect_url ) );
+            exit;
+        } else {
+            // Default wp_die message
+            $message = __( 'You are not permitted to change your Profile information. Please contact Site Admin to update your profile if necessary.', 'wp-user-profile-restriction' );
+            $title = __( 'Access Denied', 'wp-user-profile-restriction' );
+            $args = array( 'response' => 403 );
+            // Filter: Modify wp_die message
+            $message = apply_filters( 'wpupr_access_denied_message', $message, wp_get_current_user() );
+            // Filter: Modify wp_die title
+            $title = apply_filters( 'wpupr_access_denied_title', $title, wp_get_current_user() );
+            // Filter: Modify wp_die args
+            $args = apply_filters( 'wpupr_access_denied_args', $args, wp_get_current_user() );
+            // Action: Before wp_die
+            do_action( 'wpupr_before_access_denied', $message, $title, $args );
+            wp_die( $message, $title, $args );
+        }
+    }
+    /**
+     * Remove profile link from admin bar
+     * NOTE: This method is kept for backward compatibility with hooks but is not called by default.
+     * Menus remain visible; restriction happens when user tries to access profile.php
+     */
+    public function remove_profile_menu( $wp_admin_bar ) {
+        // Method kept for backward compatibility with hooks
+        // Not called by default - menus remain visible
+        if ( ! $this->is_user_restricted() ) {
+            return;
+        }
+        // Action: Before removing admin bar menu
+        do_action( 'wpupr_before_remove_admin_bar_menu', $wp_admin_bar );
+        // Filter: Which admin bar nodes to remove
+        $nodes_to_remove = apply_filters( 'wpupr_admin_bar_nodes_to_remove', array( 'user-info', 'edit-profile' ) );
+        // Remove nodes
+        foreach ( $nodes_to_remove as $node ) {
+            $wp_admin_bar->remove_node( $node );
+        }
+        // Action: After removing admin bar menu
+        do_action( 'wpupr_after_remove_admin_bar_menu', $wp_admin_bar );
+    }
+    /**
+     * Remove profile submenu from dashboard
+     * NOTE: This method is kept for backward compatibility with hooks but is not called by default.
+     * Menus remain visible; restriction happens when user tries to access profile.php
+     */
+    public function remove_profile_submenu() {
+        // Method kept for backward compatibility with hooks
+        // Not called by default - menus remain visible
+        if ( ! $this->is_user_restricted() ) {
+            return;
+        }
+        // Action: Before removing submenu
+        do_action( 'wpupr_before_remove_submenu' );
+        // Filter: Which submenus to remove (parent_slug => menu_slug)
+        $submenus_to_remove = apply_filters( 'wpupr_submenus_to_remove', array(
+            'users.php' => 'profile.php'
+        ) );
+        // Remove submenus
+        foreach ( $submenus_to_remove as $parent_slug => $menu_slug ) {
+            remove_submenu_page( $parent_slug, $menu_slug );
+        }
+        // Action: After removing submenu
+        do_action( 'wpupr_after_remove_submenu' );
+    }
+    /**
+     * Add settings page to admin menu
+     */
+    public function add_settings_page() {
+        $page_title = __( 'User Profile Restriction Settings', 'wp-user-profile-restriction' );
+        $menu_title = __( 'Profile Restriction', 'wp-user-profile-restriction' );
+        $capability = 'manage_options';
+        $menu_slug = 'wpupr-settings';
+        // Filter: Modify settings page parameters
+        $page_title = apply_filters( 'wpupr_settings_page_title', $page_title );
+        $menu_title = apply_filters( 'wpupr_settings_menu_title', $menu_title );
+        $capability = apply_filters( 'wpupr_settings_capability', $capability );
+        add_options_page(
+            $page_title,
+            $menu_title,
+            $capability,
+            $menu_slug,
+            array( $this, 'render_settings_page' )
+        );
+    }
+    /**
+     * Initialize settings
+     */
+    public function init_settings() {
+        register_setting(
+            'wpupr_settings_group',
+            self::OPTION_NAME,
+            array( $this, 'sanitize_settings' )
+        );
+        // Role Restrictions Section
+        add_settings_section(
+            'wpupr_role_section',
+            __( 'Role-Based Restrictions', 'wp-user-profile-restriction' ),
+            array( $this, 'role_section_callback' ),
+            'wpupr-settings'
+        );
+        add_settings_field(
+            'wpupr_restricted_roles',
+            __( 'Restrict Profile Editing for:', 'wp-user-profile-restriction' ),
+            array( $this, 'restricted_roles_callback' ),
+            'wpupr-settings',
+            'wpupr_role_section'
+        );
+        // Redirect Section
+        add_settings_section(
+            'wpupr_redirect_section',
+            __( 'Custom Redirect Settings', 'wp-user-profile-restriction' ),
+            array( $this, 'redirect_section_callback' ),
+            'wpupr-settings'
+        );
+        add_settings_field(
+            'wpupr_redirect_enabled',
+            __( 'Enable Custom Redirect', 'wp-user-profile-restriction' ),
+            array( $this, 'redirect_enabled_callback' ),
+            'wpupr-settings',
