Prevent certain users from logging in?

  • Resolved proximity2008

    (@proximity2008)


    2 weeks, 6 days ago

    I have a membership site. Non paying members are created with real emails, but bogus user names: “xx.john.doe”. It’s a simple way to identify non-paying members.
    However:
    xx.john.doe can still reset his password – and therefore log in. This is easy to prevent in standard WP: 

    add_action('password_reset', [$this, 'prevent_password_change_for_xx_users'], 10, 2);

    but TML bypasses this. I can see there are https://docs.thememylogin.com/article/87-disabling-an-action but I don’t see how to use it in this case?

Viewing 1 replies (of 1 total)
  • Thread Starter proximity2008

    (@proximity2008)

    Actually pretty straight forward once I dug into it. It’s just WordPress filters after all.

    add_filter('lostpassword_errors', [$this, 'prevent_password_change_for_xx_users'], 10, 2);

    public function lostpassword_errors($errors, WP_USER $user_data) 
    {
      if($user_data->user_login) {
        $lowercased_login = strtolower($user_data->user_login);
          if (strpos($lowercased_login, 'xx') === 0) {
            $errors->add('user_email', 'Trial members are not allowed to do this.');
          }
       }
      return $errors;
     }


Viewing 1 replies (of 1 total)
  • You must be logged in to reply to this topic.