I am building a website using Woocommerce.By default the username is the customer username.I want to provide the users the feature to login through their phone number also. How can i do that? Please help!
This is possible. But I think not a good idea.. Imagine 2 users shares the same number.
But if you can manage to make the phone number unique, you can try something like this with WooCommerce login form.
add_filter('woocommerce_login_credentials','woocommerce_login_credentials', 10, 1);
function woocommerce_login_credentials($creds){
$username = trim( $_POST['username'] );
if (is_numeric($username)){ // assumes only numeric are allowed. You can do your own logic here.
$user = get_users(array(
'meta_query' => array(
array(
'key' => 'billing_phone',
'value' => $username,
'compare' => 'LIKE',
),
)
));
$creds['user_login'] = $user[0]->data->user_login;
}
return $creds;
}
This code is using the billing phone number. If this phone number belongs to a lot of users, only the first user that the query gets will be used. What this code do is, it gets the user_login of the user using the given phone number. Then use that as username to logged in. You can still use the username/email as login with this code.
This answer demonstrate only that it can be done. I won't advice you doing so.
Related
I'm looking to allow a user to create their own password on a custom front-end registration form.
I've created a front-end user registration form with ACF.
Currently the password is generated on the backend like so:
$password = wp_generate_password( 10, true, false );
$userdata = array(
'user_login' => $email,
'user_email' => $email,
'display_name' => $display_name,
'user_pass' => $password,
'role' => 'puppydog',
);
$created_user_id = wp_insert_user( $userdata );
It's a simple thing to do grab a password field from the front-end, but I'm wondering if it's safe to just take that password field, escape & hash it, and store it in the database? Or is there a more secure way to do it?
I noticed the answer here seems to just take the password from the front-end and create a user with it "raw," but I want to make sure this is actually reasonably safe to do?
How can this situation be done?
Wordpress install at ABC.com.
Wordpress install at 123.com.
A new member signs up at abc.com, then instantly and automatically, the same user's email address and password be programmatically inserted into 123.com. After the abc.com sign up process is completed, the new user is redirected to log in at 123.com.
How to achieve that?
you can achieve your functionality using two tricks, firstly you have to connect your wordpress with second DB.
global $wpdb;
$newdb = new wpdb( 'USERNAME' , 'PASSWORD' , 'DATABASE NAME' , 'HOST' );
$newdb->show_errors();
Then you can use the user_register hook to get all data from user upon registration AND update them to new database as a user.
add_action( 'user_register', 'myplugin_registration_save', 10, 1 );
function myplugin_registration_save( $user_id ) {
//print_r($_POST); // to get all information of user
// Insert data in other database
$newdb->insert('wp_users', array(
'display_name' => $_POST['first_name'],
'user_email' => $_POST['user_email'],
'user_phone' => $_POST['user_phone'], // ... and so on
));
}
Haven't tried this code but it will work.
I'm using the pie registration plugin and I want to know how can I automatically define a role (in my case I want to define as subscriber) when people register and login. I want to do this because I want to restrict some zones of the website and redirect those zones for the register or login page. Since the free version of the plugin doesn't have restricted areas, I'm also using the plugin called members that does 50% of what I want. So I want to combine these 2 plugins' functionalities.
tldr: how can I give the role subscriber on pie-registration?
When you are going to register user you have assign it a role for ex.
if you are using wp_insert_user( $userdata ) function than you can assign user role in $userdata as follows.
$userdata = array(
'user_login' => 'login_name',
'user_pass' => 'pass',
'role' => 'role' // When creating an user, `user_pass` is expected.
);
There are some default roles in wordpress , you can also creates new roles by using following code.
<?php add_role( $role, $display_name, $capabilities ); ?>
And you can assign capabilities, so by using this two function you can achieve your goal.
You can read more about:wp_insert_user , add_role
I used this semi-official plugin to enable API call.
But I can't find a way to exclude category. For example if I have mysite.com/wp-json/wp/v2/posts?filter[category__not_in]=10, it will ignores the filter and show all latest posts.
Is there a way to exclude category from the API call?
With the Rest API some filters are available only for logged in users:
In addition, the following are available when authenticated as a user
with edit_posts:
[...]
category__not_in
This is taken from the Rest API 1.0 documentation.
What that mean is you need to logged in as an editor (user with edit_posts capability). For doing this in a clean way, I suggest create a minimal role for REST user with only the capabilities you need, something like this:
add_role(
'rest_user',
__( 'REST User' ),
array(
'read' => true,
'edit_posts' => true,
'delete_posts' => false
)
);
Then do your query as authenticated user with the following:
$response = wp_remote_request('http://example.com/wp-json/wp/v2/posts?filter[category__not_in]=10', array(
'method' => 'GET',
'headers' => array(
'Authorization' => 'Basic ' . base64_encode('login:password')
)
));
Thanks to this article you shared, it seems you need to declare the filter name as query var, so in this case:
add_filter('query_vars', function($query_vars) {
$query_vars[] = 'category__not_in';
return $query_vars;
});
Which make sense because Wordpress is droping any GET parameter that isn't declare, though I don't understand why all the filters are not declared as query vars inside the WP Core...
For WP API V2 use a minus sign, for example:
http://yourwpwebsite/wp-json/wp/v2/posts/&filter[cat]=1,2,-3
will retrieve all posts in categories with id= 1 and id = 2 but excluding any posts in category with id= 3
In registration, after user registered, they should confirm the email validation link, until they validate the email their role should be inactive and they should not able to login in to the website.
Am adding the user using wp_insert_user(), in this function there is a field name call 'role' but I don't know what should be given there. I tried "inactive" but not working. Kindly suggest me.
Assuming your new users are assigned the 'subscriber' role on registration, you should hook to the 'user activated' hook and do something like:
wp_update_user( array ( 'ID' => $user_id, 'role' => 'author' ) ) ;
In your application you should ensure the 'subscriber' is locked-down or inactive (i.e. can't do anything much) and your 'author' role has the full set of capabilities that you need your active users to have.