I am creating user specific content using ACF User field to determine which user can see what. My code below is working perfectly to show the correct content to the user selected and something different to everyone else -
<?php
$client = get_field('client');
$userID = $client['ID'];
$user_id = get_current_user_id();
if ($user_id == $userID ) {
echo 'YOUR OWN PAGE';
} else {
echo 'NOT YOUR PAGE';
}
?>
However I need to simply add an 'or' statement so any user that is an admin can see all content regardless of who they are, something like below (which doesn't work) -
if ($user_id == $userID ) || is_admin() {
All help is greatly appreciated.
Your brackets are wrong that is all.
if ($user_id == $userID || is_admin() ) {
This assumes the is_admin() function works though :)
While Christian's answer fixes the typo in the question, it doesn't provide a working solution.
The documentation for is_admin() states the following:
This Conditional Tag checks if the Dashboard or the administration panel is attempting to be displayed. It should not be used as a means to verify whether the current user has permission to view the Dashboard or the administration panel (try current_user_can() instead). This is a boolean function that will return true if the URL being accessed is in the admin section, or false for a front-end page.
And further down in the notes section:
is_admin() is not intended to be used for security checks. It will return true whenever the current URL is for a page on the admin side of WordPress. It does not check if the user is logged in, nor if the user even has access to the page being requested. It is a convenience function for plugins and themes to use for various purposes, but it is not suitable for validating secured requests.
I do understand the logic that could lead one to think that is_admin() checks if the current user is an administrator. However, checking with the WordPress documentation(and I have to say it's really good for commonly used functions) is always a good idea.
Now that we've got that out of the way, there are two simple options that you can use in order to figure out if the current user has administrator privileges:
1. If you're not going to use WordPress Multisite, or if you will want to only allow Super Administrators to see the content
Determine if user is a network (super) admin. Will also check if user is admin if network mode is disabled.
You can pass the ID of a given user to the function, or in your case just do this:
if ( $user_id == $userID || is_super_admin() ) {
2. If you're going to use WordPress Multisite and you will want to allow Super Administrators and site Administrators to see the content
We can create our own function that works very similar to is_super_admin(), except for in a Multisite environment it also checks if the current user is an administrator(in the is_super_admin() function, this is defined by the user having the delete_users capability). Here's the code:
function my_is_user_admin( $user_id = false ) {
if ( ! $user_id || $user_id == get_current_user_id() ) {
$user = wp_get_current_user();
} else {
$user = get_userdata( $user_id );
}
if ( ! $user || ! $user->exists() ) {
return false;
}
if ( is_multisite() ) {
$super_admins = get_super_admins();
if ( ( is_array( $super_admins ) && in_array( $user->user_login, $super_admins ) ) || $user->has_cap( 'delete_users' ) ) {
return true;
}
} else {
if ( $user->has_cap( 'delete_users' ) ) {
return true;
}
}
return false;
}
There is also an alternative solution, which could be more extendable - you can create your own capability and assign it to the Administrator role. That way if for some reason I want to give someone access to all content, but don't want to make them an Administrator on my site, I can just add that particular capability to that particular user(can't find a free plugin at the moment, but there are ways to do it).
This question has decent answers on how to add a custom capability - https://wordpress.stackexchange.com/questions/35165/how-do-i-create-a-custom-role-capability - should you choose to go that way.