Apply user moderation for authors only - wordpress

I am using theme my login, it is a great plugin. I have used it in many website.
Now, in one of my website I have enabled user moderation module of theme my login. According to it when any new user register on the website, it comes under moderation and when admin approve then only he is able to be a user on the website.
So, I don't want this functionality for subscribers. Or in other words I want this only for authors.

Now I find the solution of this question.
put a dropdown on register-form.php between the form tags like :
<p>
<label for="role<?php $template->the_instance(); ?>"><?php _e( 'Role', 'theme-my-login' ) ?></label>
<select id="role<?php $template->the_instance(); ?>" name="role">
<option value="author">Author</option>
<option value="subscriber">Subscriber</option>
</select>
</p>
then put a function in function.php like :
function set_role_on_registration( $user_id ) {
//$role = sanitize_text_field( $_POST['role'] );
$role = $_POST['role'];
if ( in_array( $role, array( $role, 'bprofessional' ) ) )
add_user_meta( $user_id, 'pending_role', $role );
}
add_action( 'tml_new_user_registered', 'set_role_on_registration' );
then go to plugins/theme-my-login/modules/user-moderation/admin/user-moderation-admin.php and find user_row_actions function. Find case 'admin' : and put the below code in between start of case and its break; like :
$c_u_r = get_user_meta($user_object->ID, 'pending_role', true);
// Add "Approve" link
if($c_u_r != 'subscriber'){
$actions['approve-user'] = sprintf( '%2$s',
add_query_arg( 'wp_http_referer',
urlencode( esc_url( stripslashes( $_SERVER['REQUEST_URI'] ) ) ),
wp_nonce_url( "users.php?action=approve&user=$user_object->ID", 'approve-user' )
),
__('Approve', 'theme-my-login' )
);
}else{
if ( ! self::approve_user( $user_object->ID ) )
wp_die( __( 'You can’t edit that user.' ) );
}
Now the user moderation will not work for the users which registers as a subscriber. Modify the code and use it in your own way.
This may help some one.
Thanks
Sunil

