User Management
Comprehensive user administration tools for WordPress sites
User Management
Manage WordPress users efficiently with our comprehensive user administration tools. Handle user roles, permissions, bulk operations, and user analytics.
User Roles and Capabilities
Default WordPress Roles
Administrator
- Full Access: Complete control over the site
- Plugin Management: Install, activate, deactivate plugins
- Theme Management: Upload and manage themes
- User Management: Add, edit, remove users
- Settings Access: Modify all site settings
Editor
- Content Management: Publish and manage all content
- User Moderation: Moderate comments and user content
- Category Management: Create and manage categories
- Page Management: Full page editing capabilities
Author
- Personal Content: Publish and manage own posts
- Media Upload: Upload and manage personal media
- Profile Management: Edit own profile and settings
- Basic Analytics: View personal content statistics
Contributor
- Content Creation: Write and edit own posts
- Media Upload: Upload personal media files
- Limited Publishing: Submit posts for review
- Profile Access: Manage own profile only
Subscriber
- Profile Management: Edit own profile
- Content Reading: Read site content
- Comment Access: Post and manage own comments
- Limited Access: Minimal site interaction
Custom Roles
// Register custom user role
function add_custom_roles() {
add_role(
'content_manager',
__('Content Manager'),
array(
'read' => true,
'edit_posts' => true,
'edit_pages' => true,
'publish_posts' => true,
'manage_categories' => true,
'upload_files' => true,
)
);
}
add_action('init', 'add_custom_roles');Bulk User Operations
Bulk User Creation
// Bulk create users from CSV
function bulk_create_users($csv_data) {
$created = 0;
$errors = array();
foreach ($csv_data as $user_data) {
$user_id = wp_create_user(
$user_data['username'],
$user_data['password'],
$user_data['email']
);
if (is_wp_error($user_id)) {
$errors[] = $user_id->get_error_message();
} else {
// Set user meta
update_user_meta($user_id, 'first_name', $user_data['first_name']);
update_user_meta($user_id, 'last_name', $user_data['last_name']);
// Set user role
$user = new WP_User($user_id);
$user->set_role($user_data['role']);
$created++;
}
}
return array('created' => $created, 'errors' => $errors);
}Bulk User Updates
// Bulk update user roles
function bulk_update_user_roles($user_ids, $new_role) {
$updated = 0;
foreach ($user_ids as $user_id) {
$user = new WP_User($user_id);
$user->set_role($new_role);
$updated++;
}
return $updated;
}
// Bulk update user meta
function bulk_update_user_meta($user_ids, $meta_key, $meta_value) {
$updated = 0;
foreach ($user_ids as $user_id) {
update_user_meta($user_id, $meta_key, $meta_value);
$updated++;
}
return $updated;
}Bulk User Deletion
// Bulk delete users with reassignment
function bulk_delete_users($user_ids, $reassign_to = null) {
$deleted = 0;
foreach ($user_ids as $user_id) {
if ($reassign_to) {
// Reassign content before deletion
wp_delete_user($user_id, $reassign_to);
} else {
wp_delete_user($user_id);
}
$deleted++;
}
return $deleted;
}User Analytics and Reporting
User Activity Tracking
// Track user login activity
function track_user_login($user_login, $user) {
update_user_meta($user->ID, 'last_login', current_time('mysql'));
update_user_meta($user->ID, 'login_count', (get_user_meta($user->ID, 'login_count', true) ?: 0) + 1);
// Log login activity
global $wpdb;
$wpdb->insert(
$wpdb->prefix . 'user_activity_log',
array(
'user_id' => $user->ID,
'activity_type' => 'login',
'activity_time' => current_time('mysql'),
'ip_address' => $_SERVER['REMOTE_ADDR']
)
);
}
add_action('wp_login', 'track_user_login', 10, 2);User Engagement Metrics
// Get user engagement statistics
function get_user_engagement_stats($user_id) {
$stats = array(
'posts_count' => count_user_posts($user_id),
'comments_count' => get_comments(array('user_id' => $user_id, 'count' => true)),
