RocketGeek

Home of WP-Members, The Original WordPress Membership Plugin

Home » Search for "short code"

Search Results for: short code

Login form honey pot

· ·

We’ve discussed building a honey pot for the registration form to prevent spam signups by bots. But what about the login form?  With WordPress being so much more ubiquitous across the Internet today, there are many more attempts to hack and exploit it.  Many of these attempts are automated by bots.

Whether the login attempt comes from a bot or a human, the most common attempt for an exploit is to use the username “admin”.  WordPress used to install the default admin account with the username “admin”.   Fortunately, it no longer does this so you don’t have to delete the account to create a more secure admin account.  But unfortunately, a great many people still create admin accounts with “admin” as the username.

An ounce of prevention is worth a pound of cure, so your best initial defense is to not have obvious usernames for administrative users.  But a good second line of defense is to create a honey pot for the login form.  

Continue Reading →

wpmem_email_filter

Description

Filters the email and some of the email settings.

Parameters

$email
(array) (required) An array of information for the email process:

  • subj – the email subject
  • body – the email body/content
  • tag- what email is being sent (newreg|newmod|appmod|repass|getuser)
  • toggle – deprecated in 3.2 – use tag instead
  • user_id – the user’s ID
  • user_login – the user’s username
  • user_email – the user’s email address
  • blogname – the name of the blog (get_option ( ‘blogname’ ))
  • exp_type – the user’s subscription type (PayPal Extension Only)
  • exp_date – the user’s expiration date (PayPal Extension Only)
  • wpmem_msurl – the URL of the User Profile shortcode page, if set
  • reg_link – the URL of the page the user registered on
  • do_shortcodes – true|false boolean to enable the WP-Members email shortcodes (default: true)
  • add_footer – true|false boolean to enable adding the footer to the email (default: true)
  • footer – the default footer (3.1 and higher only)
  • disable – true|false boolean to disable sending the email (default: false)
  • headers – the email headers

$wpmem_fields
(array) (optional) The WP-Members fields array.

$field_data
(array)(optional) An array of the registration data.

Usage

This example runs a filter that will output the contents of the $arr, $wpmem_fields, and $fields_data arrays and send them to you in the new registration email. This is just an example to show you what data is available in the filter.

/**
 * While this may seem a little complex as an example, it
 * is intended to give you an idea of the values that are
 * passed to this filter.  Since some of the data pieces
 * are dependent on the custom fields you have created
 * in your installation, the values may differ from
 * site to site based on your settings.
 *
 * What this example does is take the three arrays that come
 * through the filter (one required, two optional), puts the 
 * data in those arrays into a readable format, and replaces
 * the default email body with the values in these arrays.
 *
 * If you test register with this filter in place, you should
 * receive an email containing the values in these arrays
 * when you completed the registration - that will give you an
 * idea of what data is available to you to be used in
 * your own filter functions.
 */
add_filter( 'wpmem_email_filter', 'my_email_filter', 10, 3 );
function my_email_filter( $email, $wpmem_fields, $field_data ){

    /*
     * Use some of the settings in $email to turn off some
     * things we don't need for this:
     * * do_shortcodes = false (otherwise when display the
     *   keys for the last array, the key values would be
     *   parsed by the shortcode parser.
     * * add_footer = false (we don't need it for the 
     *   example; besides, this is a good example of
     *   toggleing one of the settings.
     */
    $email['do_shortcodes'] = false;
    $email['add_footer']    = false;

    // Give our email a new subject.
    $email['subj'] = 'Test Registration Email (arrays)';
    
    // Start with an empty variable for our new body content.
    $body = '';
    
    /*
     * This parses through the main $arr array and puts the contents
     * into a format for reading in the resulting email.
     */
    $body .= 'MAIN $arr CONTAINS THE FOLLOWING: ' . "\r\n\r\n";
    foreach ( $email as $key => $val ) {
        $body .= '[' . $key . '] => ' . $val . "\r\n";
    }
    
    /*
     * This parses through the contents of the $wpmem_fields array 
     * and adds this content to the email body. Each of the values
     * is also an array, so this loops though those as well.
     *
     * Note that this array is passed optionally to the filter. It
     * is only there to provide possible data you may want to have 
     * when filtering the main email array $arr.
     */
    $body .= "\r\n\r\n" 
        . 'WP-Members FIELDS $wpmem_fields CONTAINS THE FOLLOWING: ' 
        . "\r\n\r\n";
    foreach ( $wpmem_fields as $key => $val ) {
        $body .= '[' . $key . '] => array(' . "\r\n";
        foreach ( $val as $sub_key => $sub_val ) {
            $body .= "\t" . '[' . $sub_key . '] => ' . $sub_val . "\r\n";
        }
        $body .= ')' . "\r\n";
    }
    
    /*
     * This parses through the contents of the $field_data array 
     * and adds it to the new email body in a readable way.
     *
     * Note that this array is passed optionally to the filter. It
     * is only there to provide possible data you may want to have 
     * when filtering the main email array $arr.  This example tests
     * to see if this a new registration email and only adds this
     * if it is.
     */
    if ( 'newreg' == $email['tag'] ) {
        $body .= "\r\n\r\n" 
            . 'FIELD DATA ARRAY $field_data CONTAINS THE FOLLOWING: ' 
            . "\r\n\r\n";
        foreach ( $field_data as $key => $val ) {
            $body.= '[' . $key . '] => ' . $val . "\r\n";
        }
    }
    
    // Make the body of the email our new body that we just built out of all the arrays.
    $email['body'] = $body;
    

    // Return our filtered results.
    return $email;
}

This example disables any specified emails (by tag):

/**
 * This example allows you to disable any of the WP-Members
 * emails to users (for admin emails, use wpmem_notify_filter).
 * Just update the settings array according to the emails you 
 * want to disable.
 */
 add_filter( 'wpmem_email_filter', function( $email, $wpmem_fields, $field_data ) {
    
    // Set what emails will be disabled. Example array includes
    // all possibilities, remove unnecessary tags.
    $settings = array(
        'newreg',    // new registration (non-moderated)
        'newmod',    // new registration (moderated)
        'appmod',    // user approved (moderated)
        'repass',    // password reset
        'getuser',   // forgot username
    );
    
    // Check which email is being sent ($arr['tag']). If it is in
    // the $settings array, disable it.
    if ( in_array( $email['tag'], $settings ) ) {
        $email['disable'] = true;
    }
    
    return $email;
 
 }, 10, 3 );

Changelog

Introduced in version 2.9.7

toggle replaced with tag in 3.2.0

Source

wpmem_email_filter is located in includes/class-wp-members-email.php.

Ready to get started?

Join Today!