“the_author_meta(‘url’)” not working inside “href”
Try get_the_author_meta() instead of the_author_meta(). the_author_meta() echos the output, which you don’t want to do in this case.
users
Preventing user enumeration: which logic is better?
Logic #1 is checking the returned value of the preg_match function with respect to 0 and with operator ===. That means the returned value of the preg_match function has to be (int) 0 or (string) 0. And after that it is checking if $_REQUEST[‘author’] is empty or not. And in Logic #2 is checking the … Read more
How to set custom avatar for users?
We can use the get_avatar_url filter to modify the avatar’s url. If all the relevant get_avatar() calls, have user id as an input argument, then it’s easy to get the corresponding user’s meta value, with get_user_meta(), within the filter’s callback. Otherwise we need to handle all possible input cases, for get_avatar( $some_input ), as it … Read more
Hackers tried user name with wrong case [closed]
WordPress do not consider user names to be private information. It is trivial to get a user name of any one which has authored a post, and it is not very complex to get a list of active user names based on the errors displayed at the login form when using a wrong password. Regardless … Read more
How to check User Role and redirect to specific page according to Role when login in WordPress?
you can do this redirection with this filter : add_filter(“login_redirect”, function ($redirect_to, $requested_redirect_to, $user) { if ( is_a($user, “WP_User”) && user_can($user, “role_to_test”) ) { $redirect_to = home_url(“/page_slug/”); } return $redirect_to; }, 10, 3);
WordPress REST Api: update user
My REST URL was wrong – I didn’t add the userid to the url. Proper REST URL should be: /wp-json/wp/v2/users/30/ where 30 should be changed with user’s id.
WordPress Password security related questions
When admin is resetting all users password are the users getting notified about the password reset? I read that with some “Emergency password reset” plugin it is available, but is it a built in feature in WordPress or no. WordPress doesn’t have an option to reset all users passwords, so it would depend on the … Read more
Creating User Profiles using author.php
get_the_author_meta( ‘ID’ ) gets the ID of the author of the current post. If there’s no post there’s no author. Use get_queried_object_id() instead. When used on author archives (i.e. author.php) it will be the ID of the author, regardless of whether or not they have posts.
How can I prevent certain custom roles from seeing other custom roles on the user list page?
Method 1, SQL Notes about your SQL [Unknown column ‘wp_usermeta.meta_key’ in ‘where clause’] This is solved by adding this to the JOIN part of the query: JOIN wp_usermeta ON ( wp_usermeta.user_id = wp_users.ID ) You could check the value of the JOINS and, if false === strpos( ‘wp_usermeta’, $joins ), adding it yourself. When getting … Read more
Is there any action /filter hook I can use to disable login for some user role?
Yes, there is. You can use authenticate hook: add_action( ‘authenticate’ , ‘check_custom_authentication’, 20, 3 ); function check_custom_authentication ( $user, $username, $password ) { if ( is_a($user, ‘WP_User’) && in_array(‘pending’, $user->roles) ) { return new WP_Error(‘pending’, ‘Your error msg’); } }