Blog

NextGEN Gallery – Restrict gallery access to specific users

Anyone using WordPress will most likely be aware of the NextGEN Gallery plugin as the most popular and widely used plugin for managing photo and image galleries. I’ve used it on a number of sites and love the way it is easily installed, managed and customised to provide unique and beautiful ways of displaying photos. The admin interface is also easy to use and allows for really handy features such as uploading photos in a ZIP file, automatic resizing of images to avoid long page load times, automatic thumbnail generation and even watermarking.

Recently however, a photographer client asked me if she could have client-only galleries on her site, where a client would login and view only their own photos prior to ordering their favourites. This seemed like a reasonable sort of feature to request, but I wasn’t able to find anything out there in the WordPress world to achieve it. The User Access Manager plugin looked perfect, but it hasn’t been updated in over 2 years and is no longer compatible with current versions of NextGEN Gallery.

After looking around for a while and evaluating a few options, I was able to come up with a neat solution that works well for my client and I thought I would post it in case it may help others also.

Step 1:

Install the NextGEN Gallery Custom Fields plugin. This plugin, like it says, allows you to create custom fields for your NGG galleries and images. For our purposes we only need to add one new field to each gallery, to allow an admin user to specify which user the gallery should be restricted to.

After installing, click on the NGG Custom Fields link in the menu and choose the Gallery Custom Fields option. I gave my field a display name of ‘Restrict to user’ and made it a text field, showing on all galleries which are client-only. New galleries will include this field by default which is what we want.

Step 2:

Install the User Specific Content plugin. This plugin, like it says, allows you to restrict access to certain posts/pages/content according to a user’s role or username. The plugin would probably provide a solution for my photographer client by itself, if she created a separate page for each client-only gallery and added it to her menu each time. I preferred to create a single client access page, however, and only list the galleries there which the logged in user should see. This simplifies the menu and avoids the need for lots of extra pages.

Once installed, I configured the plugin to style the login box and adjust the ‘blocked’ message to suit my needs.

Step 3:
Create a page where your restricted galleries will display. Mine is called ‘Client Area’. In the page content, I want to tell NGG which album of galleries to display, so I use the shortcode:

[album id=2 template=client]

This album will contain all of the client galleries to which I want to restrict access. By specifying the template to use, we can take advantage of the easy customisability of NextGEN Gallery and create a custom template which will display only the right galleries within this album for the current user.

I also need to tell the USC plugin that this page is one containing restricted content, so underneath the content window add a custom field with a name of block and a value of true.

Step 4:

This is where the custom code comes in to link the two plugins together and allow clients who login to see their private galleries. You’ll need to create a template called album-client.php with the following content:

<?php
/**
 Template Page for the album overview (extended)
 Restricts view of galleries only to admin users or users set via NextGEN Custom Field
Follow variables are useable :
$album : Contain information about the album
 $galleries : Contain all galleries inside this album
 $pagination : Contain the pagination content
You can check the content when you insert the tag <?php var_dump($variable) ?>
 If you would like to show the timestamp of the image ,you can use <?php echo $exif['created_timestamp'] ?>
 **/
 ?>
 <?php if (!defined ('ABSPATH')) die ('No direct access allowed'); ?><?php if (!empty ($galleries)) : ?>
<div class="ngg-albumoverview">
 <!-- List of galleries -->
 <?php global $current_user; get_currentuserinfo(); ?>
 <?php foreach ($galleries as $gallery) : ?>
<?php $restrictUser = nggcf_get_gallery_field($gallery->gid, "Restrict to user");
 //echo "Current username = " . $current_user->user_login . ". Gallery is restricted to user = " . $restrictUser;
 ?>
<?php if (current_user_can( 'add_users' ) || $restrictUser == $current_user->user_login) { ?>
 <div class="ngg-album">
 <div class="ngg-albumtitle"><a href="<?php echo $gallery->pagelink ?>"><?php echo $gallery->title ?></a></div>
 <div class="ngg-albumcontent">
 <div class="ngg-thumbnail">
 <a href="<?php echo $gallery->pagelink ?>"><img class="Thumb" alt="<?php echo $gallery->title ?>" src="<?php echo $gallery->previewurl ?>"/></a>
 </div>
 <div class="ngg-description">
 <p><?php echo $gallery->galdesc ?></p>
 <?php if (0 == 1 && $gallery->counter > 0) : ?>
 <p><strong><?php echo $gallery->counter ?></strong> <?php _e('Photos', 'nggallery') ?></p>
 <?php endif; ?>
 </div>
 </div>
 </div>
 <?php } ?>
<?php endforeach; ?>
<!-- Pagination -->
 <?php echo $pagination ?>
</div>
<?php endif; ?>

Line 27 is the important one – it gets the username of the current user and compares it to the value of the custom field we created in Step 1. If they match, or this is an admin user, the gallery will be displayed, otherwise not.

Copy this file to

wp-content/plugins/nextgen-gallery/view

or even better, create a folder called nggallery within your theme and copy it there to avoid being overwritten when upgrading the NextGEN Gallery plugin.

Step 5:

Now we can create our client specific galleries. Use NGG to create a new gallery (or use an existing one) and upload some photos into it. When you select Manage Gallery and click on the name of your client gallery the admin window will show a new section called Custom Columns, which contains your new custom field, which I called ‘Restrict to user’. In this field type the username of the client to which you want to restrict access, then go and create a Subscriber user with this username if there isn’t one already.

In the ‘Album’ NGG menu option, make sure this client gallery is contained in the album that you specified in step 3.

 

That’s it! If you log out and go to your new Client Area page, you should see a login box. Login as the user you created in step 5 and you should see the client gallery created for this user. Log in as someone else (not an admin user as they see all galleries) and this gallery will disappear.

Was this post useful, clear, or just confusing? Leave me a reply below and I’ll try to help out.