The basic approach is:
- register a function with the admin_menu event
- add your pages and sub-pages
- verify permissions
Read roles and capabilities in the Codex for details.
add_action('admin_menu', 'pluginprefix_admin_menu'); // 1
function pluginprefix_admin_menu() {
//2
$plugurl = plugin_dir_url( __FILE__ );
/*
add_menu_page( $page_title, $menu_title, $capability, $menu_slug,
$function, $icon_url, $position );
add_submenu_page( $parent_slug, $page_title, $menu_title, $capability,
$menu_slug, $function );
for example: */
add_menu_page( 'Statistikk', 'Statistikk', 'edit_plugins',
'pluginprefix_main', 'pluginprefix_page_main',
"$plugurl/img/stats-menu.png", 25);
add_submenu_page( 'pluginprefix_main', 'Statistikk - Instillinger',
'Instillinger', 'edit_plugins', 'pluginprefix_fields',
'pluginprefix_page_fields' );
function pluginprefix_page_main() {
// 3
if ( !current_user_can( 'manage_options' ) ) {
wp_die( __( 'You do not have sufficient permissions to access this page.' ));
}
include( MY_TEMPLATES . 'settings_page.tpl.php' );
}
. . .
I see. In that case;
- create a form with login / password fields, and post it to "wp-ajax".
- on the other end, compare the login and password with the stored and salted hashes.
- and finally set a session variable indicating that the user can browse a certain album.