pao2

6.0.7 works fine, but 6.1.x caused critical error.

PHP 7.4.3

WP 6.2

6.1.0 also the same error. This morning Wordfence found vulnerability in ACF, so i did the update, then all this happened. I’m currently downloading 6.0.7.

https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/advanced-custom-fields/advanced-custom-fields-607-authenticated-contributor-php-object-injection

WP Version 6.2

PHP 8

Hmm okay, i didn’t realise. Now though, how do you suppress the WP_Error message and the “authentication error” page before redirecting, cause you know, it’s actually a successful registration?

Update:

Used wp_login_failed to check for the error key passed by WP_Error earlier, and do a redirect accordingly if the key exists. So we won’t need nsl_disabled_login_redirect_url in this case.

Thank you @laszloszalvak

I always delete the user after registering so pretty sure the email would no longer be registered each time. Tried it again, no avail.

The hook nsl_register_new_user itself was called no problem, i tried doing wp_update_user() in it just before the authenticate bit, and it worked.

Now for the authenticate filter, doesn’t seem to do anything, even with priorities of 5, 10, and 99.

Anyway, here’s how my settings look https://drive.google.com/file/d/1G6UzRkADZc7NFg13e680Dp5llOT33Wcu/view?usp=sharing

Nevermind, what i did instead:

Use {provider_id}_register_redirect_url to set a redirect url to a page (in my case the login page) where i would do this inside the template_redirect hook:

wp_destroy_current_session();
wp_clear_auth_cookie();
wp_set_current_user(0);

Not ideal, but it worked i think.

Still not preventing the login after using the code above, authenticate or wp_authenticate_user, even after setting up the redirection url in nsl_disabled_login_redirect_url. Did i miss anything?

Thank you, for the first point i want the user to be able to login using Social login but i only want to prevent auto login when the user first registers, so after the authentication the user won’t be logged in automatically and is redirected to somewhere else instead.

By glancing at the code we know that the shouldAutoLogin flag should prevent that if set to false, but as you said it’s protected and i couldn’t see any hook that could modify that value, so is there any alternative to achieve that?

While we’re at it, at which point can we add user_nicename before the user is created? It’s not by simply adding ‘user_nicename‘ to $userData is it? as your field names do not map directly to wp_insert_user‘s fields.

Thank you, turns out i have to lower the priority before it takes effect.

Okay, how do we make sure the login/registration flow is uniform between Social and manual method? Is this even possible?

Ideally we would like to present user with the form/social button, and then ask a custom field if they are registering.

Do we need to create new pages to accommodate that kind of flow and make them uniform? /login, /register, /reset for example? If so, can we use ACF instead of writing a new custom field in the nsl_registration_form_start hook?

I found this from a year ago. I don’t have Gutenberg installed.

Thanks, WordPress really doesn’t make some features easier to make sense of.

What is the scope of this plugin? Does it affect the editor’s embed functionality? or are those two different set of unrelated features?

/wp-content/plugins/learnpress/assets/src/css/vendor/jquery-ui/jquery-ui.min.css?ver=4.1.3.1
/wp-content/plugins/learnpress/assets/src/css/vendor/jquery-ui-timepicker-addon.css?ver=4.1.3.1

They are loaded on non-Learnpress pages on the Admin area, e.g. other plugin’s pages.

Please make it to only load on Learnpress related pages.

• This reply was modified 3 years, 2 months ago by pao2.

Ah, well. Thanks anyway.