I have one question, how to encrypt password from my site to work with phpbb3 password?
This will allow you to set up a basic user.
define('IN_PHPBB', true);
global $db;
global $config;
global $user;
global $auth;
global $cache;
global $template;
global $phpbb_root_path;
global $phpEx;
include('forums/common.php'); // THIS NEEDS TO BE CHANGED TO MATCH YOUR PHPBB3 INSTALL LOCATION;
// Currently, I am assuming you have this page at the root of your domain
// and PHPBB3 is install in the 'forums' subdirectory
// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup();
require($phpbb_root_path .'includes/functions_user.php');
$username = $_POST['user'];
$password = $_POST['password']; // Do not encrypt this password, it is handled later by an MD5 function and PHPBB3's own code
$email = $_POST['email'];
// You should add in a check to verify that the username is unique to your PHPBB3 install, otherwise you'll get errors
// I left this as an exercise for you so that you can handle it how you want (reload the page, fail completely, offer suggestions, etc)
$user_row = array(
'username' => $username,
'user_password' => md5($password), 'user_email' => $email,
'group_id' => 2, // This is the 'Registered Users' group. Change this as you feel is appropriate
'user_timezone' => '0.00', // GMT
'user_dst' => 0, // No Day Light Saving
'user_lang' => 'en',
'user_type' => '0', // This means 'Normal User'
'user_actkey' => '',
'user_dateformat' => 'd M Y H:i',
'user_style' => 1,
'user_regdate' => time(),
);
$id = user_add($user_row); // Returns the ID of the new user
Assumptions:
This file is in the root of your domain and the forums are in the forums subdirectory. If this is not the case, I added comments to show what needs to be changed
No error checking was performed for duplicate user names. It is assumed that you have a method to handle this or can modify this script appropriately
Related
I'm looking to allow a user to create their own password on a custom front-end registration form.
I've created a front-end user registration form with ACF.
Currently the password is generated on the backend like so:
$password = wp_generate_password( 10, true, false );
$userdata = array(
'user_login' => $email,
'user_email' => $email,
'display_name' => $display_name,
'user_pass' => $password,
'role' => 'puppydog',
);
$created_user_id = wp_insert_user( $userdata );
It's a simple thing to do grab a password field from the front-end, but I'm wondering if it's safe to just take that password field, escape & hash it, and store it in the database? Or is there a more secure way to do it?
I noticed the answer here seems to just take the password from the front-end and create a user with it "raw," but I want to make sure this is actually reasonably safe to do?
How can this situation be done?
Wordpress install at ABC.com.
Wordpress install at 123.com.
A new member signs up at abc.com, then instantly and automatically, the same user's email address and password be programmatically inserted into 123.com. After the abc.com sign up process is completed, the new user is redirected to log in at 123.com.
How to achieve that?
you can achieve your functionality using two tricks, firstly you have to connect your wordpress with second DB.
global $wpdb;
$newdb = new wpdb( 'USERNAME' , 'PASSWORD' , 'DATABASE NAME' , 'HOST' );
$newdb->show_errors();
Then you can use the user_register hook to get all data from user upon registration AND update them to new database as a user.
add_action( 'user_register', 'myplugin_registration_save', 10, 1 );
function myplugin_registration_save( $user_id ) {
//print_r($_POST); // to get all information of user
// Insert data in other database
$newdb->insert('wp_users', array(
'display_name' => $_POST['first_name'],
'user_email' => $_POST['user_email'],
'user_phone' => $_POST['user_phone'], // ... and so on
));
}
Haven't tried this code but it will work.
In Drupal 7, is it possible to show a result of a DB query on each users' respective profile page, in some table? I need to do this programmatically within my existing module. So the input to the query would be the ID of a user whose profile is currently being viewed.
Only to show the queried data - no administration, no edits, nothing else.
something along the lines of.. (image)
Also the block or field or whatever would make this possible needs to be configurable through the _permission() hook as to who can or cannot view it.
I thought since this is basically just a query with no extra custom stuff there would be an easy way via the Drupal API.
you can create custom block for that and view it in current user profile
/**
* Implements hook_block_info().
*/
function custom_block_block_info() {
$blocks = array();
$blocks['my_block'] = array(
'info' => t('My Custom Block'),
'status' => TRUE,
'region' => 'Content',
'visibility' => BLOCK_VISIBILITY_LISTED,
'pages' => 'user/*',
);
return $blocks;
}
/**
* Implements hook_block_view().
*/
function custom_block_view($delta = '')
{
// The $delta parameter tells us which block is being requested.
switch ($delta)
{
case 'my_block':
// Create your block content here
$block['subject'] = t('This is just a test block created programatically');
$block['content'] = _user_detail_list();
break;
}
return $block;
}
/**
* Implements costome code we want to print().
*/
function _user_detail_list(){
//enter your query and output in some variable
$value = "<p>User Detail</p>"
return $value;
}
Note :- Here profile is extended with new block
There will be some coding to get what you want, but if you just want style/show the data that's already available with the "user" object then #1 below will do it.
