Hide posts not authored by user

Hi
Is there a way to hide any pages, posts and custom posts to logged in members where they are not the page/post author using mebership 2 pro?

  • Kasia Swiderska

    Hello Adam,

    No, Membership 2 Pro does not have that type of feature. It can hide posts/pages depending of the membership - if user is not subscriber of membership then they wont see post/page that is protected by them.
    Hiding posts from non-authors will require another plugin - please see tutorial on how to do that http://www.wpbeginner.com/plugins/how-to-limit-authors-to-their-own-posts-in-wordpress-admin/

    Other solution is to use similar code snippet http://wordpress.stackexchange.com/a/89325

    Let me know if you have more questions.

    kind regards,
    Kasia

  • Nithin

    Hi Adam,

    Hope you are doing good today. :slight_smile:

    At the moment, the Membership 2 Pro plugin, can restrict contents in the front end, according to it's membership. Do you want the post to be restricted both in the front end, and backend? or is it only in the front end?

    Maybe it could be achievable with a bit of tweaking in the code, I'm pinging the developer, regarding this to see whether we could have any quick workaround. Will keep you posted once, I get an update regrading this asap.

    Kind Regards,
    Nithin

  • Adam

    It's only the front end I'm looking to restrict, the scenario is I have created a post for each of my clients, I have set them up as the author of their respective post. I only want the user to be able to view their post so when
    user A logs in they can see post A for which they are the author
    when user B logs in they can see post B and so forth.
    So far the only way I have found to do it is to create a membership type for each user, which in itself is really clunky. If there was a wal to have the option to have just one membership type with an option to hide posts not by that user it would really help

  • Rupok

    Hi Adam,

    So you want to hide all posts from logged in user for which he is not the author, right? In other words, an author should be able to see posts in front-end which he has authored, right? You can do this by creating a MU Plugin. For creating a MU Plugin, create a folder named "mu-plugins" inside your "wp-content" folder. Then inside that "mu-plugins" folder, create a file with any name and with a .php extension. Now paste the code inside that file and save.

    <?php
    add_filter( 'the_content', 'protect_posts_from_non_author' );
    function protect_posts_from_non_author( $content ){
        global $post;
        $user_id = get_current_user_id();
        if( ! isset( $post->post_author ) || $user_id == $post->post_author || $post->post_type !="post" )  return $content;
        return "Sorry, you are not allowed to see this post content";
    }

    For getting more idea on mu plugins, you can go through this article: http://premium.wpmudev.org/manuals/wpmu-manual-2/using-mu-plugins/

    You can change "Sorry, you are not allowed to see this post content" this message with your desired message.

    This will check if current post author ID and currently logged in user ID are same or not. If same, then it will show the post content. If not same, then it will hide the content and show a message.

    Please let us know if this is not exactly what you are looking for. We will be glad to assist further.

    Edit Note: Updated code with post type checker!

    Have a nice day. Cheers!
    Rupok

  • Adam

    Thanks for that piece of code, after a couple of months of trial and error i feel that I'm now making progress with this, and I really appreciate your help. The plugin works in preventing the post being read on the built in posts but it doesn't seem to have any effect on the custom posts. My followup questions are
    1-How can I make it work with custom post types I've made through Custompress?
    2-Can it be modified to not show any of the post at all in the list of posts to non authors?

  • Kasia Swiderska

    Hello Adam,

    For first request, this code will work with custom posts also

    <?php
    add_filter( 'the_content', 'protect_posts_from_non_author' );
    function protect_posts_from_non_author( $content ){
        global $post;
        $user_id = get_current_user_id();
        if( ! isset( $post->post_author ) || $user_id == $post->post_author || !( $post->post_type ="post") )  return $content;
        return "Sorry, you are not allowed to see this post content";
    }

    For second request:

    function exclude_category( $query ) {
    
    		$user_id = get_current_user_id();
    
        if ( !is_admin() && $query->is_home() && $query->is_main_query() || !is_admin() && $query->is_post_type_archive('fgvhjbkl')) {
            $query->set('author', $user_id );
        }
    }
    add_action( 'pre_get_posts', 'exclude_category' );

    where fgvhjbkl will be name of your custom post type you want to hide. Second code will work for custom posts and normal posts.

    kind regards,
    Kasia

  • Adam

    That's fab and is pretty much spot on for what I was looking for, massive thank you.

