Suppose that you do not want users to have instant access to the site upon a successful registration, but rather, you want to manually validate that you have legitimate user. In these types of cases, WP-Members™ allows you to moderate registrations, requiring that the user be “activated” by an administrator prior to having access.
Users can be activated individually on the User Detail page, or in bulk using the Users > All Users page.
If you turn this setting on, it is recommended that you also turn on “Notify Admin” which will send an email to the site administrator (set in Settings > General) upon each new registration. Notify Admin will send a notification to the address set in the WP General Settings (General > Settings). If you need this notification to go to a different address (or multiple addresses), you can filter it with the wpmem_notify_addr filter.
User Defined Passwords
If you enable moderated registration AND you allow users to choose a password when they register (using the password field), then you will need to change the default emails that are sent to the user. If users create a password when they register, you cannot send the user their password when the account is activated. If you want to email the user their password in this configuration you need to send it in the “Registration is Moderated” email, not the “Registration is Moderated, User is Approved” which is the default.
The default message for a successful registration indicates that the registration was successful and a password will be emailed to the user. This is the “Registration completed” message in the Dialogs tab. If you switch to moderated registration, you will most certainly want to update this message to reflect the fact that the user is pending approval.
If using the default of generating a password, you may want this message to indicate that the password will be sent when they are approved. If users choose a password at registration, make sure you look at the above section and adjust your email messages accordingly.
Setting Up Moderated Registration When There Are Existing Users
One issue that comes up from time to time is how to handle implementing moderated registration on an existing site with current users. There is no difference between an “existing” user and a “new” user – they are all simply “users.” So there isn’t a way for the plugin to know who you want to activate and who you don’t.
One particular problem, though, is that when you activate a user it will send the user a notification that they have been activated and if current settings are to send the user their initial password, their password will be set upon activation (thus changing an existing user’s password if you activate them).
There is a utility script available on the site that allows you to mass update the users for this situation. It is a copy/paste code snippet that you can drop into your theme’s functions.php file and it will give you an admin screen to set every user on the site as activated without sending the user email and without affecting their password.
Once added to functions.php, the script will add a menu item under the Tools menu – Activate All Users. Go to that screen, check the confirmation box and click submit. All users will be set to active at that point. After you complete the process you can optionally remove the code snippet.