+            'wpupr_redirect_section'
+        );
+        add_settings_field(
+            'wpupr_redirect_url',
+            __( 'Redirect URL', 'wp-user-profile-restriction' ),
+            array( $this, 'redirect_url_callback' ),
+            'wpupr-settings',
+            'wpupr_redirect_section'
+        );
+        // Action: After settings initialization (for adding custom sections/fields)
+        do_action( 'wpupr_settings_init' );
+    }
+    /**
+     * Sanitize settings
+     */
+    public function sanitize_settings( $input ) {
+        $sanitized = array();
+        // Sanitize restricted roles
+        if ( isset( $input['restricted_roles'] ) && is_array( $input['restricted_roles'] ) ) {
+            $sanitized['restricted_roles'] = array_map( 'sanitize_text_field', $input['restricted_roles'] );
+        } else {
+            $sanitized['restricted_roles'] = array();
+        }
+        // Sanitize redirect enabled
+        $sanitized['redirect_enabled'] = isset( $input['redirect_enabled'] ) ? '1' : '0';
+        // Sanitize redirect URL
+        $sanitized['redirect_url'] = isset( $input['redirect_url'] ) ? esc_url_raw( $input['redirect_url'] ) : '';
+        // Filter: Modify sanitized settings
+        $sanitized = apply_filters( 'wpupr_sanitize_settings', $sanitized, $input );
+        // Action: After settings sanitization
+        do_action( 'wpupr_settings_saved', $sanitized, $input );
+        return $sanitized;
+    }
+    /**
+     * Role section callback
+     */
+    public function role_section_callback() {
+        $description = __( 'Select which user roles should be restricted from editing their profiles. By default, Subscribers and Contributors are restricted to maintain security.', 'wp-user-profile-restriction' );
+        // Filter: Modify section description
+        $description = apply_filters( 'wpupr_role_section_description', $description );
+        echo '<p>' . esc_html( $description ) . '</p>';
+        // Action: After role section description
+        do_action( 'wpupr_after_role_section_description' );
+    }
+    /**
+     * Restricted roles callback
+     */
+    public function restricted_roles_callback() {
+        $settings = $this->get_settings();
+        $restricted_roles = $settings['restricted_roles'];
+        // Get all WordPress roles
+        global $wp_roles;
+        $all_roles = $wp_roles->roles;
+        // Filter: Modify available roles list
+        $all_roles = apply_filters( 'wpupr_available_roles', $all_roles );
+        echo '<fieldset>';
+        echo '<legend class="screen-reader-text"><span>' . __( 'Restricted Roles', 'wp-user-profile-restriction' ) . '</span></legend>';
+        // Action: Before role checkboxes
+        do_action( 'wpupr_before_role_checkboxes', $restricted_roles );
+        foreach ( $all_roles as $role_slug => $role_info ) {
+            $checked = in_array( $role_slug, $restricted_roles ) ? 'checked="checked"' : '';
+            $role_name = translate_user_role( $role_info['name'] );
+            // Filter: Modify individual role display
+            $role_display = apply_filters( 'wpupr_role_checkbox_display', true, $role_slug, $role_info );
+            if ( ! $role_display ) {
+                continue;
+            }
+            echo '<label style="display: block; margin-bottom: 8px;">';
+            echo '<input type="checkbox" name="' . self::OPTION_NAME . '[restricted_roles][]" value="' . esc_attr( $role_slug ) . '" ' . $checked . '> ';
+            echo esc_html( $role_name );
+            // Action: After individual role checkbox
+            do_action( 'wpupr_after_role_checkbox', $role_slug, $role_info );
+            echo '</label>';
+        }
+        // Action: After role checkboxes
+        do_action( 'wpupr_after_role_checkboxes', $restricted_roles );
+        echo '</fieldset>';
+        echo '<p class="description">' . __( 'Users with checked roles will not be able to edit their profiles.', 'wp-user-profile-restriction' ) . '</p>';
+    }
+    /**
+     * Redirect section callback
+     */
+    public function redirect_section_callback() {
+        $description = __( 'Configure where restricted users should be redirected when they try to access the profile editing page.', 'wp-user-profile-restriction' );
+        // Filter: Modify redirect section description
+        $description = apply_filters( 'wpupr_redirect_section_description', $description );
+        echo '<p>' . esc_html( $description ) . '</p>';
+        // Action: After redirect section description
+        do_action( 'wpupr_after_redirect_section_description' );
+    }
+    /**
+     * Redirect enabled callback
+     */
+    public function redirect_enabled_callback() {
+        $settings = $this->get_settings();
+        $redirect_enabled = $settings['redirect_enabled'];
+        echo '<label>';
+        echo '<input type="checkbox" name="' . self::OPTION_NAME . '[redirect_enabled]" value="1" ' . checked( $redirect_enabled, '1', false ) . '> ';
+        echo __( 'Enable custom redirect instead of showing error message', 'wp-user-profile-restriction' );
+        echo '</label>';
+        echo '<p class="description">' . __( 'If disabled, users will see an error message when trying to access their profile.', 'wp-user-profile-restriction' ) . '</p>';
