We have a site where we want people to do everyhing through a front-end form, so we wanted to block access to wp-admon.
however whenever we use any kind of php function to do it, it prevents image uploads in safari/ios.
this is the kind of code we’re using (I’ve tried a lot of variations on this) – and weirdly its only an issue with safari. You just get a ‘there has been an error with this upload’ message.
add_action('admin_init', 'no_mo_dashboard');
function no_mo_dashboard() {
if (!current_user_can('manage_options') && $_SERVER['DOING_AJAX'] != '/wp-admin/admin-ajax.php') {
wp_redirect( "http://www.mysite.co.uk/404.php");
exit;
}
}
I had a work around for this, then somehow something was changed with ACF and I had to desperately remove my function (similar to yours posted above) so people could keep uploading images. Once I figure my solution out again, I’ll try to remember to post it here.
This is a big deal that needs to be worked around hopefully in v5, if not, shortly after.
Here’s what I’m doing, and I can confirm that it works in Safari with ACF 5. DOING_AJAX is a global constant… is there a reason why the value needs to be confirmed? I’m just making sure that it’s set to something other than FALSE.
add_action( 'admin_init', 'redirect_admin' );
function redirect_admin() {
if ( ! current_user_can( 'manage_options' ) && defined( 'DOING_AJAX' ) && DOING_AJAX ) {
wp_redirect( site_url() );
exit;
}
}
hmm – that didn;t seem to block people – I’m testing this at the moment
add_action( 'admin_init', 'redirect_admin' );
function redirect_admin() {
if ( is_admin() && ! current_user_can( 'administrator' ) && ! (defined( 'DOING_AJAX' ) && DOING_AJAX ) ){
wp_redirect( "http://www.cultshare.co.uk/404.php");
exit;
}
}
I think it’s because you have && ! (defined( 'DOING_AJAX' ) instead of && (defined( 'DOING_AJAX' )
Also, I think that checking for is_admin() is redundant, since you’re using the admin_init action, which only runs on an admin screen.
you’re right – the is_admin() is not needed, but I swapped all the is/isnot (!) to be correct from your code, and it didn’t work for me.
this is working absolutely perfectly for me.
add_action( 'admin_init', 'redirect_admin' );
function redirect_admin() {
if ( ! current_user_can( 'administrator' ) && ! (defined( 'DOING_AJAX' ) && DOING_AJAX ) ){
wp_redirect( "http://www.cultshare.co.uk/404.php");
exit;
}
}
You’re totally right… I should have checked my code. In thinking about it, it makes perfect sense: you are checking that the user is not an admin and that AJAX is not being run (which would be in the backend). I went back to my implementation of it, which is quite a bit more complex due to the nature of my site, but I am effectively doing the same thing. I guess I just got confused when I applied the logic to your instance on here. Sorry about that! Glad it’s working for you.
no need to apologise – thanks for the input!
