WP注册页填写密码,设置安全验证

超简单的方法

今天要介绍的一个超级简单的方法是在一个老外的博客ThematoSoup上发现的,原文地址请看结尾参考文章中的链接。先看最终效果图

custom-register2

步骤如下:

1. 通过register_form action向注册表单添加密码、重复密码和防机器人的验证输入框,防止机器人注册的方法是要求用户填写要注册的网站的名称,这个方法很棒,比验证码方便的多。

<?php

// Add Password, Repeat Password and Are You Human fields to WordPress registration form
// https://wp.me/p1Ehkq-gn
add_action( 'register_form', 'ts_show_extra_register_fields' );
function ts_show_extra_register_fields(){
?>
    <p>
    <label for="password">Password<br/>
    <input id="password" class="input" type="password" tabindex="30" size="25" value="" name="password" />
    </label>
    </p>
    <p>
    <label for="repeat_password">Repeat password<br/>
    <input id="repeat_password" class="input" type="password" tabindex="40" size="25" value="" name="repeat_password" />
    </label>
    </p>
    <p>
    <label for="are_you_human" style="font-size:11px">Sorry, but we must check if you are human. What is the name of website you are registering for?<br/>
    <input id="are_you_human" class="input" type="text" tabindex="40" size="25" value="" name="are_you_human" />
    </label>
    </p>
<?php
}

2. 检查用户的输入,两次输入的密码是否一致,是否正确填写网站名称

// Check the form for errors

add_action( 'register_post', 'ts_check_extra_register_fields', 10, 3 );
function ts_check_extra_register_fields($login, $email, $errors) {
    if ( $_POST['password'] !== $_POST['repeat_password'] ) {
        $errors->add( 'passwords_not_matched', "<strong>ERROR</strong>: Passwords must match" );
    }
    if ( strlen( $_POST['password'] ) < 8 ) {
        $errors->add( 'password_too_short', "<strong>ERROR</strong>: Passwords must be at least eight characters long" );
    }
    if ( $_POST['are_you_human'] !== get_bloginfo( 'name' ) ) {
        $errors->add( 'not_human', "<strong>ERROR</strong>: Your name is Bot? James Bot? Check bellow the form, there's a Back to [sitename] link." );
    }
}

3. 存储用户输入的密码,如果用户没有填写密码,什么也不做,让WordPress自动生成密码。

// Storing WordPress user-selected password into database on registration

// https://wp.me/p1Ehkq-gn
add_action( 'user_register', 'ts_register_extra_fields', 100 );
function ts_register_extra_fields( $user_id ){
    $userdata = array();
    $userdata['ID'] = $user_id;
    if ( $_POST['password'] !== '' ) {
        $userdata['user_pass'] = $_POST['password'];
    }
    $new_user_id = wp_update_user( $userdata );
}

4. 最后就要处理那句不协调的“A password will be e-mailed to you”,通过gettext filter处理一下即可。

// Editing WordPress registration confirmation message

// https://wp.me/p1Ehkq-gn
add_filter( 'gettext', 'ts_edit_password_email_text' );
function ts_edit_password_email_text ( $text ) {
    if ( $text == 'A password will be e-mailed to you.' ) {
        $text = 'If you leave password fields empty one will be generated for you. Password must be at least eight characters long.';
    }
    return $text;
}

仅仅4步就完成了这个实用的功能,是不是超简单!这些代码可以放到主题的functions.php中,但不推荐这样,其实做成插件和放到functions.php中在性能上没有很大区别,但functions.php的可移植性和方便性会大打折扣,建议做成插件。

类别: Wordpress

Leave a Reply

You must be Logged in to post comment.

© 2019 脑壳晕晕. All rights reserved.