WP-Members 3.3.5 introduces some new features as options. Eventually, these features will replace older functionality, but implementing them as optional features allows existing plugin users some time to get things implemented and worked out before these features become the standard.
Please understand that these features are new, and their implementation into the plugin itself is rather complex. They change significant elements of how the plugin has managed user flow. For that reason, it is unknown how they will respond to all possible configurations and setups. In order to better manage that for all of the plugin’s current users, they are being introduced as “optional” so that the process of replacing old flows with new ones does not completely disrupt existing installs. In other words, if the process doesn’t currently work for your setup, you can turn it off until it does.
Some feature settings require additional setup, which is described here.
Account Confirmation Link
This feature sends a new user a confirmation link when they register. They will not be allowed to access the site until they have confirmed their account.
If the user does not confirm the account, the link will expire in 6 hours and the user would have to register again.
IMPORTANT: If you activate this feature on a site with existing users, none of those users will have been marked as confirming their emails. There is a code snippet you can use to mark all existing users as confirmed.
IMPORTANT: This feature is not currently compatible with WooCommerce integrations!!
NOTE: This feature is still being worked on when used with moderated registration. If you use moderated registration, the current iteration of the feature may be a little clunky. Please understand that there will be more coming with regards to this feature so please be patient. The primary element that is being worked out is when/how to send out admin notifications. Currently, the admin notification is triggered with the user registration. In order to make sense for moderated registration, this should be held until the user has confirmed. That will be worked out in another update.
Additional Configuration Required
You must enable the feature setting “Enable WP Login Error.” The activation link option uses the WP login error object for specific messaging in the form. So you need to also replace the WP-Members login error with the WP login error by enabling this additional setting (see “Enable WP Login Error” below).
It is recommended that you configure the plugin to allow users to create a password at registration. There is no need to send the user’s password via email. In fact, that capability will eventually be phased out as the Activation Link feature becomes standard in the plugin. To enable a password as part of registration, enable password (and, ideally, confirm password) in the WP-Members Fields tab.
It is recommended that you edit messaging and emails accordingly. The successful registration message should be updated in the Dialogs tab to inform the user that they will receive an email requiring them to activate their account before access. Similarly, the process will automatically include the activation link at the bottom of the new registration email. If you want to customize where the link is placed, use the [confirm_link] shortcode in the email.
Password Reset Link
This feature replaces the password reset process with a link. When the user requests a password reset, a link will be emailed to the user. When the user clicks the link to activate the password reset process, they are directed to a password change form.
The reset link expires in 6 hours, at which point the user would need to attempt another reset.
This feature is currently an option that you have to implement. In plugin version 3.4.0, it will become the standard setting and in order to use the current (legacy) process, you’ll need to deactivate the password reset link option (rather than the other way around). In plugin version 3.5.0, the current password reset process (that sends a new passwords) will be removed completely.
Additional Configuration Required
You must enable the feature setting “Enable WP Login Error.” The password reset link option uses the WP login error object for specific messaging in the form. So you need to also replace the WP-Members login error with the WP login error by enabling this additional setting (see “Enable WP Login Error” below).
It is recommended that you edit the password reset email accordingly. The process will automatically include the activation link at the bottom of the email. If you want to customize where the link is placed, use the [reset_link] shortcode in the email.
Enable WP Login Error
This feature replaces the WP-Members login error message with what is contained in the WP login error message object. The formatting of the message is still the same – the WP-Members div tag is still used. The only difference is that messaging is slightly different.
The primary reason for this change is that when WP-Members was first introduced (ages ago, back in 2005/06), there wasn’t much in the way of additional login authentication integration. But that has changed drastically. So many people now use additional authentication such as captchas, or brute force login blockers that all add custom messaging to the login error. In order to apply those in the past, you needed to implement a custom code snippet.
For the time being, this is being included as an option you can choose to not enable. As we gain feedback on the feature, I will work on setting a specific version for when the plugin will fully switch over to this feature. Tentatively, that is set for 3.4.0.
Note: if you use one or both of the response/email link processes above, you must enable the WP login error option as well. Otherwise messaging may not be accurate to the user.