WP-Members™ 1.x

The following information pertains to version 1.8. For information on the most recent version, go here.

[ download version 1.8 ]

About the Plugin

This plugin was developed to fill a certain need when it comes to site member databases. There are already plugins that extend the existing WordPress users table to add user customizable fields like address info, etc. There are plugins to expand on the restriction of posts to members only. Those are great plugins and if they fit the needs I had, I would not go out an reinvent the wheel.Unfortunately, none of these fit the bill for a client application that had come up, so I had to develop one from scratch. What was left over from that is being released as a plugin. What I had developed for the production site required quite a bit of customization and to release this as a useable plugin for the average joe requires making some changes, so I took the basic framework of the commercial project and built out from there. As I progress from the skeleton framework on, I think this will turn out to be a very nice and useable plugin for people that run member-based sites and newsletters.
Version History

In version 1.4 we added some significant advances in user (wp admin) customization over previous versions. The blog owner can now use up to five customizable fields that can be either text field or check box. Additionally, these can be set as required fields. Also, the majority of the fields in the registration form can be set as required or not. Some of the key fields (name, username, password, email) are set as required permanently, but the others can be toggled based on administrator preference.

Version 1.5 was an attempt to tweak v1.4 to take things to the next level and really make this function like a smooth membership driven site. Continuing to use the default theme (Kubrick) and some built-in features of WordPress (like the ‘more’ links for excerpts), we’ve been able to accomplish this task with only minor (yet backward compatible) adjustments to the wp-members functions. For each post, we will use the “split post with ‘more’ tag” feature and also set the syndication feeds to show summary (under Options > Reading). By doing this, we only need to use the wpmem functions on ‘single.php’ in the default theme (other themes may be different depending on how they utilize the loop). Archive.php, index.php, and search.php only display content above the ‘more’ tag so we get kind of a preview feature before encouraging users to register. Page.php could continue to be blocked if there were content to protect there, but for the demo, I am figuring to use that for “free” content – areas about the site and other misc stuff that we would not want to block. That way, only “premium” content requires registration.

Also in 1.5, we will simplify the function call process that needs to be on protected pages. As we worked through some features, what needed to be added to protected pages was becoming to complex for the non-php users. So I added a function, wpmem_securify, and use that to handle getting the login status and displying the logout link. Additionally, the logout link was broken out to a seperate include to allow users to easily customize in terms of text or style.

At this point, I realized we hadn’t considered the issue of users on systems that do not buffer output. Because plugin did all of its work after the headers were written, this caused an error for non-buffered output. (Thanks to JP for pointing this out and assisting in the fix.) I made some changes to run the wpmem() function prior to header output, then handle the results just prior to the loop. This gives the ability to write the cookies necessary for login while doing the output within the theme. All of this was part of 1.6.

Verion 1.6.1 fixed a few issues that slipped by the previous cleanups and should provide a reasonable stable product with, as far as I have been able to assertain, everything working as it should. Also, I noticed some things in the readme file that needed updating, most specifically the misconception that this plugin still requires changes to core WordPress files – this is no longer the case. We eliminated the need for that several revisions ago. We wanted to get out of that situation as quickly as possible so that a WP upgrade would not have as big of an effect on the plugin.

Version 1.7 contains a bug fix for those that run on a php installation that does not automatically buffer the page output. If you don’t know what this means, don’t worry about it, the fix corrects it. 1.7 also adds a feature that we intended earlier – emailing a password reminder. If the user forgot their password, they can have their login info emailed to the email they registered with.

I wanted to keep this plugin fairly customizable so that users could get it to blend in to their site’s look and feel without too much effort (or knowing php). As a result, I had been putting this content in seperate, easy to find, include files. As of 1.7, this became a fairly decent size chunk of stuff and I felt that this may lead people to believe that installing and using this plugin is might be difficult. So in 1.8, I set out to eliminate these files. This has been changed to one single file and each former file (and output) has been changed to a function. It still should be easy to edit, if the user needs to change the look. I tried to keep this well commented as well so the user would know what can be changed and what cannot.


The plugin can block the entire WordPress loop from being viewed. It can also block the feeds (rss, atom, etc) from producing the full post content. If you block the feeds, they will just give a members only message in place of the post content, but will still deliver the title, etc. Alternatively, you can change the feed settings to show previews only, bringing the user back to the post page requiring a login to view the entire post.

The block consists of primarily a login form and a registration form. Upon successful registration, the user is automatically logged in. I will be adding different ways of controlling this, such as free trials, date based expiration, paypal integration, etc. in future versions. Also, two features I will probably add are the ability for the admin to have to approve all trials before they can actually login and an email confirmation link that needs to be clicked to confirm.

