Description
Allows you to limit the fields which can be output by the ACF Shortcode. Returning true from this filter will prevent the value being output by the shortcode.
Changelog
- Added in version 6.2.7
Parameters
apply_filters( 'acf/shortcode/prevent_access', $access_prevented, $atts, $decoded_post_id, $decoded_post_type, $field_type, $field )
$access_prevented
(boolean) The current access disabled state. False by default, will be true if another filter has prevented access to the requested field value.$atts
(array) The full array of attributes provided as part of the shortcode. This array is likely to containfield
as per the shortcode documentation$decoded_post_id
(int|string) This is the decoded ID for the item being retrieved. It may be a user ID, a term ID, an option page prefix or any ID of any other place where ACF can store data; use with$decoded_post_type
to know which.$decoded_post_type
(string) A string containing the type of object being queried. post, term, comment, option, or user$field_type
(string) A string of the field type being slug being output. For example,text
ortext_area
$field
(array) The full array of the field object, including its value.
Example: Deny access to options pages
This example prevents the ACF Shortcode outputting any values stored in an options page.
functions.php
<?php
function my_acf_prevent_access_to_options( $access_prevented, $atts, $decoded_post_id, $decoded_post_type ) {
if ( 'option' === $decoded_post_type ) {
return true;
}
return $access_prevented;
}
add_filter( 'acf/shortcode/prevent_access', 'my_acf_prevent_access_to_options', 10, 4 );
Example: Deny access to field values on private posts
This example prevents the ACF Shortcode outputting any values stored in a post which is not publicly visible.
Please note: Since ACF 6.3.4, this behaviour has become default.
functions.php
<?php
function my_acf_prevent_access_to_fields_on_private_posts( $access_prevented, $atts, $decoded_post_id, $decoded_post_type ) {
if ( 'post' === $decoded_post_type && ! is_post_publicly_viewable( $decoded_post_id ) ) {
return true;
}
return $access_prevented;
}
add_filter( 'acf/shortcode/prevent_access', 'my_acf_prevent_access_to_fields_on_private_posts', 10, 4 );
Example: Deny access to every field apart from “my_field_name”
This example prevents the ACF Shortcode outputting any values other than the “my_field_name” field.
functions.php
<?php
function my_acf_prevent_access_to_all_but_one_field( $access_prevented, $atts, $decoded_post_id, $decoded_post_type, $field_type, $field_array ) {
if ( 'my_field_name' === $field_array['name'] ) {
return false;
}
return true;
}
add_filter( 'acf/shortcode/prevent_access', 'my_acf_prevent_access_to_all_but_one_field', 10, 6 );