Wordpress - Disallow user from editing their own profile information
great answer, to take this a step further and for anyone looking to apply this to all non-admin users (e.g. contributers, editors etc.)
// ===== remove edit profile link from admin bar and side menu and kill profile page if not an admin
if( !current_user_can('activate_plugins') ) {
function mytheme_admin_bar_render() {
global $wp_admin_bar;
$wp_admin_bar->remove_menu('edit-profile', 'user-actions');
}
add_action( 'wp_before_admin_bar_render', 'mytheme_admin_bar_render' );
function stop_access_profile() {
if(IS_PROFILE_PAGE === true) {
wp_die( 'Please contact your administrator to have your profile information changed.' );
}
remove_menu_page( 'profile.php' );
remove_submenu_page( 'users.php', 'profile.php' );
}
add_action( 'admin_init', 'stop_access_profile' );
}
Worked it out with a bit of time. Here is the code I am using:
<?php
/*
Plugin Name: Restrict User Editing Own Profile
Plugin URI: http://www.philosophydesign.com
Description: Restricts users from editing their own profile information.
Author: Scott Cariss
Version: 0.1
Author URI: http://www.philosophydesign.com/scott-cariss.html
*/
add_action( 'admin_menu', 'stop_access_profile' );
function stop_access_profile() {
remove_menu_page( 'profile.php' );
remove_submenu_page( 'users.php', 'profile.php' );
if(IS_PROFILE_PAGE === true) {
wp_die( 'You are not permitted to change your own profile information. Please contact a member of HR to have your profile information changed.' );
}
}
?>
The above code stops anyone from editing their own profile information despite who they are. People who have the ability to create and edit uses can still do so but cannot alter their own.
Solution as a (MU-)Plugin
I checked all the provided solutions and thought I could make a nice MU-Plugin out of it. The only real change is that it avoids
<?php
! defined( 'ABSPATH' ) AND exit;
/**
* Plugin Name: Disable profile page link
* Description: Remove edit profile link from admin bar and side menu and kill profile page if user isn't an administrator.
*/
# Version: 2012-09-15.2245
function oxo_stop_access_profile()
{
// Remove AdminBar Link
if (
'wp_before_admin_bar_render' === current_filter()
AND ! current_user_can( 'manage_options' )
)
return $GLOBALS['wp_admin_bar']->remove_menu( 'edit-profile', 'user-actions' );
// Remove (sub)menu items
remove_menu_page( 'profile.php' );
remove_submenu_page( 'users.php', 'profile.php' );
// Deny access to the profile page and redirect upon try
if (
defined( 'IS_PROFILE_PAGE' )
AND IS_PROFILE_PAGE
AND ! current_user_can( 'manage_options' )
)
{
wp_redirect( admin_url() );
exit;
}
}
add_action( 'wp_before_admin_bar_render', 'oxo_stop_access_profile' );
add_action( 'admin_menu', 'oxo_stop_access_profile' );