In the past, I have put together a method for making the link in the admin notification email a single click process for activating users. But what if you want users to be sent an activation link to confirm their account and activate themselves?
This tutorial will walk you through changing the initial email to the user to include an activation link that, when clicked will activate the user account. This can be used as an email verification process. The tutorial includes all necessary code snippets as well as detailed instructions for setting it up.
This process consists of four functions, each hooked to a specific action or filter. In addition, there is a function for holding the values you may want to change (this way the bulk of the script is copy/paste ready – you just need to set your values in the helper function).
This process requires that you have moderated registration turned on, although users are actually activating themselves.
Create your settings
This is the “helper” function that will contain the user editable elements for the script. This contains the following:
- email_text: This is the string that will be added to the user notification email along with the activation link.
- return_url: This is the url that will be used in the activation link. Make this the page you want the user to be directed to when they activate.
- send_welcome: This can be true or false. If true, it will send the second moderated email (Registration is Moderated, User is Approved) email to the user when they have successfully activated. You can use this as a “welcome” email or whatever you want. If this is not used, set the value to false.
- show_success: This can be true or false. If true, it will display a success message on the page when the user activates. If you are returning the user to the home page or a page that is not a single post or single page, you may want to set this to false.
- success_message: This is the text that will display in the successful activation message.
- send_notify: This can be true or false. If true, it will send the plugin’s admin notification message when the user activates (edit that message accordingly).
function my_activation_key_settings() {
$settings = array(
'email_text' => 'Click to activate your account: ',
'return_url' => 'http://yoursite.com/your-page/',
'send_welcome' => true,
'show_success' => true,
'success_message' => 'Thank you for activating your account.',
'send_notify' => true,
);
return $settings;
}
Create the activation key
The wpmem_post_register_data action comes at the end of the registration process, but before the email is sent. At this point, the user has cleared form data validation and the user account is created. Our function hooked to this action uses the wp_generate_password function (although we are not using it for an actual password – we just need a random set of characters), hashes it, and stores it as a user meta field tied to this new user with the meta key “activation_key” (which we will delete when we are done with it).
/**
* Create an activation key for the
* user at registration.
*/
add_action( 'wpmem_post_register_data', 'my_generate_key' );
function my_generate_key( $fields ) {
// Generate a random key.
$key = md5( wp_generate_password() );
// Save this for the new user account.
add_user_meta( $fields['ID'], 'activation_key', $key );
}
Include the activation key in the new registration email
Now that we have created a user activation key we can use and have stored it for later validation, we need to get that to the user. For that we use the wpmem_email_filter hook. Our filter function looks to see if this a new registration email, and if so, retrieves the created key and adds a link in the email. The link contains a query string with the parameter “activate” which we will use to retrieve the key when the user clicks through the process.
This function uses the settings we established in the “helper” function above for the text used with the link and the url the user is being directed to.
/**
* Include the activation key in the new user
* registration email as an activation link.
*/
add_filter( 'wpmem_email_filter', 'my_add_key_to_email', 10, 3 );
function my_add_key_to_email( $arr, $wpmem_fields, $field_data ) {
$settings = my_activation_key_settings();
$url = trailingslashit( $settings['return_url'] );
// Only do this for new registrations.
if ( $arr['toggle'] == 'newmod' ) {
// Get the stored key.
$key = get_user_meta( $arr['user_id'], 'activation_key', true );
// Add text and link to the email body.
$arr['body'] = $arr['body'] . "\r\n"
. $settings['email_text']
. add_query_arg( 'activate', $key, $url );
}
return $arr;
}Validate the user and log them in
This part of the process is what happens when the user clicks the activation link they were emailed. Using WP’s template_redirect hook, which is used so that we use an action in which we can still set a cookie for log in, we check to see if the “activate” query string exists and if so, it is retrieved to be validated. If searching for the provided key matches a user, the key is deleted, the user is marked as active, and the auth cookie is set so the user is logged in.
Using the settings from the “helper” function, if the send_welcome value is set to true, the “Registration is Moderated, User is Approved” email will be sent to the user. If send_notify is true, it will send the admin notification email.
/**
* Check for an activation key and if one exists,
* validate and log in user.
*/
add_action( 'template_redirect', 'my_validate_key' );
function my_validate_key() {
$settings = my_activation_key_settings();
// Check for activation key.
if ( isset( $_GET['activate'] ) ) {
// Get the user account the key is for.
$users = get_users( array(
'meta_key' => 'activation_key',
'meta_value' => $_GET['activate'],
'number' => 1,
'count_total' => false
) );
if ( $users ) {
foreach( $users as $user ) {
// The provided activation key was valid, log in.
wp_set_auth_cookie( $user->ID, true );
wp_set_current_user( $user->ID );
// Delete activation_key meta and set active.
delete_user_meta( $user->ID, 'activation_key' );
update_user_meta( $user->ID, 'active', '1' );
if ( $settings['send_welcome'] ) {
// Send a welcome email
wpmem_email_to_user( $user->ID, '', 2 );
}
if ( $settings['send_notify'] ) {
// Send a welcome email
global $wpmem;
wpmem_notify_admin( $user->ID, $wpmem->fields );
}
break;
}
}
}
}Displaying the Success Message
This last function handles displaying a success message when the user has successfully activated. If the “helper” function show_success value is set to true, this function will display the message set in the success_message value.
add_filter( 'the_content', 'my_show_thankyou_on_activation', 100 );
function my_show_thankyou_on_activation( $content ) {
$settings = my_activation_key_settings();
if ( $settings['show_success'] && isset( $_GET['activate'] ) ) {
// Load dependencies.
$content = wpmem_inc_regmessage( '', $settings['success_message'] ) . $content;
}
return $content;
}Email considerations
One thing that you will need to consider is email content. This customization programmatically adds in the activation link, but it does that by appending to the end of the initial email to the user. Any other content remains unaffected.
So you will want to consider what content (and instructions) you want in that email. Also consider whether you will email the user their password (and other credentials such as username).
Many users use this customization to avoid emailing the user their password at all and simply use this process as a safe way of confirming the user’s email address. But if you will be sending the user’s password, it needs to be in the initial email regardless of whether the user is setting their own password or the plugin is generating it.
Email content can be edited in the plugin’s Emails tab.
Wrapping it up
There are elements you can customize in this process, but just be careful that if you change keys or variable names, that you look consistently through all of the functions so that you change everything that is needed.
You need all five of these functions for the process to work as described. Copy all five of these functions to your theme’s functions.php file, then set any values you want to change in the helper function at the beginning.