Suppose that you do not want users to have instant access to the site upon a successful registration, but rather, you want to manually validate that you have legitimate user. In these types of cases, WP-Members™ allows you to moderate registrations, requiring that the user be “activated” by an administrator prior to having access.
Activating & Deactivating Users
Users can be activated individually on the User Detail page, or in bulk using the Users > All Users page.
Activating/Deactivating from Users > All Users
You can manage users from the Users > All Users screen in several ways. First, you can use the bulk action menu for both activation and deactivation of any selected users on the screen. There is also a mouse-over menu item to activate individual users. In the filter links at the top of the table, there are some options for filtering the screen to show only those users who are not activated, or users who are deactivated. This gives you an easy way to bring up all users requiring activation if you generally do activation in bulk.
Activating/Deactivating from User Profile
You can go to the individual user profile to activate or deactivate a user. When moderated registration is activate, there will be a checkbox for activating of deactivating a user at the bottom of the WP-Members fields.
If you turn this setting on, it is recommended that you also turn on “Notify Admin” which will send an email to the site administrator (set in Settings > General) upon each new registration. Notify Admin will send a notification to the address set in the WP General Settings (General > Settings). If you need this notification to go to a different address (or multiple addresses), you can filter it with the wpmem_notify_addr filter.
The default admin notification email for a new user registration will include a link to the user profile. You can change this in the Emails tab if necessary, but it gives you a good starting point for developing your preferred workflow when it comes to user activation.
User Defined Passwords
If you enable moderated registration AND you allow users to choose a password when they register (using the password field), then you will need to change the default emails that are sent to the user. If users create a password when they register, you cannot send the user their password when the account is activated. If you want to email the user their password in this configuration you need to send it in the “Registration is Moderated” email, not the “Registration is Moderated, User is Approved” which is the default. These emails can be edited in the plugin’s Emails tab.
The default message for a successful registration indicates that the registration was successful and a password will be emailed to the user. This is the “Registration completed” message in the Dialogs tab. If you switch to moderated registration, this message should be edited to reflect the fact that the user is pending approval.
If using the default of emailing a generated password, you may want this message to indicate that the password will be sent when they are approved. If users choose a password at registration, make sure you look at the above section and adjust your email messages accordingly.
Setting Up Moderated Registration When There Are Existing Users
What if you are setting up a new WP-Members install on an existing site with current users? There is no difference between an “existing” user and a “new” user – they are all simply “users.” So there isn’t a way for the plugin to know who you want to activate and who you don’t.
One particular problem, though, is that when you activate a user it will send the user a notification that they have been activated and if current settings are to send the user their initial password, their password will be set upon activation (thus changing an existing user’s password if you activate them). So how can you put all current users in an activated state without altering passwords and/or emailing the users?
There is a utility script available on the site that allows you to mass update the users for this situation. It is a copy/paste code snippet that you can drop into your theme’s functions.php file and it will provide an admin screen to set every user on the site as activated without sending the user email and without affecting their password.
Once added to functions.php, the script will add a menu item under the Tools menu – Activate All Users. Go to that screen, check the confirmation box and click submit. All users will be set to active at that point. After you complete the process you can optionally remove the code snippet.