Tag Archives: role

This snippet is great for security to protect your WordPress site against malicious URL requests.

Add this to your functions.php file.

global $user_ID; if($user_ID) {
	if(!current_user_can('administrator')) {
		if (strlen($_SERVER['REQUEST_URI']) > 255 ||
			stripos($_SERVER['REQUEST_URI'], "eval(") ||
			stripos($_SERVER['REQUEST_URI'], "CONCAT") ||
			stripos($_SERVER['REQUEST_URI'], "UNION+SELECT") ||
			stripos($_SERVER['REQUEST_URI'], "base64")) {
				@header("HTTP/1.1 414 Request-URI Too Long");
				@header("Status: 414 Request-URI Too Long");
				@header("Connection: Close");

With this snippet, you can create a WordPress page template with restricted access only to those users with the right role to access to it.

You will need to create the include, in this case error.php – this include should contain the message you wish to show.
If your template-custom.php page, is not intended for a given user, then your error.php could say something like: “Sorry, you are not allowed to access this page!”. Or you could do a redirect in your error.php file.

If you create custom roles you can do the same ie. buyers, clients, etc.

Ad this to the top section of your template-custom-php file.

/* Template Name: Restricted to Authors only */
     if ( !current_user_can('author')) {

Related Links:

Heres a little nifty WordPress snippet that will show the number of queries made and the page load time. This can come in handy if you, for instance, need to debug or optimize the performance of your WordPress site.

Add this code snippet to a template file during testing in the location where you want the info to show. In this example the output is wrapped in an “if user is administrator” condition – so that the output is only visible to users with administrator rights.

<?php if(current_user_can('administrator')): ?>
     <?php echo get_num_queries(); ?> queries in <?php timer_stop(1); ?> seconds.
<?php endif; ?>

Related links