How can I make my custom templates respect permissions?

I use the Members plugin to manage permissions on my site. For standard templates, it works great – when the user doesn’t have permission to see a page, they get the following message:

Sorry, but you do not have permission to view this content.

Read More

How can I make sure I still get this message in my custom templates? Which tag do I need to include?

EDIT. Template source:

<?php
/*
Template Name: Stats
*/
?>


<?php
get_header();
?>

<div id="main">

<div id="contentwrapper">
  <div class="topPost">
    <h2 class="topTitle"><a href="<?php the_permalink() ?>"><?php the_title(); ?></a></h2>
    <div class="topContent">
      <p>Listeners are counted every minute. The green line is the <b>maximum</b> during any given time period. The red area is the <b>average</b> number of listeners during the same time period.</p>
      <h3>Listeners over the last hour</h3>
      <img class="alignnone" title="Listeners over the last hour" src="<?php echo get_graph(60,60); ?>" alt="" width="481" height="149" />
      <hr/>
      <h3>Listeners over the last day</h3>
      <img class="alignnone" title="Listeners over the last day" src="<?php echo get_graph(3600,24); ?>" alt="" width="481" height="149" />
      <hr/>
      <h3>Listeners over the last week</h3>
      <img class="alignnone" title="Listeners over the last week" src="<?php echo get_graph(86400,7); ?>" alt="" width="481" height="149" />
    </div>
    <div class="cleared"></div>
  <div class="cleared"></div>
  </div> <!-- Closes topPost -->
</div> <!-- Closes contentwrapper-->

<?php get_sidebar(); ?>
<div class="cleared"></div>

</div><!-- Closes Main -->


<?php get_footer(); ?>

Note: The purpose of this template is to act as a front end for a shell script. Any content on the database is irrelevant, so there’s no loop. (Though including a dummy loop didn’t seem to help.)

Related posts

Leave a Reply

2 comments

  1. Message you quoted is being generated by members_content_permissions_protect() function. By default it is used as a filter on the_content() and the_excerpt() functions. Since your custom template doesn’t use these – there is no case for function to run.

    Try something like this in template:

    $content = 'Content to protect';
    echo members_content_permissions_protect( $content );
    

    Another idea:

    $protected = members_content_permissions_protect( false );
    
    if( false !== $protected ) {
    
        echo $protected;
    }
    else {
    
        //template stuff goes here
    }
    
  2. You can use the userlevels system, youc an find more information on roles levels and capabilities here:

    http://codex.wordpress.org/Roles_and_Capabilities

    See here for how the old ‘roles’ map onto the user levels system:

    http://codex.wordpress.org/Roles_and_Capabilities#User_Levels

    You can further define in your templates wether a user of a given role can view a page or not using the following:

    global $current_user;
    
    get_currentuserinfo();
    
    if ($current_user->user_level < 8) {
        // stuff that is only visible to users lower than level 8
    }
    

    Also bear in mind:

    if ( is_user_logged_in() ) { ... }
    

    http://codex.wordpress.org/Function_Reference/is_user_logged_in

    Using these you should be able to control who can see what, and at what level of access they need to see it