'last_login' => get_user_meta($user_id, 'last_login', true),
'login_count' => get_user_meta($user_id, 'login_count', true) ?: 0,
'profile_completeness' => calculate_profile_completeness($user_id)
);
return $stats;
}
function calculate_profile_completeness($user_id) {
$user = get_userdata($user_id);
$required_fields = array('first_name', 'last_name', 'description');
$completed = 0;
foreach ($required_fields as $field) {
if (!empty($user->$field)) {
$completed++;
}
}
return round(($completed / count($required_fields)) * 100);
}User Permissions and Access Control
Advanced Permission Management
// Create custom capabilities
function add_custom_capabilities() {
$roles = array('administrator', 'editor', 'content_manager');
foreach ($roles as $role) {
$role_obj = get_role($role);
if ($role_obj) {
$role_obj->add_cap('manage_content_blocks');
$role_obj->add_cap('edit_theme_options');
}
}
}
add_action('init', 'add_custom_capabilities');
// Remove capabilities
function remove_user_capabilities($user_id) {
$user = new WP_User($user_id);
$user->remove_cap('manage_options');
$user->remove_cap('edit_theme_options');
}Content Access Restrictions
// Restrict content access by user role
function restrict_content_access($content) {
if (is_single() && !current_user_can('read_private_posts')) {
$content = '<p>This content is restricted. Please log in to view.</p>';
}
return $content;
}
add_filter('the_content', 'restrict_content_access');
// Category-based access control
function restrict_category_access($query) {
if (!current_user_can('read_restricted_content') && !is_admin()) {
$query->set('cat', '-123'); // Exclude restricted category
}
return $query;
}
add_action('pre_get_posts', 'restrict_category_access');User Import and Export
CSV User Import
function import_users_from_csv($csv_file_path) {
$imported = 0;
$errors = array();
if (($handle = fopen($csv_file_path, 'r')) !== false) {
$headers = fgetcsv($handle); // Skip header row
while (($data = fgetcsv($handle)) !== false) {
$user_data = array_combine($headers, $data);
$user_id = wp_insert_user(array(
'user_login' => $user_data['username'],
'user_email' => $user_data['email'],
'user_pass' => wp_generate_password(),
'first_name' => $user_data['first_name'],
'last_name' => $user_data['last_name'],
'role' => $user_data['role'] ?: 'subscriber'
));
if (is_wp_error($user_id)) {
$errors[] = $user_id->get_error_message();
} else {
$imported++;
}
}
fclose($handle);
}
return array('imported' => $imported, 'errors' => $errors);
}User Data Export
function export_users_to_csv($role = null) {
$args = array('fields' => 'all');
if ($role) {
$args['role'] = $role;
}
$users = get_users($args);
$csv_data = array();
// Add headers
$csv_data[] = array('ID', 'Username', 'Email', 'First Name', 'Last Name', 'Role', 'Registered');
// Add user data
foreach ($users as $user) {
$csv_data[] = array(
$user->ID,
$user->user_login,
$user->user_email,
$user->first_name,
$user->last_name,
implode(', ', $user->roles),
$user->user_registered
);
}
return $csv_data;
}User Session Management
Session Control
// Force logout all users
function force_logout_all_users() {
$sessions = WP_Session_Tokens::get_instance(get_current_user_id());
$sessions->destroy_all();
}
// Set custom session timeout
function set_custom_session_timeout($expiration) {
return $expiration; // Return custom expiration time in seconds
}
add_filter('auth_cookie_expiration', 'set_custom_session_timeout');Concurrent Session Limits
function limit_user_sessions($user_id) {
$sessions = WP_Session_Tokens::get_instance($user_id);
$all_sessions = $sessions->get_all();
if (count($all_sessions) > 3) { // Allow max 3 concurrent sessions
// Remove oldest session
$oldest_session = min(array_keys($all_sessions));
$sessions->destroy($oldest_session);
}
}
add_action('set_auth_cookie', 'limit_user_sessions');User Communication
Bulk Email System
function send_bulk_email_to_users($user_ids, $subject, $message) {
$sent = 0;
$failed = 0;
