This tutorial explains the process behind writing a Maintenance Mode plugin for WordPress such as the one I released a few days ago: CGC Maintenance Mode. The final result of this tutorial will give you an advanced plugin capable of putting your site into maintenance mode, while allowing authorized users to view the site normally, so that you can perform updates on your theme, plugins, content, or whatever you need to do.
As the video describes everything in detail, I will be a bit more spare on the details in the written portion, so I advise you to watch the video, then proceed to copying/writing all of the code below.
The Main Plugin File
The main file of our plugin, which I have called “maintenance-mode.php”, is placed inside of the “maintenance-mode” folder and has the following contents:
First is just the normal WordPress plugin header comments. These define the file as a plugin and sets up the author and plugin information. Next, we setup our global variable “$cmm_options” and load the plugin settings into it.
After we have defined the global settings variable, we include our additional files into the main plugin file. This is done in order to keep our plugin code cleaner and more organized.
That’s it for this file.
The Plugin Admin Page File
Now, inside of the “admin-page.php” file, which we have placed inside of the “includes” folder, we have three functions. The first is the function that outputs all of the HTML for our admin page, including the settings forms.
This function is using the WordPress Settings API. I’m not going to explain how the settings API works (it’s rather involved), so I suggest you read about it at the link I provided if you are not familiar with it.
The second function in the “admin-page.php” file is the one that will register our settings with WordPress so that they can be used (and modified) in the function above.
Now we have just one more function for our admin page. This next function is the one that will add a menu link to the Settings Menu and link it to our first function (that outputs the HTML).
That’s it for the “admin-page.php” file.
The Restrict Access File
This is our final file in our plugin and it’s called “restrict-access.php”, and it’s inside the “includes” folder.
There are two functions in this file, one that takes care of redirecting users who are not authorized (based on their IP address), and one that checks the current visitor’s IP address against and array of authorized IPs.
First is our function that takes care of the redirects: cmm_restrict_access
This function does a few of things. First, it checks to see if maintenance mode is enabled and only proceeds if it is. Second, it grabs all of the IP addresses entered on the settings page and puts them into an array. Third, it checks to see whether unauthorized users should be redirected to a WordPress page or an external URL. Next, it checks to see whether the current visitor’s IP address is allowed, and then, lastly, redirects non-authorized users to either the specified page or external URL.
I’ve connected this function to the “template_redirect” hook because it makes it so the function runs every time any post or page is loaded in WordPress. This ensures that users are never able to get past it if they’re not supposed to be allowed in.
The second function is the one that does the actual IP comparison test. It’s very simple and merely checks whether the current visitor’s IP matches any of those in the provided array.
Wrap Up
That’s it, your plugin is now complete. While simple, it’s very powerful and can be extremely useful for times you need to perform updates on your website without risking your users seeing things they’re not supposed to. It’s also a great tool to use if you ever update a plugin or theme and have something suddenly break. You can throw this plugin up there really quick to let your users know you are undergoing maintenance and that you’ll be right back; a much better solution than those nasty internal server errors.
I hope you take this, expand on it, and make something even cooler. Please let me know what you think in the comments, and feel free to ask if you have any questions.
You can view the plugin this tutorial is based on here, and even download it for free!
Good tutorial. I would just add output sanitization to the admin settings page: http://codex.wordpress.org/Data_Validation#Output_Sanitation
Thanks for the feedback, and you are absolutely right.
add_submenu_function should be add_submenu_page, yes?
Another great Tutorial!
Correct, thanks for catching that.