Related

WordPress, User front end editing, can't update email and personal information

I want to create a form, where registered user can edit its own information,
everything is working except email, it's not updating.
I found some questions about that but no answers.
I shorted a code, left only user first name and user email, to show that user name is working, but not email. Here it is:
add_action('init', '_themename_edit_user_data');
function _themename_edit_user_data(){
$current_user = wp_get_current_user();
$user_id = $current_user->ID;
if ( 'POST' == $_SERVER['REQUEST_METHOD'] && !empty( $_POST['action'] ) && $_POST['action'] == 'update-user' ) {
/* Update user information. */
if ( !empty( $_POST['email'] ) ){
wp_update_user( array ('ID' => $user_id, 'user_email' => sanitize_email( $_POST['email'] )));
}
if ( !empty( $_POST['first-name'] ) ) {
update_user_meta( $user_id, 'first_name', esc_attr( $_POST['first-name'] ) );
}
}
}
Here is my form:
<form method="post" id="adduser" action="<?php the_permalink(); ?>">
<p class="form-username">
<label for="first-name"><?php _e('First Name', 'profile'); ?></label>
<input class="text-input" name="first-name" type="text" id="first-name" value="<?php the_author_meta( 'first_name', $current_user->ID ); ?>" />
</p><!-- .form-username -->
<p class="form-email">
<label for="email"><?php _e('E-mail *', 'profile'); ?></label>
<input class="text-input" name="email" type="text" id="email" value="<?php the_author_meta( 'user_email', $current_user->ID ); ?>" />
</p><!-- .form-email -->
<p class="form-submit">
<input name="updateuser" type="submit" id="updateuser" class="submit button" value="<?php _e('Update', 'profile'); ?>" />
<?php wp_nonce_field( 'update-user' ) ?>
<input name="action" type="hidden" id="action" value="update-user" />
</p><!-- .form-submit -->
</form><!-- #adduser -->
What am I doing wrong?
I have to react to this post. It would be criminal not to point out all the security problems you're currently facing. Warning it's long to read but short to understand.
I'm far from being an expert but most of the people looking at posts on Stackoverflow regarding front-end user data inputs and updates are (usually) mostly new to Wordpress and are here to learn. It's easy to get overwhelmed. Let's go easy and get started.
First of all, when checking permissions, you should always use triple operators. === instead of ==. It doesn't seems like much but one means EQUAL and the other one means IDENTICAL. You can learn more about Comparison Operators here.
Checking the identity of a user is your only line of defense in regards to malicious practices. Granting front end editing capability is just a series of conditional statement a user MUST pass before being granted access to the database. Let's not mess around.
My assumption is that you're letting your users update their personal informations from their user profile page served by the author.php template. Therefore the following thinking is based around it, but can be easily adapted. I have to insist that nothing is constrain to any templates. Here is the simple form we're going to use, currently in our author.php template. It's a simplified version of your form.
<form method="POST">
<input type="text" name="first_name" value="<?php echo esc_attr( wp_get_current_user()->first_name ); ?>">
<input type="email" name="user_email" value="<?php echo esc_attr( wp_get_current_user()->user_email ); ?>">
<?php wp_nonce_field( esc_attr( 'update-user-' . get_current_user_id() ), esc_attr( 'nonce-user-' . get_current_user_id() ) ); ?>
<button type="submit">Submit</button>
</form>
