Login Start for free
Login Start for free
Blog / WordPress/ WordPress Developer Guide: How to Get Current User Role and Profile Information

WordPress Developer Guide: How to Get Current User Role and Profile Information

2020-04-22 · Ryan · Post Comment
WordPress 开发指南:如何获取当前登录用户的角色与资料信息

Introduction

When developing multi-user WordPress themes or plugins, you often need to customize interfaces, control permissions, or display personalized content based on the current logged-in user's role or profile information. This guide explains how to safely and correctly retrieve this information, providing modern code examples.

Getting the Current User's Role

User roles are central to WordPress's permission system. Here is a robust, compatibility-focused function to get the primary role of the currently logged-in user.

/**
 * Get the primary role of the currently logged-in user.
 *
 * @return string|bool Returns the user role name (e.g., 'administrator'), or false if the user is not logged in.
 */
function wpdocs_get_current_user_role() {
    if ( is_user_logged_in() ) {
        $user = wp_get_current_user();
        // $user->roles is an array; the first element is typically the primary role.
        $roles = (array) $user->roles;
        return ! empty( $roles ) ? $roles[0] : false;
    } else {
        return false;
    }
}

Usage

Add the code above to your theme's functions.php file, then call it in your template files:

<?php
$user_role = wpdocs_get_current_user_role();
if ( $user_role ) {
    echo 'Current user role: ' . esc_html( $user_role );
} else {
    echo 'User not logged in or role unavailable.';
}
?>

Getting Current User Profile Information

WordPress provides the wp_get_current_user() function to safely retrieve the current user object. Below is an example of how to access common profile fields.

<?php
if ( is_user_logged_in() ) {
    $current_user = wp_get_current_user();
    // Output user info, using escaping functions for security.
    echo 'User ID: ' . (int) $current_user->ID . "<br>";
    echo 'Username: ' . esc_html( $current_user->user_login ) . "<br>";
    echo 'Email: ' . esc_html( $current_user->user_email ) . "<br>";
    echo 'First Name: ' . esc_html( $current_user->user_firstname ) . "<br>";
    echo 'Last Name: ' . esc_html( $current_user->user_lastname ) . "<br>";
    echo 'Display Name: ' . esc_html( $current_user->display_name ) . "<br>";
    echo 'Nickname: ' . esc_html( $current_user->nickname ) . "<br>";
    // Get user avatar.
    echo get_avatar( $current_user->ID, 96 );
} else {
    echo 'User not logged in.';
}
?>

Important Notes and Best Practices

1. Security

When outputting user data to the page, always use escaping functions (like esc_html(), esc_attr()) to prevent Cross-Site Scripting (XSS) attacks. For integer IDs, use (int) for type casting.

2. Check Login Status

Always check if a user is logged in using is_user_logged_in() before attempting to retrieve user information. This avoids potential issues when calling related functions for non-logged-in users.

3. Avoid the Global $current_user Variable

Directly using global $current_user; and get_currentuserinfo(); is outdated. For WordPress 4.5 and later, use the wp_get_current_user() function. It internally handles the global variable and is clearer and safer.

Summary

Using wp_get_current_user() and is_user_logged_in(), you can safely and conveniently retrieve detailed profile and role information for logged-in users. Following the best practices above ensures your code is secure, compatible, and maintainable.

Post a Comment

Your email will not be published. Required fields are marked with *.