Easy way(#1):
1. Create a view and choose the "user" info that you need shown and give it a path. Then in your sub-theme use the correct template -see the code snippets.
https://www.drupal.org/forum/support/post-installation/2011-04-04/modify-the-default-profile-pagelayout
other ways:
use the user-profile.tpl.php see
https://api.drupal.org/api/drupal/modules%21user%21user-profile.tpl.php/7.x
in your module, you need to call and reach out to the hook_user_view.
https://api.drupal.org/api/drupal/modules%21user%21user.api.php/function/hook_user_view/7.x
Here you fetch user profile data from database then follow it
function modulename_menu() {
$items['user-data'] = array(
'title' => 'User data',
'page callback' => 'user_data',
'access callback' => ('user_is_logged_in'),
'#type' => MENU_NORMAL_ITEM,
);
return $items;
}
function user_data(){
global $user;
$user_fields = user_load($user->uid);
$output = "" //return those $user_fields values into table using theme('table',header,rows)
return $output;
}
https://www.drupal.org/node/156863 (for create table view)
i.e
global $user;
$user_fields = user_load($user->uid);
$firstname = $user_fields->field_firstname['und']['0']['value'];
$lastname = $user_fields->field_lastname['und']['0']['value'];
First of all I am a WordPress learner. So sorry if my code looks stupid!
I have created a custom theme with a custom user role. I am not developing any plugin.
In my fucntions.php file I have written the following code to create a User role. Users assigned to this role are supposed to login to the admin but only be able to access their Profile pages.
add_action('init', 'yrc_cst_register_role_customer_service_rep');
/**
* Register new user role
*/
function yrc_cst_register_role_customer_service_rep() {
$wp_roles = new WP_Roles();
$wp_roles->remove_role('subscriber');
$wp_roles->remove_role('editor');
$wp_roles->remove_role('contributor');
$wp_roles->remove_role('author');
$service_rep_caps = array(
'read' => false,
'create_posts' => false,
'edit_posts' => false,
'edit_others_posts' => false,
'publish_posts' => false,
'manage_categories' => false,
'manage_options' => false,
);
add_role('customer_service', __('Customer Service'), $service_rep_caps);
}
I have removed all roles except Administrator, because no other role is required for this portal. Administrator will only create Users with Customer Service role.
I have no third party plugin installed in the system.
Users with the custom role are able to login to the system through a custom login page which is working OK. But whenever they are trying to access their Profile page the following error message comes up:
Sorry, you are not allowed to access this page.
Is there anything like 'edit_profile' => true?
I must be doing something wrong but my limited knowledge is not enough to figure this out. Any suggestion would be highly appreciated.
You might be able to do it like this :
This should clone the subscriber role capabilities and create your role for it.
add_action('init', 'CreatecloneRoleSubscriber');
function CreatecloneRoleSubscriber()
{
global $wp_roles;
if ( ! isset( $wp_roles ) )
$wp_roles = new WP_Roles();
$sub = $wp_roles->get_role('Subscriber');
//Adding a 'new_role' with all subscriber caps
$wp_roles->add_role('customer_service', 'Customer Service', $sub->capabilities);
}
EDIT : Read discussion in question comments
Just change the manage_options to true in your case
But note that by allowing manage_options to true, those user will have access to other parts of dashboard as well
$service_rep_caps = array(
'read' => false,
'create_posts' => false,
'edit_posts' => false,
'edit_others_posts' => false,
'publish_posts' => false,
'manage_categories' => false,
'manage_options' => true, // Most plugins and pages check for manage_options for checking access level to allow access to pages and settings.
);
Just found this solution which i consider really clean to enter wp-admin with a new role:
Add access cap to backend
Add the cap view_admin_dashboard & read to your new role.
Show the admin bar
Add this function to your wordpress.
# functions.php
add_filter( 'show_admin_bar', function () {
if ( current_user_can( 'view_admin_dashboard' ) )
return true;
return false;
}, 10);
I'm looking for the simplest way to limit a WordPress user to edit only his own pages (that is pages he is author of). I've read about some users manager plugins but for my needs they seems overkill and so I wonder if it is possible to obtain the same result adding some code lines to functions.php or something similar.
you can do this by adding a new role like so :
<?php add_role( $role, $display_name, $capabilities ); ?>
This setting is saved to the database (in table wp_options, field wp_user_roles), so it might be better to run this on theme/plugin activation
Returns a WP_Role object on success, null if that role already exists.
Example
Create a new "Basic Contributor" role.
$result = add_role(
'basic_contributor',
__( 'Basic Contributor' ),
array(
'read' => true, // true allows this capability
'edit_posts' => true,
'delete_posts' => false, // Use false to explicitly deny
)
);
if ( null !== $result ) {
echo 'Yay! New role created!';
}
else {
echo 'Oh... the basic_contributor role already exists.';
}
add_role() is located in wp-includes/capabilities.php.
for more clarification look in this article