For clarity and consistency, it's always a good idea to use Wordpress default function when you can. get_current_user_id() Get the current user’s ID, instead of wp_get_current_user()->ID.
Let's talk about action's hook. init is a hook that fire really early in the Wordpress firing sequence.
Fires after WordPress has finished loading but before any headers are sent.
The WP_Object hasn't even finished to set up. When looking for the right hook you can refer to the Plugin API/Action Reference. A more suiting firing hook would be wp which is the recommended hook for any high-level filtering or validation, following queries, but before WordPress does any routing, processing, or handling.
Fires once the WordPress environment has been set up. After WP object is set up.
add_action( 'wp', 'wpso62938497_user_frontend_privy_editing' );
function wpso62938497_user_frontend_privy_editing() {
//...
};
The "hors d'oeuvre" of user checking in regards to front end editing is to know if the user is actually logged in. Which you are missing to do. We can use is_user_logged_in() which determines whether the current visitor is a logged in user.
We also want to be sure that the user actually on the author.php page is the page owner. get_current_user_id() === get_queried_object()->ID will do just that. We will also be checking if the page we're on is an author page and has a WP_User object set up. Finally we will compare both queried user and page author to be sure both are the same.
add_action( 'wp', 'wpso62938497_user_frontend_privy_editing' );
function wpso62938497_user_frontend_privy_editing() {
/**
* Determines whether the current visitor is a logged in user.
* Retrieves the currently queried object. Check whether an it belongs to a WP_User class.
* Determines whether the query is for an existing author archive page. Compare it to the current logged in user ID.
* Compare current logged in user ID with the current queried ID.
*/
if ( is_user_logged_in() && get_queried_object() instanceof \WP_User && is_author( get_current_user_id() ) && get_current_user_id() === get_queried_object()->ID ) {
//...
};
};
Let's talk about nonce. In your form you're declaring a nonce but you're not checking against it. A nonce is a "number used once" to help protect URLs and forms from certain types of misuse, malicious or otherwise. It's like you serial number from your ID card, that number is you. A nonce is your temporary ID card for 24 hours. As you can imagine, it's quite important. Wordpress as a whole page on Nonces, you should have a read. We will also be checking the REQUEST_METHOD.
add_action( 'wp', 'wpso62938497_user_frontend_privy_editing' );
function wpso62938497_user_frontend_privy_editing() {
/**
* Determines whether the current visitor is a logged in user.
* Retrieves the currently queried object. Check whether an it belongs to a WP_User class.
* Determines whether the query is for an existing author archive page. Compare it to the current logged in user ID.
* Compare current logged in user ID with the current queried ID.
*/
if ( is_user_logged_in() && get_queried_object() instanceof \WP_User && is_author( get_current_user_id() ) && get_current_user_id() === get_queried_object()->ID ) {
/**
* Determines whether the POST request method was used to access the page.
* Determine if our nonce variable is declared and is different than null.
* Verifies that a correct security nonce was used with time limit.
*/
if ( 'POST' === $_SERVER['REQUEST_METHOD'] && isset( $_POST['nonce-user-' . get_current_user_id()] ) && wp_verify_nonce( $_POST['nonce-user-' . get_current_user_id()], 'update-user-' . get_current_user_id() ) ) {
