How to disable profile.php for users?

I am using wordpress 4.2.2 and i am using buddypress latest version. I want all my users customize their profile at buddypress profile page. So i want to disable profile.php for the users. I hide the profile link from dashboard by the WP admin UI customize plugin.But when anyone type url mysite/wp-admin/profile.php it's appear on browser.So i want to escape from the problem and want to disable profile.php for the users. What should i do to do this?

Topic profiles Wordpress

Category Web


Extending on @birgire 's answer, from which I found the first snippet to be the cleanest one I've seen for this, I wanted to add the following since I think it might be useful for most people arriving to this thread.

If you don't want users to access their profile on the backend, you will most probably also don't want them to be able to access the dashboard.

The use case is when you have subscribers that you don't want to access the backend at all. By default they can access the dashboard and their profile, so let's avoid that:

function redirect_subscribers () {
    if( ! current_user_can( 'edit_posts' ) ) {
        exit( wp_safe_redirect( site_url() ) );
    }
}
add_action( 'load-index.php', 'redirect_subscribers ' );
add_action( 'load-profile.php', 'redirect_subscribers ' );

Notice that in this case I've used the edit_posts capability, since I'm only targeting subscribers and this is a capability all roles have except for subscribers.

Then I'm using site_url() to redirect them to the homepage, but you could also use get_permalink($page_id) using the id of the page where you have created a "My account" area as a parameter.


I like this one. You can add admin pages to the array to redirect them. I have it redirecting to the Dashboard below, but you can redirect to BuddyPress URL as well... I'm just not sure what that URL is since I don't use BP very often.

   function no_proflie_admin_pages_redirect() {
      global $pagenow;
      if(!current_user_can('manage_options')) {
          $admin_redirects = array(
                    'profile.php'
                );
          if(in_array($pagenow, $admin_redirects)){
            wp_redirect( admin_url('/') ); exit;
          }
      }
    }
    add_action('admin_init', 'no_proflie_admin_pages_redirect');
  

You can also hide any additional profile.php links with simple CSS:

function hide_any_profile_links() { ?>
    <style type="text/css">
        a[href="http://example.com/wp-admin/profile.php"], a[href="profile.php"]{
            display: none!important;
        }
    </style>
<?php }
add_action('admin_head', 'hide_any_profile_links', 999);

The above could also be achieved with jquery or using PHP and the output buffer.


The following code* will redirect non-admin to a custom profile page in the front end, because instead of disabling you need to redirect them to your custom page. :)

<?php
add_action ('init' , 'wpse_redirect_profile_access');

function wpse_redirect_profile_access(){
        //admin won't be affected
        if (current_user_can('manage_options')) return '';

        //if we're at admin profile.php page
        if (strpos ($_SERVER ['REQUEST_URI'] , 'wp-admin/profile.php' )) {
            wp_redirect ( home_url( '/my-profile' )); // to page like: example.com/my-profile/
            exit();
        }

}

*Source^


Redirect from profile.php to the dashboard

Here's one way to do it:

add_action( 'load-profile.php', function() {
    if( ! current_user_can( 'manage_options' ) )
        exit( wp_safe_redirect( admin_url() ) );
} );

where we redirect to the dashboard instead, if the current user can't manage options.

Redirect from profile.php to the current user's member page

If you want to redirect to the member's profile page, you could try (untested):

add_action( 'load-profile.php', function() {
    if( ! current_user_can( 'manage_options' ) && function_exists( 'bp_core_get_user_domain' ) )
        exit( wp_safe_redirect( bp_core_get_user_domain( get_current_user_id() ) ) );
} );

The bp_core_get_user_domain() function is mentioned in this answer, few years ago, by @BooneGorges.

I just checked the BP source and this function is still available in BP 2.3 (see here).

For PHP < 5.3

add_action( 'load-profile.php', 'wpse_195353_profile_redirect_to_dashboard' );
function wpse_195353_profile_redirect_to_dashboard()
{
    if( ! current_user_can( 'manage_options' ) )
        exit( wp_safe_redirect( admin_url() ) );
}

and

add_action( 'load-profile.php', 'wpse_195353_profile_redirect_to_member_page' );
function wpse_195353_profile_redirect_to_member_page()
{
    if( ! current_user_can( 'manage_options' ) && function_exists( 'bp_core_get_user_domain' ) )
        exit( wp_safe_redirect( bp_core_get_user_domain( get_current_user_id() ) ) );
}

but you should consider updating your PHP if that's the case.

About

Geeks Mental is a community that publishes articles and tutorials about Web, Android, Data Science, new techniques and Linux security.