WP-Members™ new feature release

I am very excited to announce an upgrade to the ever-popular (and FREE!) WP-Members™ plugin. This is tentatively going to be the 2.3.3 release, although depending on how much gets completed, it may push us to call this 2.4.

Update 11/12/2010: As a new feature release, I am releasing this as 2.4.  The beta version is now available at http://wordpress.org/extend/plugins/wp-members/download/.  Just download the zip of 2.4.  This tag will remain as any updates are made to the beta, so you’ll always have the most recent release.

First, some bug fixes

Since the 2.3.2 release, there haven’t been too many bugs, which is good. 2.3.2 was a bug fix release itself and it is always a little embarrassing to have a new bug come out with the bug fix release. However, some unnoticed (and pre-2.3.2) bugs have become apparent and will be corrected in this release.  The most notable are the non-widget sidebar function and the stripslashes admin bug.  Both of these have current (and easy fixes), but they are fully corrected in the upcoming release.

If anyone notices any other bugs, be sure to let me know soon so we can attempt to get fixes in prior to this release.

And, some new features

One of the most requests (and the most needed) new features for the plugin is CAPTCHA support.  If you do not know what CAPTCHA is, it makes things difficult for automated/computerized processes to utilize the forms on your website/blog.  The Official CAPTCHA Site has some good information on this.  In our case, we want to prevent automated signups full of spam.  So I have added a new option of placing a CAPTCHA in the registration form.

There were many possibilities in going down this road.  There are a number of WP plugins that provide CAPTCHA for comments, contact, etc.  I had considered the possibility of leveraging one or more of those.  But that brought in a slew of potential landmines when compatibility is considered as well as future upgrades and how to pick one over the other.  So I chose to go with what I consider to be the standard: reCAPTCHA.  The reCAPTCHA project was chosen for a number of reasons:

  1. It is a project of Carnagie Mellon University, where the concept of CAPTCHA was introduced.
  2. It is now a project of  Google Labs / Google Code.
  3. It helps with the digitization of books.
  4. It is FREE!

It is also widely used, so (a) it will not be foreign to a number of your users and (2) if you are already using reCAPTCHA, it should integrate with your existing site.

There are unforeseen pitfalls in any new feature release and this is no exception.  While I have tried to build this with compatibility in mind, there could be potential collisions if you are using an existing plugin such as the WP-reCAPTCHA plugin.  I tried to consider how other processes utilized reCAPTCHA and tried to keep this (a) restricted to WP-Members™ and (b) built in a way that it shouldn’t interfere with other instances of reCAPTCHA in the site.  It holds its own settings for the reCAPTCHA keys and calls its own library.  Please note: if you are already using reCAPTCHA in other areas of your site, even though I’ve tried to make this compatible, there could be potential problems I haven’t noticed.

Another new process is the addition of localization.  I had been working diligently toward full localization support earlier in development, but somewhere along the way I introduced a slew of new features (essentially when the admin panel was introduced) with the intention of coming back to clean it up later.  Well… I never did.  Until now.

While I am not going to say that this release will have full support, I have diligently gone through and tried to make sure that we are ready to flip the switch.  From this release I will release a thorough POT file for anyone interested in translating.  For those of you that need foreign language support, there is already a list of potential translators that have come to me so we should have support in the future for quite a few languages.

Two other features that I want to get done, but may have to be put off are:

  • Bulk Registration Moderation
  • Bulk User Export

I’m trying to get those done for this release, but there’s quite a bit of work yet on already growing admin panel.

As always, if you have feature requests, feel free to let me know.  Just keep in mind that requesting doesn’t equal immediate implementation.

  • http:/tibsbits.nl/ Tibor

    Hi Chad,

    I may have found a bug in version 2.3.2: I found that if a user chooses a username with spaces, it is saved with the spaces still there. As far as I have tried this in the WP backend, the usernames were saved without the spaces, which I guess makes sense, since the author url will not work with spaces in it.

    It did surprise me , since I noticed the plugin is using WP’s registration-functions.php, so I thought it would handle the username field the same way. I solved this by adding:

    $username = str_replace(' ', '', $username);

    in wp-members-registration.php, before the insertion takes place (around line 78).

    Furthermore I wanted the display_name to be automaticaly set like “first_name last_name”, which I solved by adding this the following line there too:

    $display_name = ($wpmem_fieldval_arr[0] . ' ' . $wpmem_fieldval_arr[1]);

    and then edit the last value of the insertion variables to $display_name. I think this could be a nice option to include with the plugin option settings.

    Anyways; thanks for the great plugin. Although I needed to hack my way into it tomake it work the way I wanted, it has turned out very useful!