//...
};
};
};
We're nearly done! For any sanitization requirements you can check the following post which states what data is sanitize or not by wp_insert_user() or wp_update_user().
Of course you should restrict the form using javascript, but javascript can easily be disabled. That's why we also need a check on the php side.
There is also a case to have in mind and handle, which is the constant prompt to submit on page refresh, F5, CTRL+R after a submission. That behavior can be avoided by redirecting the user to the previous page, and setting a 303 header. You can read more about that issue here.
Finally we're done, and our script is safe to use on the front end. And we're feeling like this!
add_action( 'wp', 'wpso62938497_user_frontend_privy_editing' );
function wpso62938497_user_frontend_privy_editing() {
/**
* Determines whether the current visitor is a logged in user.
* Retrieves the currently queried object. Check whether an it belongs to a WP_User class.
* Determines whether the query is for an existing author archive page. Compare it to the current logged in user ID.
* Compare current logged in user ID with the current queried ID.
*/
if ( is_user_logged_in() && get_queried_object() instanceof \WP_User && is_author( get_current_user_id() ) && get_current_user_id() === get_queried_object()->ID ) {
/**
* Determines whether the POST request method was used to access the page.
* Determine if our nonce variable is declared and is different than null.
* Verifies that a correct security nonce was used with time limit.
*/
if ( 'POST' === $_SERVER['REQUEST_METHOD'] && isset( $_POST['nonce-user-' . get_current_user_id()] ) && wp_verify_nonce( $_POST['nonce-user-' . get_current_user_id()], 'update-user-' . get_current_user_id() ) ) {
if ( isset( $_POST['first_name'] ) && ! empty( $_POST['first_name'] ) && wp_get_current_user()->first_name !== $_POST['first_name'] && strcasecmp( sanitize_text_field( $_POST['first_name'] ), $_POST['first_name'] ) ) {
update_user_meta( get_current_user_id(), 'first_name', sanitize_text_field( $_POST['first_name'] ), esc_attr( wp_get_current_user()->first_name ) );
};
if ( is_email( sanitize_email( $_POST['user_email'] ) ) && strcasecmp( sanitize_email( $_POST['user_email'] ), $_POST['user_email'] ) ) {
$userdata = array (
'ID' => get_current_user_id(),
'user_email' => $_POST['user_email'],
);
wp_update_user( $userdata );
};
wp_safe_redirect( esc_url( get_author_posts_url( get_current_user_id() ) ), 303 );
exit;
};
};
};
This function is missing any error handling, which is pretty much adding else statements.
Some final wised words: "Sanitize Inputs, Escape Outputs". https://developer.wordpress.org/themes/theme-security/data-sanitization-escaping/
Give the try to my answer:
$args = array(
'ID' => $user_id,
'user_email' => esc_attr( $_POST['email'] )
);
wp_update_user( $args );
Sorry, guys! I found out that I have not right condition check, that was a problem!
For sure, everybody use the same code:
if ( !empty( $_POST['email'] ) ){
if (!is_email(sanitize_email( $_POST['email'] ))) {
$error[] = __('The Email you entered is not valid. please try again.', 'profile');
} elseif( email_exists(sanitize_email( $_POST['email'] )) != $user_id ) {
$error[] = __('This email is already used by another user. try a different one.', 'profile');
} else {
wp_update_user( array ('ID' => $user_id, 'user_email' => sanitize_email( $_POST['email'] )));
}
}
The problem is here:
elseif( email_exists(sanitize_email( $_POST['email'] )) != $user_id )
It must be:
elseif( email_exists(sanitize_email( $_POST['email'] )) == $user_id )
Sorry!