    All in all it works really well but I have discovered two little niggly issues,
    1) how do I set it to work on only custom posts, when the user is logged in it also hides all my blog posts made with the standard inbuilt post type as well as the custom posts I need it to hide.
    2) is there a line of code that I can add to hide the custom posts from anyone visiting the site that isn't logged in?

  • Kasia Swiderska

    Hello Adam,

    1) how do I set it to work on only custom posts, when the user is logged in it also hides all my blog posts made with the standard inbuilt post type as well as the custom posts I need it to hide.

    Try this:

    `<?php
    add_filter( 'the_content', 'protect_posts_from_non_author' );
    function protect_posts_from_non_author( $content ){
    global $post;
    $user_id = get_current_user_id();
    if( ! isset( $post->post_author ) || $user_id == $post->post_author || !( $post->post_type == "post":wink: ) return $content;
    return "Sorry, you are not allowed to see this post content";
    }

    function exclude_category( $query ) {

    $user_id = get_current_user_id();

    if ( !is_admin() && $query->is_home() && $query->is_main_query() || !is_admin() && $query->is_post_type_archive('fgvhjbkl':wink:) {
    $query->set('author', $user_id );
    $query->set('post_type', 'fgvhjbkl' );

    }
    }
    add_action( 'pre_get_posts', 'exclude_category' );

    Where again replace fgvhjbkl with your custom post type.

    2) is there a line of code that I can add to hide the custom posts from anyone visiting the site that isn't logged in?

    Because you are using Membership 2 Pro already you can create Default membership and protect custom posts types with it - default membership hides content from non-logged in visitors, but allows logged in users to see that content.

    kind regards,
    Kasia

  • Nithin

    Hi Adam,

    It seems like the above code wasn't formatted correctly while pasting it here, sorry about that. Please check the following code here, and let us know how that goes:

    <?php
    add_filter( 'the_content', 'protect_posts_from_non_author' );
    
    function protect_posts_from_non_author( $content ){
    	global $post;
    	$user_id = get_current_user_id();
    	if( ! isset( $post->post_author ) || $user_id == $post->post_author || !( $post->post_type == "post" ) 	return $content;
    
    	return "Sorry, you are not allowed to see this post content";
    }
    
    function exclude_category( $query ) {
    
    	$user_id = get_current_user_id();
    
    	if ( !is_admin() && $query->is_post_type_archive('fgvhjbkl') {
    		$query->set('author', $user_id );
    	}
    }
    add_action( 'pre_get_posts', 'exclude_category' );

    If the above code doesn't work, could you please confirm whether you are mixing your blog posts with custom post types in your blog page?

    Kind Regards,
    Nithin

  • Rupok

    Hi Adam,

    is there any way to make it work with an additional custom post type so it is effectively filtering out two different custom post types

    Do you mean that you don't want to protect posts from *all* custom post types from non-authors, rather you want to protect posts from *specific* custom post types from non-authors? If yes, then you have to replace this line from the previous code:
    if( ! isset( $post->post_author ) || $user_id == $post->post_author || !( $post->post_type == "post" ) return $content;
    With this line:
    if( ! isset( $post->post_author ) || $user_id == $post->post_author || $post->post_type !="post" || $post->post_type !="custom_post_type" ) return $content;
    If you want to protect two custom post types with native posts, then the line will be:
    if( ! isset( $post->post_author ) || $user_id == $post->post_author || $post->post_type !="post" || $post->post_type !="custom_post_type" ) || $post->post_type !="custom_post_type_2" ) return $content;
    Please let us know if this doesn't work or if you have any confusion. We will be glad to help.

    Have a nice day. Cheers!
    Rupok

  • Adam

    This is the code I am using, before wp updated it used to hide all the posts not authored by the logged in user, but it would show all posts to the logged in administrator.

    <?php
    /**
    * Plugin Name: Hide posts from non author
    * Description: Adds a photoshoot page to BuddyPress profiles
    * Version: 1.0.0
    * License: GPLv2
    */

    add_filter( 'the_content', 'protect_posts_from_non_author' );

    function protect_posts_from_non_author( $content ){
    global $post;
    $user_id = get_current_user_id();
    //if( ! isset( $post->post_author ) || $user_id == $post->post_author || !( $post->post_type == "post" ) ) return $content;

    if( ! isset( $post->post_author ) || $user_id == $post->post_author || !($post->post_type == "post" || $post->post_type =="photoshoot" || $post->post_type =="model_download" )) return $content;

    return "Sorry, you are not allowed to see this post content";
    }

    function exclude_category( $query ) {

    $user_id = get_current_user_id();

    if ( !is_admin() && $query->is_post_type_archive('photoshoot') ){
    $query->set('author', $user_id );
    }
    if ( !is_admin() && $query->is_post_type_archive('model_download') ){
    $query->set('author', $user_id );
    }
    }
    add_action( 'pre_get_posts', 'exclude_category' );