The registration form, login form, and message displays are broken out into seperate files to facilitate easy customization by the blog owner. These are stored in the /wp-members/ directory and allow for the owner to provide a seamless user experience with their WordPress theme.

On the admin side, there are currently features to list all users, sort the list by last name, email, etc., search for users by email, last name, etc, add new users, edit current users, and, of course, delete users. Additionally, the admin has an array of customizable features allowing for user defined fields, what fields are required fields, and some other customizations. All of the “members” and member data are stored in seperate tables from the WP users tables.
While I’ve tried to keep this plugin as easy to install as possible, there are some modifications necessary in, at minimum, your themes files and also your feed files. This is due to the need to keep WordPress from displaying the loop if the user is not logged in. If you desire, you can have non-member restricted pages by using wordpress pages and not blocking those. In a future version, I intend to add the ability to block the loop based on categories so that some could be restricted and others open.
Before you begin:

It is important to note that this plugin adds tables to your WordPress database. (If you are not using the summary only feature for the feeds, you will need to make changes to the WordPress feed files as well.)

  • Backup your site and your database before installing and using this plugin

Included files:

  • /wp-content/plugins/wp-members.php
  • /wp-content/plugins/wp-members-admin.php
  • /wp-content/plugins/wp-members-inc.php (customizable output for the plugin)
  • /wp-content/themes/default/single.php (a sample of how to secure the loop using the kubrick default theme. Probably a good idea to back up your original file first.)


Installation instructions and examples are provided in the included readme file.

Custom Fields and Settings

The plugin allows some user defined customization through the wp-admin panel by selecting “plugin settings” from the Users > Members > Manage Site Members menu. The following customizations are available:

Split Name

  • This splits the name field into First Name/Last Name if set to “yes”, or uses a single Name field if set to “no”. If using the single name field, field contents are put into LName in the database.
  • Default setting on install is “yes”

In addition to the above, there are also 5 user defined fields that may be used. You may use all five or none or anything in between. With each field, you have the choice of a text box field or a check box field. In the default installation of the plugin, we have provided you with an example. There will be a check box that allows the user to sign up for a free email newsletter if checked. The checked value (stored in the database) is “yes”. Feel free to change this, delete it, or whatever – it is provided as an example for you.

Several fields, including the user defined fields, can be set as required or not. This means that if the user leaves the field empty, they will receive an error message informing them that they missed a required field. To require a field, set this option to “yes”. If a field is required, a red asterisk will be displayed next to the field name, indicating it is required.

Default (Kubrick) Theme Changes

If you are going to protect everything in the blog, you need to make the appropriate changes to each of the following files:

  • index.php
  • page.php
  • archive.php
  • search.php
  • single.php

If you are using ‘more’ tags, you only need to protect ‘single.php’ as all of the other files will only display content above the ‘more’ tag, thus directing the user to the full post displayed by single.php. This is how things are running on the demo site (view it here).

The necessary alterations have been made to single.php and, if you use the WordPress default theme, you can use this to run the WP Members Plugin out-of-the-box. If you use another theme, tinkering with these will give you a working example of how to use the plugin to protect the loop.
Core WordPress Changes (Optional)

  • wp-atom.php
  • wp-rdf.php
  • wp-rss.php
  • wp-rss2.php

Since this involves modifying core wordpress files, we’ve decided not to include the changes with the install so that they are not inadvertently overwritten. To protect the loop in the feeds, the required changes are outlined in the installation procedures above. However, this only needs to be done if you are using full content delivery in the feed. If you set Options > Reading > Syndication Feeds to show only summary text, you do not need to make any changes to these files.

  • wp-members-inc.php

This file each contains functions that produce HTML output for the plugin that you can customize to fit your theme or site look & feel. However, unless you know php and are making changes to the core of the plugin, it is recommended that you only make changes to the HTML portions of the file. It is recommended that you NOT make any changes to the php portions (i.e. variables, function names, etc) or the plugin could cease to function correctly. [The exception to this is wpmem_inc_regmessage() where you will need to customize the output text within the php, but I've put comments in there to help you through it.]

Also, unless you are certain that your WYSIWYG editor does not make any changes to the code sections of a file, it is recommended that any changes made be done in a text editor.

If you are upgrading from version 1.0 to 1.4 or higher, you will need to use the wp-members-upgrade.php. Install this file in your WordPress root folder, then run the script from your browser (http://www.yourdomain.com/yourwordpressroot/wp-members-upgrade.php). Upon successful upgrade, it will indicate such in your browser. Be certain to delete this file when you are finished with the upgrade.