Create custom registration form for Wordpress Multisite

I have Multisite Wordpress website and I've seen the default registration form but it did not meet all of my requirements because I want to add more additional fields like Password field.
To add custom fields in the registration form of a WordPress Multisite you need to do several things:
To show extra fields to sign up form.
To validate the fields when form is submitted.
To store the fields while user is pending activation.
To attach the fields to the user profile when the user is activated.
The file that controls the sign up process is wp-signup.php, where you can find useful filters and hooks to attach almost all the actions you need:
To show extra fields you can use the action hook signup_extra_fields.
To store the fields while user is pending activation you can use add_signup_meta.
To attach the fields to the user profile when the user is activated you can use wpmu_activate_user.
The validation step
For the fields validation step I haven't found a filter or an action hook to run the necessary code. So I have added one to wp-signup.php that I call signup_validate_extra_fields. You can call it as you want. I've added it inside the function validate_user_signup(). This function calls the function validate_user_form() that validates only username and user mail. The idea is to add the other fields validation at this point filtering this function. We can do this by replacing just one line (line 648):
$result = validate_user_form();
With this modification:
$result = apply_filters('signup_validate_extra_fields',validate_user_form());
With the new line, the beginning of the validate_user_signup() funcion would be:
/**
* Validate the new user signup
*
* #since MU (3.0.0)
*
* #return bool True if new user signup was validated, false if error
*/
function validate_user_signup() {
// $result = validate_user_form();
$result = apply_filters('signup_validate_extra_fields',validate_user_form());
$user_name = $result['user_name'];
$user_email = $result['user_email'];
$errors = $result['errors'];
It is not a good practice to modify WordPress core files, of course. To avoid it and not to loose the modifications after every WordPress update, I use the plugin Network Subsite User Registration that uses a local copy of wp-signup.php, so I can add the new filter there and not in the core file.
The whole code
The whole code using the hooks and filters I mention could be included in the file functions.php of a theme or in a plugin (probably better):
// add validation for extra fields
add_action( 'signup_extra_fields', 'prefix_signup_extra_fields',10,1 );
function prefix_signup_extra_fields($errors) {
$first_name = ( ! empty( $_POST['first_name'] ) ) ? sanitize_text_field( $_POST['first_name'] ) : '';
$last_name = ( ! empty( $_POST['last_name'] ) ) ? sanitize_text_field( $_POST['last_name'] ) : '';
// extra fields error handle
$fields = array(
'first_name',
'last_name'
);
$e = '';
if ( isset( $errors ) ) {
foreach ( $fields as $f )
$e[$f] = ( $errors->get_error_message( $f ) ) ? '<p class="error">'.$errors->get_error_message( $f ).'</p>' : '';
}
else {
foreach ( $fields as $f )
$e[$f] = '';
}
$signup_out = '
<hr>
<p>
<label for="first_name">'.__( 'First name' ).
$e['first_name']
.'<input type="text" name="first_name" id="first_name" class="signup-input" value="'.esc_attr( $first_name ).'" required />
</p>
<p>
<label for="last_name">'.__( 'Last name' ).
$e['last_name']
.'<input type="text" name="last_name" id="last_name" class="signup-input" value="'.esc_attr( $last_name ).'" required />
</p>
';
echo $signup_out;
return;
}
// add validation for extra fields
// I added a new filter to wp-singup.php
add_filter('signup_validate_extra_fields', 'prefix_signup_validation', 10, 1);
function pdigital_signup_validation( $arguments ) {
if ( ! isset( $_POST['signup_for'] ) )
return;
$fields = array(
'first_name' => __('You must include a first name.','pdigital'),
'last_name' => __('You must include a last name.','pdigital')
);
$errors = $arguments['errors'];
foreach( $fields as $f => $e )
if ( empty( $_POST[$f] ) || ! empty( $_POST[$f] ) && trim( $_POST[$f] ) == '' )
$errors->add( $f, $e );
return $arguments;
}
// store extra fields in wp_signups table while activating user
add_filter('add_signup_meta', 'prefix_add_signup_meta');
function prefix_add_signup_meta($meta) {
$fields = array(
'first_name',
'last_name',
);
foreach ( $fields as $f )
if( isset( $_POST[$f] ) )
$meta[$f] = sanitize_text_field( $_POST[$f] );
return $meta;
}
// add extra fields to user profile when user is activated
add_action('wpmu_activate_user','prefix_activate_user',10,3);
function prefix_activate_user( $user_id, $password, $meta ) {
$fields = array(
'first_name',
'last_name'
);
foreach ( $fields as $f )
if ( isset( $meta[$f] ) )
update_user_meta( $user_id, $f, $meta[$f] );
return;
}
Conclusion
Customize the sign up form of a WordPress Multisite is trickier than doing it in a one-site WordPress.
Finally it is worth to read the documentation about user system in WordPress Multisite and understand that it is common to all the sites of the network, before adding additional fields to the registration form.