  • Nithin

    Hi Adam,

    Hope you are doing good today. :slight_smile:

    Please replace the following, with the new condition, and check whether it works fine:
    if( ! isset( $post->post_author ) || $user_id == $post->post_author || !($post->post_type == "post" || $post->post_type =="photoshoot" || $post->post_type =="model_download" )) return $content;

    Please replace it with:

    if( ! isset( $post->post_author ) || $user_id == $post->post_author || !($post->post_type == "post" || !is_admin() || $post->post_type =="photoshoot" || $post->post_type =="model_download" )) return $content;

    Rest of your code does look fine, please let us know if you still need any further assistance. Have a nice day. :slight_smile:

    Kind Regards,
    Nithin

  • Rupok

    Hi Adam,

    This is really weird and should not happen. I just checked the code you provided (then updated it as Nithin suggested just above your last reply) here (https://premium.wpmudev.org/forums/topic/hide-posts-not-authored-by-user#post-1188669) on my test site and it's working perfectly, even in WordPress 4.7 . Admins can see all posts, but authors can see only their posts.

    So I'm not sure why this is behaving such in your site. Just to make sure no other plugin is causing this, can you please do a plugin conflict test? To know more about plugin conflict test, you can check this guide: http://premium.wpmudev.org/manuals/using-wpmu-dev/getting-support/

    I could tell you better about the issue if I could see it live, check your current configuration and make some tests on your site. Would you mind allowing Support Access so we can have a closer look at this?

    To enable support access you can follow this guide here:
    http://premium.wpmudev.org/manuals/wpmu-dev-dashboard-enabling-staff-login/

    Please confirm here when you are done granting Support Access. I'm looking forward to hearing from you and resolving this issue as soon as possible.

    Have a nice day. Cheers!
    Rupok

  • Nithin

    Hi Adam,

    Hope you are doing good today. :slight_smile:

    This is odd, I tested the above suggested code in my system, and it works fine without any issue. It seems to be a site specific issue. Is this a live site? Could I perform conflicts test, and see how that goes? Since it's a live site, I didn't perform plugin conflict test, to check how that goes.

    Could you please check whether switching to a default WordPress theme makes any difference? Please do let us know how how that goes, so that we could help get this sorted asap. Have a nice day. :slight_smile:

    Kind Regards,
    Nithin

  • Rupok

    Hi Adam,

    Thanks for confirming and granting Support Access. I could login fine without any issue. Now before I start plugin conflict test, can you please send me a message with FTP access credentials through our secure contact form here: https://premium.wpmudev.org/contact/ so we can change your plugin code and try to make it work on your site? This will be also helpful if anything goes wrong, we will be able to revert back.

    Subject: "Attn: Rupok"
    - FTP Username
    - FTP Password
    - FTP Host
    - Link back to this thread for reference
    - Any other relevant URLs

    Select "I have a different question" for your topic. This and the subject line ensure that it gets assigned to me.

    I'll jump in as soon as you confirm. I'm looking forward to hearing from you and resolving this issue as soon as possible.

    Have a nice day. Cheers!
    Rupok

  • Rupok

    Hi Adam,

    Thanks for sending all credentials. I edited your file and updated previous code with the following:

    add_filter( 'the_content', 'protect_posts_from_non_author' );
    
    function protect_posts_from_non_author( $content ){
    global $post;
    $user_id = get_current_user_id();
    
    $current_user = wp_get_current_user();
    	if (user_can( $current_user, 'administrator' )) {
    		return $content;
    	}else {
    		if( ! isset( $post->post_author ) || $user_id == $post->post_author || !($post->post_type == "post" || $post->post_type =="photoshoot" || $post->post_type =="model_download" )) return $content;
    
    		return "Sorry, you are not allowed to see this post content";
    	}
    }

    Now, these three are working:
    1. Shows All posts when logged in user is ADMIN
    2. Shows “Sorry, you are not allowed to see this post content” if user is NOT LOGGED IN
    3. Shows only posts authored by the LOGGED IN USER

    I've checked this on your site and it's working. Can you please check and confirm?

    I'm looking forward to hearing from you and resolving this issue as soon as possible.

    Have a nice day. Cheers!
    Rupok

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.