-1

I have a PHP script that dynamically generates a TSV file based on database content (using something similar to https://stackoverflow.com/a/125125/701867). However, I only want this page to be accessible to certain people.

The rest of the website uses WordPress as it's membership system, so ideally I'd like to tie it in with this.

How would I go about making this script only accessible to specific WordPress users?

Community
  • 1
  • 1
James Baker
  • 1,143
  • 17
  • 39
  • 1
    What have you tried so far to do that? Please read and review [What topics can I ask about here?](http://stackoverflow.com/help/on-topic) – Charlotte Dunois Jan 24 '16 at 10:26
  • I've not been able to try a lot, as my WordPress experience is limited. Embedding the PHP directly into a page didn't work, and I was unable to access the WordPress membership variables directly from a standalone page. – James Baker Jan 24 '16 at 10:31

1 Answers1

1

If you are not loading this through the wordpress system you need to include wp_load.php at the top of the file. Do this using relative include: <?php include '../../../wp-load.php'; ?>.

When you have done this you can use <?php current_user_can( $capability ); ?> to determine if the current user can access the file.

See https://codex.wordpress.org/Function_Reference/current_user_can.

Remember this can pose a security risk to the Wordpress system. All text input must be filtered as the admin functions can now be called when wp_load.php is included.

Austin Collins
  • 439
  • 3
  • 13