I wondered if someone here might be able to help.
Basically, I’ve created a custom registration form that when validated, inserts a user to the user table.
function _new_user($data) {
// Separate Data
$default_newuser = array(
'user_pass' => wp_hash_password( $data['user_pass']),
'user_login' => $data['user_login'],
'user_email' => $data['user_email'],
'first_name' => $data['first_name'],
'last_name' => $data['last_name'],
'role' => 'pending'
);
wp_insert_user($default_newuser);
}
Now, what I need it to do is rather than sent the confirmation e-mail which I know I can do with the following code.
wp_new_user_notification($user_id, $data['user_pass']);
I want to send a user activation e-mail instead. I’ve tried a few things but I cant seem to be able to find anything concrete. Hoping someone might have had this problem before.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
To accomplish user activation process you need to do following steps:
- after create new user add a custom user field which indicates that this user has to activate his account
- send an email with activation code, provide a link in this email to a page where user will be activated
- implement activation page
- when user attempts to log in check if that custom user field exists or not. If it exists then do not log him in and show activation error message instead.
Add custom field and send email:
function _new_user($data) {
// Separate Data
$default_newuser = array(
'user_pass' => wp_hash_password( $data['user_pass']),
'user_login' => $data['user_login'],
'user_email' => $data['user_email'],
'first_name' => $data['first_name'],
'last_name' => $data['last_name'],
'role' => 'pending'
);
$user_id = wp_insert_user($default_newuser);
if ( $user_id && !is_wp_error( $user_id ) ) {
$code = sha1( $user_id . time() );
$activation_link = add_query_arg( array( 'key' => $code, 'user' => $user_id ), get_permalink( /* YOUR ACTIVATION PAGE ID HERE */ ));
add_user_meta( $user_id, 'has_to_be_activated', $code, true );
wp_mail( $data['user_email'], 'ACTIVATION SUBJECT', 'CONGRATS BLA BLA BLA. HERE IS YOUR ACTIVATION LINK: ' . $activation_link );
}
}
Check user activation on login:
// override core function
if ( !function_exists('wp_authenticate') ) :
function wp_authenticate($username, $password) {
$username = sanitize_user($username);
$password = trim($password);
$user = apply_filters('authenticate', null, $username, $password);
if ( $user == null ) {
// TODO what should the error message be? (Or would these even happen?)
// Only needed if all authentication handlers fail to return anything.
$user = new WP_Error('authentication_failed', __('<strong>ERROR</strong>: Invalid username or incorrect password.'));
} elseif ( get_user_meta( $user->ID, 'has_to_be_activated', true ) != false ) {
$user = new WP_Error('activation_failed', __('<strong>ERROR</strong>: User is not activated.'));
}
$ignore_codes = array('empty_username', 'empty_password');
if (is_wp_error($user) && !in_array($user->get_error_code(), $ignore_codes) ) {
do_action('wp_login_failed', $username);
}
return $user;
}
endif;
Activation page:
add_action( 'template_redirect', 'wpse8170_activate_user' );
function wpse8170_activate_user() {
if ( is_page() && get_the_ID() == /* YOUR ACTIVATION PAGE ID HERE */ ) {
$user_id = filter_input( INPUT_GET, 'user', FILTER_VALIDATE_INT, array( 'options' => array( 'min_range' => 1 ) ) );
if ( $user_id ) {
// get user meta activation hash field
$code = get_user_meta( $user_id, 'has_to_be_activated', true );
if ( $code == filter_input( INPUT_GET, 'key' ) ) {
delete_user_meta( $user_id, 'has_to_be_activated' );
}
}
}
}
This is your starting point, go ahead and adjust it for your needs.
Method 2
Two options to choose from:
- Use a plugin, for example User activation email or New User Approve
- Code this yourself.
Some functions that should get you started:
- wp_mail() to send the email,
- add_user_meta() to save a activation key for the user,
- generate a link containing the key and place it in the email, create a page in wordpress which catches your key-param (for example using add_shortcode()),
- use get_user_meta() to check the activation key against the one stored in the db, place another user meta key to mark this user as activated if successfull,
- add a function to the authenticate filter to prevent any user which is not activated from logging in.
Method 3
You can get the user_id by doing this while authentication:
$username='user email provided by the user at login panel.';
$results = $wpdb->get_row( "SELECT ID FROM wp_users WHERE user_email='".$username."'");
$activation_id = $results->ID;
$activation_key = get_user_meta( $activation_id, 'has_to_be_activated', true );
if($activation_key != false )
{
echo '<h4 class="error">Your account has not been activated yet.<br /> To activate it check your email and clik on the activation link.</h4>';
}
else{
//authenticate your user login here...
}
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0