    • http://butlerblog.com Chad

      Hi Tibor! Thanks for the comments.

      Actually, I believe that the WP registration process makes allowances for spaces in usernames. I am aware of some sites that actually use that, but I did some checking and that does seem to be the case.

      Certainly if you want to avoid this, you can implement a workaround (as you pointed out). I would caution that this might lead to some frustration if a user isn’t aware that the space has been stripped out.

      As far as the display name, there are a number of options and actually, the way the plugin is set up is a legacy issue from some specific user needs. I’ve wanted to work on a better process for this, but haven’t focused on it at all, as the bigger features (like CAPTCHA, user export, bulk import, PayPal, etc) have been more pressing.

      After I get the 2.4 release out, I will start to implement a more supported process for minor hacks such as what you outlined. I think it’s important to have a process in place so that if you make minor hacks to the plugin core, you aren’t forced to do a lot of rewriting when you upgrade. Essentially, you can pre-load a customization file at the beginning of the plugin file. Then you can either remove or override any functions that are changed. Keep good notes and upgrading will be much smoother. As I said, I’ll be writing much more indepth on how to do it after I get done with the 2.4 production version.

      Thanks for pointing out the link issue on the beta release! It should be fixed now. If anyone goes to download the beta, be sure to select the 2.4 release link and not “development version.”

      Also, did you offer to work on an NL translation file? I need to get a few more things done on the 2.4 beta and I should have a good POT file to work from after that.


  • http:/tibsbits.nl/ Tibor

    BTW: your link to the WP plugin directory is not working.

  • http:/tibsbits.nl/ Tibor

    Thx Chad. The pre-load customisation seems a very good idea; I have now commented the additions that I did. I have also changed the install file a bit to make it suit my needs (translation, amongst others); wondering how compatible that will be with future updates too…I’ll make sure to compare & test before upgrading ;-)

    As far as the space in the username; I tried it on a multi site installation, in which the registration from the backend seems slightly different then on a vanilla install, but there the space wasn’t saved. I totally agree to the user-frustration this might cause though, so I guess it would be a good idea to put an extra instruction below the username field om the form.

    With a space in the username, the author url didn’t work either; there just did not seem to be any url for that user. I tested all variants (with %20, without, one word etc.).

    Last but not least: I’d be more then happy to help you out with the NL translation (yes, it was me who offered that on the WP forums).


  • http://www.lidpluss.com/ Pavel

    Hello Chad, thanks for great wp plugin, and i have a question, is it possible to do auto login after registration?

  • http://butlerblog.com Chad

    Hi Pavel,

    Thanks for the comments. Yes, that would be possible, but you would need to make changes to the code. It is important to note that anytime you do that, you put yourself in the position of (a) being unable to upgrade without wiping out your changes and/or (b) needing to keep careful notes so you can re-do a hack/mod in the event of an upgrade. (I am going to be writing some information on how to best do this with a special customization file after I finish the full 2.4 release, but there is no date set on that yet…)

    You would need to implement the WP login process found in wp-members-core.php (function wpmem_login). You can dispense with collecting most of the variables, especially the username and password since you would already have that info.

    On successful registration, you will find yourself in wp-members-register.php, in the function wpmem_registration, at the end of the register case. Look for the // successful registration message $wpmem_regchk = “success”;. You could get rid of this line and replace it with your modified login process (or firing of a login function).

  • http://www.pavelbuiko.co.uk/ Pavel

    Hello Chad,

    Thanks for your help, my problem is solved.

    I have replaced:
    $wpmem_regchk = “success”;

    global $wpdb, $wpmem_regchk;

    $redirect_to = $_POST['redirect_to'];
    if (!$redirect_to) {
    $redirect_to = $_SERVER['PHP_SELF'];

    // we are reusing WP’s own login scripts here. there is a reason for this…

    $user_login = stripslashes($user->user_login);
    $user_pass = $password;
    $rememberme = $_POST['rememberme'];

    //do_action(‘wp_authenticate’, array(&$user_login, &$user_pass));

    if ( $user_login && $user_pass ) {
    //$user = new WP_User(0, $user_login);

    if ( wp_login($user_login, $user_pass, $using_cookie) ) {
    if ( !$using_cookie )
    wp_setcookie($user_login, $user_pass, false, ”, ”, $rememberme);
    //do_action(‘wp_login’, $user_login);
    } else {
    $wpmem_regchk = “loginfailed”;

    } else {
    //login failed
    $wpmem_regchk = “loginfailed”;

    Thank You
    Pavel Buiko