Code for checking and blocking LDAP users to reset password. /** * Checks whether a user is LDAP user and restricts to reset password. * * @param bool $allow Whether the password can be reset. * @param int $user_id The ID of the user. * @return bool|WP_Error */ function ldap_restrict_password_reset( $allow, $user_id ) { $user … Read more
This should do what you want: add_filter(‘save_post’, ‘wpse_135377_protect_post’); function wpse_135377_protect_post($post_ID) { if (in_array( ‘protected_category’, wp_get_post_categories($post_ID, array(‘fields’ => ‘slugs’)) )) { // we have to remove the function // as it will be called by `wp_update_post` (=> infinite loop) remove_filter(‘save_post’, ‘wpse_135377_protect_post’); wp_update_post(array( ‘ID’ => $post_ID, ‘post_password’ => ‘123123’, )); // now we add it again add_filter(‘save_post’, … Read more
When logging into WordPress with a user account, WordPress checks your credentials against those stored in the database. If they are correct, it then sets a session variable in your browser and you are able to view all areas that check against this session variable to gain access to. Sessions are set on a per … Read more
You should probably add in more checks, but this should get you started. function change_pw_text($content) { // Just to save processing other pages. if ( !is_page(‘page-slug-one’) && !is_page(‘page-slug-two’) ) return $content; $find = ‘This post is password protected. To view it please enter your password below:’; if ( is_page(‘page-slug-one’) ) $replace=”Hint: Tell our system to … Read more
Why in the first place you created custom tables? There is wp_usermeta table for storing any kind of extra data to build custom user profiles with extra fields. Also you can hook into native WP login process and allow logging in with email. What method of logging in you are using? Checking if user is … Read more
What I would do is this: Since wp_hash_password() is a “pluggable” function, create a simple plugin or MU-Plugin and define a function called wp_hash_password() in that plugin/mu-plugin. WordPress will use your function instead of the core function. Just copy the original code into your plugin/mu-plugin and change the one relevant line.
I just found the answer: www.example.com/wp-login.php?redirect_to=url?action=rp&key=XXXXX&login=XXX contains the fragment ?redirect_to=url. Some plugin you have installed seems to add this using wp_login_url(‘url’);, which results in an incorrect formatting of the url. Used with wp_login_url() your problems should be fixed.
You can either use a powerful plugin such as Multisite Privacy by WPMUDEV, or you can use the following code which I developed for a project of my own. To use this code, either create a plugin with it that you only activate on the site to protect, or if that sounds too difficult, you … Read more
So here’s what we’re trying to do: IF A user logs in and is of a specific role ( Subscriber ) then redirect them to a specific page. IF A user tries to reach the admin panel, redirect them to a specific page. We’re going to use 3 hooks for the above problems: login_redirect – … Read more
The post password cookie is set with: setcookie( ‘wp-postpass_’ . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST[‘post_password’] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure ); in the wp-login.php file. We can then use the clear_auth_cookie hook, in the wp_clear_auth_cookie() function, to clear it on logout: /** * Clear the Post Password Cookie on logout. * * @link http://wordpress.stackexchange.com/a/198890/26350 */ … Read more