You can do this without any plugins rather easily. If you’re only going to have a single page that needs to be accessed with an account created by you, try creating a page template with something like the below. Note: you should create any new account as a subscriber
.
<?php
/*
Template Name: Private Page
*/
get_header();
?>
<?php
if( current_user_can('subscriber') { ?>
// stuff here
<?php } else {
echo do_shortcode('[frontend-login-form]');
} ?>
<?php get_footer(); ?>
We have a shortcode in the example above, which comes from the code below which you should add to your functions.php
file.
function frontend_user_manager_init() {
add_shortcode( 'frontend-login-form', 'frontend_login_form' );
}
add_action('init', 'frontend_user_manager_init');
/**
* Print a login form or current user login
*
* @param array $atts An array of arguments
* @return string The form mark-up or the current user login
*/
function frontend_login_form( $atts ){
if( ! is_user_logged_in() ){
$args = array(
'echo' => false,
'remember' => true,
'redirect' => get_permalink(),
'form_id' => 'loginform',
'id_username' => 'user_login',
'id_password' => 'user_pass',
'id_remember' => 'rememberme',
'id_submit' => 'wp-submit',
'label_username' => __( 'Username' ),
'label_password' => __( 'Password' ),
'label_remember' => __( 'Remember Me' ),
'label_log_in' => __( 'Log In' ),
'value_username' => '',
'value_remember' => false
);
$output = wp_login_form( $args );
}else{
$current_user = wp_get_current_user();
$output="<p>" . sprintf( __( 'Howdy %s' ), $current_user->user_login ) . '</p>';
$output .= '<p>' . wp_loginout( get_permalink(), false ) . '</p>';
}
return $output;
}
// Process shortcodes in text widgets
add_filter('widget_text', 'do_shortcode');
The subscriber role has very limited access i.e. only allows the user to maintain their profile, however if you don’t want to allow this try adding the below code to your functions.php
file.
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) && ! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
wp_redirect( home_url() );
exit;
}
}