How to fix 'Woocommerce Cart PDF' functions file to move pdf-link to checkout page instead of cart page

I'm using a plugin for wordpress-woocommerce called Woocommerce Cart PDF (https://wordpress.org/plugins/wc-cart-pdf/). It generates a pdf-link of the current cart, but is located on the cart page.
I have a combined cart and checkout page so the link does not appear on my website. I don't have the knowledge on how to edit the plugin files myself for it to appear on my cart page.
I've tried the wordpress plugin support forum for this specific plugin, but no answer.
/**
* Generates the PDF for download
*
* #return void
*/
function wc_cart_pdf_process_download() {
if( ! function_exists( 'WC' ) ) {
return;
}
if( ! isset( $_GET['cart-pdf'] ) ) {
return;
}
if( ! is_cart() || WC()->cart->is_empty() ) {
return;
}
if( ! isset( $_GET['_wpnonce'] ) || ! wp_verify_nonce( $_GET['_wpnonce'], 'cart-pdf' ) ) {
wc_add_notice( __( 'Invalid nonce. Unable to process PDF for download.', 'wc_cart_pdf' ), 'error' );
return;
}
$dompdf = new \Dompdf\Dompdf();
$content = $css = '';
$cart_table = wc_locate_template( 'cart-table.php', '/woocommerce/wc-cart-pdf/', __DIR__ . '/templates/' );
$css = wc_locate_template( 'pdf-styles.php', '/woocommerce/wc-cart-pdf/', __DIR__ . '/templates/' );
do_action( 'wc_cart_pdf_before_process' );
if( file_exists( $cart_table ) ) {
ob_start();
include $cart_table;
$content = ob_get_clean();
}
if( file_exists( $css ) ) {
ob_start();
include $css;
$css = apply_filters( 'woocommerce_email_styles', ob_get_clean() );
}
$dompdf->loadHtml( '<style>' . $css . '</style>' . $content );
$dompdf->setPaper( 'A4', 'portrait' );
$dompdf->render();
$dompdf->stream(
apply_filters( 'wc_cart_pdf_filename', 'WC_Cart-' . date( 'Ymd' ) . bin2hex( openssl_random_pseudo_bytes( 5 ) ) ) . '.pdf',
/**
* 'compress' => 1 or 0 - apply content stream compression, this is on (1) by default
* 'Attachment' => 1 or 0 - if 1, force the browser to open a download dialog, on (1) by default
*/
apply_filters( 'wc_cart_pdf_stream_options', array( 'compress' => 1, 'Attachment' => 1 ) )
);
exit;
}
add_action( 'template_redirect', 'wc_cart_pdf_process_download' );
if( ! function_exists( 'wc_cart_pdf_button' ) ) {
/**
* Renders the download cart as PDF button
*
* #return void
*/
function wc_cart_pdf_button() {
if( ! is_cart() || WC()->cart->is_empty() ) {
return;
}
?>
<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'cart-pdf' => '1' ), wc_get_cart_url() ), 'cart-pdf' ) );?>" class="cart-pdf-button button" target="_blank">
<?php esc_html_e( 'Download Cart as PDF', 'wc-cart-pdf' ); ?>
</a>
<?php
}
}
add_action( 'woocommerce_proceed_to_checkout', 'wc_cart_pdf_button', 21 );
This might be the incorrect part of the functions in the plugin, but I hop I got it right.
The wc_cart_pdf_process_download() function isn't really relevant. The comment states that it "Generates the PDF for download". What it's doing is responding when the user visits the PDF link by generating the requested PDF file. The important function is the one beneath that, wc_cart_pdf_button().
Now that we know the function we're interested in, what's next? In your question, you suggested editing the plugin files however it's important to avoid doing that. Editing your plugin files is a sure-fire way to guarantee the changes you make get overwritten the next time you update.
You have a couple of options:
Create a mini feature plugin.
Add the code to the bottom of your (hopefully child) theme's functions.php file.
The first option would be the recommended approach but that's going to take us well beyond the scope of the question. Placing the code in a child theme's functions.php file will be adequate for getting you up and running.
Okay, so now we know what the code we want to modify is and where we're going to store those modifications. Let's break down the actual code:
if( ! is_cart() || WC()->cart->is_empty() ) {
return;
}
This checks two things, are we on the cart page and does the cart contain items? If either is false, we're going to bail out early. You're on the checkout page, not the cart page, so even if this function were to be called, it wouldn't make it past this conditional.
<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'cart-pdf' => '1' ), wc_get_cart_url() ), 'cart-pdf' ) );?>" class="cart-pdf-button button" target="_blank">
<?php esc_html_e( 'Download Cart as PDF', 'wc-cart-pdf' ); ?>
</a>
If those two previous checks passed, generate the button output.
add_action( 'woocommerce_proceed_to_checkout', 'wc_cart_pdf_button', 21 );
This executes the code on the woocommerce_proceed_to_checkout hook which fires after the cart totals on the cart page. The same action is used by the checkout button itself.
We need to write our own function that displays that same output on the checkout page. Without knowing where you'd like the button to appear, I can't suggest which action to use. I'm using woocommerce_checkout_order_review with a priority that'll put it between the order table and the payment options. If you need to reposition it, you'll have to go through those hooks and find somewhere that feels appropriate.
You did mention in your question that this is necessary because you have your cart and checkout pages combined. You may require a completely different hook, again there's no way for me to know based on your question alone.
Here's the final code:
function stackoverflow_wc_checkout_pdf_button() {
// We're on the checkout page based on the action.
// Highly unlikely we need the is_empty() check but it can't hurt if you may find yourself reusing elsewhere.
if ( WC()->cart->is_empty() ) {
return;
} ?>
<a href="<?php echo esc_url( wp_nonce_url( add_query_arg( array( 'cart-pdf' => '1' ), wc_get_cart_url() ), 'cart-pdf' ) );?>" class="cart-pdf-button button" target="_blank">
<?php esc_html_e( 'Download Cart as PDF', 'wc-cart-pdf' ); ?>
</a>
<?php
}
add_action( 'woocommerce_checkout_order_review', 'stackoverflow_wc_checkout_pdf_button', 15 );