+    }
+    /**
+     * Redirect URL callback
+     */
+    public function redirect_url_callback() {
+        $settings = $this->get_settings();
+        $redirect_url = $settings['redirect_url'];
+        echo '<input type="url" name="' . self::OPTION_NAME . '[redirect_url]" value="' . esc_attr( $redirect_url ) . '" class="regular-text" placeholder="' . esc_attr( home_url() ) . '">';
+        echo '<p class="description">' . __( 'Enter the full URL where restricted users should be redirected (e.g., homepage or custom access denied page). Leave empty to use homepage.', 'wp-user-profile-restriction' ) . '</p>';
+    }
+    /**
+     * Render settings page
+     */
+    public function render_settings_page() {
+        if ( ! current_user_can( 'manage_options' ) ) {
+            return;
+        }
+        // Check if settings were saved
+        if ( isset( $_GET['settings-updated'] ) ) {
+            add_settings_error(
+                'wpupr_messages',
+                'wpupr_message',
+                __( 'Settings Saved Successfully!', 'wp-user-profile-restriction' ),
+                'updated'
+            );
+        }
+        settings_errors( 'wpupr_messages' );
+        // Action: Before settings page render
+        do_action( 'wpupr_before_settings_page' );
+        ?>
+        <div class="wrap">
+            <h1><?php echo esc_html( get_admin_page_title() ); ?></h1>
+            <?php
+            // Action: After settings page title
+            do_action( 'wpupr_after_settings_page_title' );
+            ?>
+            <div class="notice notice-info" style="margin-top: 20px;">
+                <p><strong><?php _e( 'Important:', 'wp-user-profile-restriction' ); ?></strong> <?php _e( 'Administrators always have full access to edit profiles regardless of these settings.', 'wp-user-profile-restriction' ); ?></p>
+            </div>
+            <?php
+            // Action: Before settings form
+            do_action( 'wpupr_before_settings_form' );
+            ?>
+            <form action="options.php" method="post">
+                <?php
+                settings_fields( 'wpupr_settings_group' );
+                do_settings_sections( 'wpupr-settings' );
+                // Action: Before submit button
+                do_action( 'wpupr_before_submit_button' );
+                submit_button( __( 'Save Settings', 'wp-user-profile-restriction' ) );
+                ?>
+            </form>
+            <?php
+            // Action: After settings form
+            do_action( 'wpupr_after_settings_form' );
+            ?>
+            <hr style="margin: 30px 0;">
+            <div class="wpupr-info-box" style="background: #fff; border: 1px solid #ccd0d4; padding: 20px; max-width: 800px;">
+                <h2><?php _e( 'How It Works', 'wp-user-profile-restriction' ); ?></h2>
+                <ul style="list-style: disc; margin-left: 20px;">
+                    <li><?php _e( '<strong>Role-Based Restrictions:</strong> Select which user roles cannot edit their profiles.', 'wp-user-profile-restriction' ); ?></li>
+                    <li><?php _e( '<strong>Profile Access:</strong> The "Profile" menu remains visible, but restricted users are blocked when they try to access it.', 'wp-user-profile-restriction' ); ?></li>
+                    <li><?php _e( '<strong>Custom Redirect:</strong> Optionally redirect restricted users to a specific page instead of showing an error message.', 'wp-user-profile-restriction' ); ?></li>
+                    <li><?php _e( '<strong>Security:</strong> Administrators always retain full access regardless of settings.', 'wp-user-profile-restriction' ); ?></li>
+                </ul>
+                <?php
+                // Action: In info box (for adding premium features info)
+                do_action( 'wpupr_settings_info_box' );
+                ?>
+                <h3 style="margin-top: 20px;"><?php _e( 'Default Behavior', 'wp-user-profile-restriction' ); ?></h3>
+                <p><?php _e( 'By default, Subscribers and Contributors are restricted to maintain backward compatibility and security. You can customize this behavior using the settings above.', 'wp-user-profile-restriction' ); ?></p>
+            </div>
+            <?php
+            // Action: Before plugin info
+            do_action( 'wpupr_before_plugin_info' );
+            ?>
+            <div style="margin-top: 20px; padding: 15px; background: #f0f0f1; border-left: 4px solid #2271b1;">
+                <p style="margin: 0;">
+                    <strong><?php _e( 'Plugin Version:', 'wp-user-profile-restriction' ); ?></strong> <?php echo self::VERSION; ?> |
+                    <strong><?php _e( 'Author:', 'wp-user-profile-restriction' ); ?></strong> Shawon
+                </p>
+            </div>
+            <?php
+            // Action: After settings page render
+            do_action( 'wpupr_after_settings_page' );
+            ?>
+        </div>
+        <?php
+    }
+}
+add_action( 'load-profile.php', 'wpupr_disable_editing_my_profile' );
+// Initialize the plugin
+new WP_User_Profile_Restriction();

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 3392566

Changelog

2.0.0 (2024-11-09)

Legend:

wp-user-profile-restriction/trunk/README.txt

wp-user-profile-restriction/trunk/wp-upr.php

Download in other formats: