5 years, 1 month ago
I’m using buddypress as a recruiting platform where people have a form with xprofile fields to complete a complex CV. I want all the data (even members list) to be private, I just want the user to be able to see his own data and delete or modify it.
Only admin should be able to see the member list in order to select profiles when necessary.
To do so, I have set almost all fields to “Only me” and limited access to public areas in the following way:
/* Prevent logged out users from accessing bp activity page and other profiles*/
// The user ID of the currently logged in user
$current_user_id = (int) trim($bp->loggedin_user->id);
// The author that we are currently viewing
$author_id = (int) trim($bp->displayed_user->id);
if ( !current_user_can( 'manage_options' ) )
if( bp_is_activity_component() || bp_is_groups_component() || bp_is_group_forum() || bp_is_page( BP_MEMBERS_SLUG ) || ($current_user_id !== $author_id && $author_id != 0))
wp_redirect( get_option('siteurl') );
For me it works fine, but I’m new at Buddypress, and I wonder if I’m missing something.
Is there any backdoor that I have forgot?
Should I limit something else?
To preserve this info is crucial for me.
See also: WordPress.org •
Follow BuddyPress on Twitter •
Contact Us •
Terms of Service