Trying to add a custom meta box to wordpress

I am trying to add a custom meta box to a wordpress page which stores a value in a custom field. It is not working. The meta box is displayed but when you press update the value entered ito the text box is lost and nothing is written to the wp_postmeta table (no _c3m_sponsor_ur meta_key is created)
I have adapted this from an example online. I also tried adding a die statement to see if the save post is even called but nothing dies. I also dont understand why the add_post_meta isn't being created for the page
add_action( 'add_meta_boxes', 'c3m_sponsor_meta' );
function c3m_sponsor_meta() {
add_meta_box( 'c3m_meta', 'Sponsor URL Metabox', 'c3m_sponsor_url_meta', 'page', 'side', 'high' );
}
function c3m_sponsor_url_meta( $post ) {
$c3m_sponsor_url = get_post_meta( $post->ID, '_c3m_sponsor_url', true);
if (!isset($c3m_sponsor_url))
add_post_meta($post->ID, '_c3m_sponsor_url', '', false);
echo 'Please enter the sponsors website link below';
?>
<input type="text" name="c3m_sponsor_url" value="<?php echo esc_attr( $c3m_sponsor_url ); ?>" />
<?php
}
add_action( 'save_post', 'c3m_save_project_meta' );
function c3m_save_project_meta( $post_ID ) {
die('here');
global $post;
if( $post->post_type == "page" ) {
if (isset( $_POST ) ) {
update_post_meta( $post_ID, '_c3m_sponsor_url', strip_tags( $_POST['c3m_sponsor_url'] ) );
}
}
}
Any help in fixing this is muh appreciated
Thanks a lot
This may be help you:--
add_action( 'save_post', 'c3m_save_project_meta' );
function c3m_save_project_meta( $post_ID ) {
if ( isset( $_POST['post_type'] ) && 'page' == $_POST['post_type'] )
{
if (isset( $_POST ) ) {
update_post_meta( $post_ID, '_c3m_sponsor_url', strip_tags( $_POST['c3m_sponsor_url'] ) );
}
}
}
Edited:-
You can simply use Advanced Custom Fields plugin instead of using code. This plugin much helpful for custom meta fields.

Custom registration fields in woocommerce not validating

//Add phone number field to customer registration
add_filter( 'register_form', 'custom_phone_no_registration_field' );
function custom_phone_no_registration_field( ) {
echo '<div class="form-row form-row-wide"><label for="reg_phone">'.__('Phone Number', 'woocommerce').' <span class="required">*</span></label>
<input type="text" class="input-text" name="phone" id="reg_phone" size="30" value="'.esc_attr($_POST['phone']).'" /></div>';
}
//Validation registration form after submission using the filter registration_errors
add_action('registration_errors', 'custom_registration_errors_validation', 10,3);
function custom_registration_errors_validation($reg_errors, $sanitized_user_login, $user_email) {
global $woocommerce;
extract($_POST); // extracting $_POST into separate variables
if(empty($phone)) :
$woocommerce->add_error( __( 'Please, fill in all the required fields.', 'woocommerce' ) );
endif;
return $reg_errors;
}
I'm using register_form function to add a phone number field to registration form.it works but the registration_errors function is not working. Can anyone please help me with the code ?
I think you need to validate on the woocommerce_process_registration_errors filter. Take a look at process_registration() method in includes/class-wc-form-handler.php.
add_action( 'woocommerce_process_registration_errors', 'custom_registration_error' );
function custom_registration_errors( $validation_error ){
if ( ! isset( $_POST['phone'] ) ){
$validation_error = new WP_Error( 'phone-error', __( 'Please enter a phone number.', 'your-plugin' ) );
}
return $validation_error;
}

Resources