I've found the following code that places custom fields into a user's profile:

<?php   
function extra_user_profile_fields( $user ) {
?>
<h3><?php _e("Roof Asset Information", "blank"); ?></h3>

<table class="form-table">
<tr>
<th><label for="facility"><?php _e("Facility"); ?></label></th>
<td>
<input type="text" name="facility" id="facility" value="<?php echo esc_attr(        
get_the_author_meta( 'facility', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the facility name."); ?></span>
</td>
</tr>
<tr>
<th><label for="roofsection"><?php _e("Roof Section"); ?></label></th>
<td>
<input type="text" name="roofsection" id="roofsection" value="<?php echo esc_attr(     
get_the_author_meta( 'roofsection', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the roof section."); ?></span>
</td>
</tr>
<tr>
<th><label for="footage"><?php _e("Sq. Feet"); ?></label></th>
<td>
<input type="text" name="footage" id="footage" value="<?php echo esc_attr(    
get_the_author_meta( 'footage', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the square footage."); ?></span>
</td>
</tr>

</table>
<?php }

add_action( 'personal_options_update', 'save_extra_user_profile_fields' );
add_action( 'edit_user_profile_update', 'save_extra_user_profile_fields' );

function save_extra_user_profile_fields( $user_id ) {

if ( !current_user_can( 'edit_user', $user_id ) ) { return false; }

update_user_meta( $user_id, 'facility', $_POST['facility'] );
update_user_meta( $user_id, 'roofsection', $_POST['roofsection'] );
update_user_meta( $user_id, 'footage', $_POST['footage'] );

}    

Is there a way to add extra functionality to this code that makes it so only administrators can edit the custom fields?

I've found the following code that places custom fields into a user's profile:

<?php   
function extra_user_profile_fields( $user ) {
?>
<h3><?php _e("Roof Asset Information", "blank"); ?></h3>

<table class="form-table">
<tr>
<th><label for="facility"><?php _e("Facility"); ?></label></th>
<td>
<input type="text" name="facility" id="facility" value="<?php echo esc_attr(        
get_the_author_meta( 'facility', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the facility name."); ?></span>
</td>
</tr>
<tr>
<th><label for="roofsection"><?php _e("Roof Section"); ?></label></th>
<td>
<input type="text" name="roofsection" id="roofsection" value="<?php echo esc_attr(     
get_the_author_meta( 'roofsection', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the roof section."); ?></span>
</td>
</tr>
<tr>
<th><label for="footage"><?php _e("Sq. Feet"); ?></label></th>
<td>
<input type="text" name="footage" id="footage" value="<?php echo esc_attr(    
get_the_author_meta( 'footage', $user->ID ) ); ?>" class="regular-text" /><br />
<span class="description"><?php _e("Please enter the square footage."); ?></span>
</td>
</tr>

</table>
<?php }

add_action( 'personal_options_update', 'save_extra_user_profile_fields' );
add_action( 'edit_user_profile_update', 'save_extra_user_profile_fields' );

function save_extra_user_profile_fields( $user_id ) {

if ( !current_user_can( 'edit_user', $user_id ) ) { return false; }

update_user_meta( $user_id, 'facility', $_POST['facility'] );
update_user_meta( $user_id, 'roofsection', $_POST['roofsection'] );
update_user_meta( $user_id, 'footage', $_POST['footage'] );

}    

Is there a way to add extra functionality to this code that makes it so only administrators can edit the custom fields?

• users
• profiles

Share Improve this question edited Mar 26, 2019 at 15:00 br3t 11377 bronze badges asked Aug 13, 2012 at 17:42 lowestofthekeyslowestofthekeys 1122 bronze badges 1

• this code should prevent non admins from updating facility,roofsection and footage fields. – Amit Kosti Commented Aug 13, 2012 at 17:50

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 1

<input type="text" name="facility" id="facility" value="<?php echo esc_attr(        
get_the_author_meta( 'facility', $user->ID ) ); ?>"  
<?php if (!is_admin()) { echo 'disabled="disabled"'; }
class="regular-text" /><br />
<span class="description"><?php _e("Please enter the facility name."); ?></span>

Add this third line to all your inputs that you don't want the non-admins to edit.