foreach ($user_ids as $user_id) {
$user = get_userdata($user_id);
if ($user) {
$email_sent = wp_mail($user->user_email, $subject, $message);
if ($email_sent) {
$sent++;
} else {
$failed++;
}
}
}
return array('sent' => $sent, 'failed' => $failed);
}User Notification System
// Send notification on role change
function notify_role_change($user_id, $new_role) {
$user = get_userdata($user_id);
$site_name = get_bloginfo('name');
$subject = "Role Updated - {$site_name}";
$message = "
<h3>Hello {$user->display_name},</h3>
<p>Your role has been updated to: <strong>{$new_role}</strong></p>
<p>If you have any questions, please contact the site administrator.</p>
<p>Best regards,<br>{$site_name} Team</p>
";
wp_mail($user->user_email, $subject, $message, array('Content-Type: text/html; charset=UTF-8'));
}
add_action('set_user_role', 'notify_role_change', 10, 2);Security Features
Password Policies
// Enforce strong passwords
function enforce_strong_passwords($errors, $update, $user) {
if ($update && !empty($_POST['pass1'])) {
$password = $_POST['pass1'];
// Check password strength
if (strlen($password) < 8) {
$errors->add('password_too_short', 'Password must be at least 8 characters long.');
}
if (!preg_match('/[A-Z]/', $password)) {
$errors->add('password_no_uppercase', 'Password must contain at least one uppercase letter.');
}
if (!preg_match('/[a-z]/', $password)) {
$errors->add('password_no_lowercase', 'Password must contain at least one lowercase letter.');
}
if (!preg_match('/[0-9]/', $password)) {
$errors->add('password_no_number', 'Password must contain at least one number.');
}
}
return $errors;
}
add_filter('user_profile_update_errors', 'enforce_strong_passwords', 10, 3);Account Security
// Lock account after failed login attempts
function track_failed_logins($username) {
$failed_attempts = get_transient('failed_login_' . $username) ?: 0;
$failed_attempts++;
if ($failed_attempts >= 5) {
// Lock account for 1 hour
set_transient('locked_account_' . $username, true, HOUR_IN_SECONDS);
// Send notification to admin
wp_mail(
get_option('admin_email'),
'Account Locked Due to Failed Logins',
"Account {$username} has been locked due to 5 failed login attempts."
);
} else {
set_transient('failed_login_' . $username, $failed_attempts, 15 * MINUTE_IN_SECONDS);
}
}
add_action('wp_login_failed', 'track_failed_logins');User Interface Enhancements
Admin Dashboard Customizations
// Add custom user management columns
function add_user_management_columns($columns) {
$columns['last_login'] = 'Last Login';
$columns['login_count'] = 'Login Count';
$columns['role_status'] = 'Role Status';
return $columns;
}
add_filter('manage_users_columns', 'add_user_management_columns');
// Populate custom columns
function populate_user_management_columns($value, $column_name, $user_id) {
switch ($column_name) {
case 'last_login':
return get_user_meta($user_id, 'last_login', true) ?: 'Never';
case 'login_count':
return get_user_meta($user_id, 'login_count', true) ?: 0;
case 'role_status':
$user = get_userdata($user_id);
return implode(', ', $user->roles);
default:
return $value;
}
}
add_filter('manage_users_custom_column', 'populate_user_management_columns', 10, 3);Best Practices
User Management Best Practices
- Regular Audits: Review user accounts periodically
- Role Minimization: Use principle of least privilege
- Access Logging: Monitor user activities
- Regular Cleanup: Remove inactive accounts
- Security Training: Educate users about security
Performance Optimization
- Database Indexing: Optimize user-related queries
- Caching: Cache user data and permissions
- Bulk Operations: Use bulk operations for efficiency
- Lazy Loading: Load user data on demand
Compliance and Privacy
- GDPR Compliance: Handle user data appropriately
- Privacy Settings: Respect user privacy preferences
- Data Retention: Implement data retention policies
- Consent Management: Manage user consents
Comprehensive WordPress user management made efficient and secure.