Front End Login WordPress Plugin – Model View Controller (MVC) – Tutorial – Part Two
Registration
The scenario of registration is this: a user fills in a form, selects a username and provides an email address. Assuming neither corresponds to a currently registered user, the user is registered with her selected username, and an email with the initial password is sent.
View
We will use the shortcode “ferl_register_form“. The development parallels what we have done before. After registering the shortcode, we create the register_form() and register_form_view() methods. Of course we also make a “Register” page to host the shortcode.
private function add_shortcodes() {
add_shortcode('ferl_login_form', array( $this,'login_form' ) );
add_shortcode('ferl_password_form', array( $this,'password_form' ) );
add_shortcode('ferl_request_password_reset_form', array( $this,'request_password_reset_form' ) );
add_shortcode('ferl_reset_password_form', array( $this,'reset_password_form' ) );
add_shortcode('ferl_register_form', array( $this,'register_form' ) );
}
(...)
public function register_form() {
$this->load_css = true;
$output = '';
if(!is_user_logged_in()) {
// check to make sure user registration is enabled
$registration_enabled = get_option('users_can_register');
// only show the registration form if allowed
if($registration_enabled) {
$output = $this->register_form_view();
} else {
$output = __('User registration is not enabled');
}
} else {
// could show some logged in user info here
$current_user = wp_get_current_user();
$output = $this->logout_form_view($current_user);
}
return $output;
}
(...)
private function register_form_view() {
ob_start();
// show any error messages after form submission
$this->show_error_messages();
$this->show_info_messages();
?>
<form id="ferl_registration_form" class="ferl_form" action="" method="POST">
<fieldset>
<p>
<label for="ferl_username"><?php _e('Desired username'); ?></label>
<input name="ferl_username" id="ferl_username"
class="required" type="text"
value="<?= $this->model->get_username() ?>" />
</p>
<p>
<label for="ferl_email"><?php _e('Your e-mail'); ?></label>
<input name="ferl_email" id="ferl_email"
class="required" type="text"
value="<?= $this->model->get_email(0) ?>" />
</p>
<p>
<label for="ferl_email1"><?php _e('Your e-mail *repeat'); ?></label>
<input name="ferl_email1" id="ferl_email1"
class="required" type="text"
value="<?= $this->model->get_email(1) ?>" />
</p>
<p>
<input type="hidden" name="ferl_action" value="register" />
<input type="hidden" name="ferl_register_nonce" value="<?php echo wp_create_nonce('ferl-register-nonce'); ?>"/>
<input type="submit" value="<?php _e('Register Your Account'); ?>" name="submit" />
</p>
</fieldset>
</form>
<?php
return ob_get_clean();
}
The form looks like this:
Register Form
Controller
The Controller looks for the “ferl_action”, and calls the appropriate method in the Model. We add a case statement for the “register” action, which hands off to the Model register_user method..
case "register": add_action( 'init', array( $this->model, 'register_user' ) ); break;
Model
The Model takes care of making sure the selected username and email address are valid. If they are, the user is registered and a random password is generated which is then emailed to the new user.
public function register_user() {
if(isset($this->post_array['ferl_username']) && wp_verify_nonce($this->post_array['ferl_register_nonce'], 'ferl-register-nonce') ) {
$username = $this->post_array["ferl_username"];
$email = $this->post_array["ferl_email"];
$email1 = $this->post_array["ferl_email1"];
$this->email= $email;
$this->email1= $email1;
// validate username
if(trim($username) == '') {
// empty username
$this->wp_error->add('username_empty', __('Please enter a username'));
} else {
if ( ! $this->is_valid_username($username) ) {
$this->wp_error->add('username_invalid', __('Invalid username'));
} else {
if(username_exists($username)) {
// Username already registered
$this->wp_error->add('username_unavailable', __('Username already taken'));
}
}
}
// validate email
if(trim($email) == '') {
// empty email
$this->wp_error->add('email_empty', __('Please enter an email address'));
} else {
// email fields not the same
if ( $email != $email1 ) {
$this->wp_error->add('email_fields_unequal', __('Please enter the same email address twice'));
} else {
if ( ! is_email($email) ) { // uses the WP is_email function
$this->wp_error->add('email_invalid', __('Please enter a valid email address'));
}
}
}
// retrieve all error messages
$errors = $this->wp_error->get_error_messages();
// only create the user in if there are no errors
if(empty($errors)) {
$new_password = wp_generate_password(12, false, false);
$new_user_record = array(
'user_login' => $username,
'user_pass' => $new_password,
'user_registered' => date('Y-m-d H:i:s'),
'role' => 'subscriber'
);
$new_user_id = wp_insert_user($new_user_record);
// if it is NOT a number .. something went very wrong
if (! is_numeric($new_user_id) ) {
var_dump($new_user_id); echo "<br />";
die('Fatal error in user registration. <a href="'.site_url().'">Please contact us.</a>');
} else {
// update the email (this allows for duplicate email addresses
$new_user_id = wp_update_user( array('ID' => $new_user_id, 'user_email' => $email) );
}
if (! is_numeric($new_user_id) ) {
var_dump($new_user_id); echo "<br />";
die('Fatal error in user registration (2). <a href="'.site_url().'">Please contact us.</a>');
}
if($new_user_id) {
wp_new_user_notification($new_user_id);
/* send an email to the newly registered user */
$to = $email;
$body = "..";
$body .= "\nHello ".$username." !";
$body .= "\n\nWelcome to the \"".get_bloginfo('name')."\" website and thank you for registering";
$body .= "\n\nYour username is ".$new_user_record['user_login']."\n";
$body .= "\nYour new password is ".$new_user_record['user_pass']."\n";
$body .= "\nPlease Sign In to your account with your Username and the Password provided.";
$body .= "\n".site_url()."/sign-in ";
$body .= "\n\nAfter you are signed in, change your password :) ";
$body .= "\n\nDo not reply to this message as replies are not monitored.";
$body .= "\n\n";
wp_mail($to, "[".get_bloginfo( 'name' )."] Thank you for registering ".$username,$body);
/* send the newly created user to the Sign In after registration */
wp_redirect(site_url().'/email-message-sent'); exit;
}
}
}
}
Note that we also added some validation methods to the Model.
private function is_valid_username( $un ) {
$un_chars = array('.', '-', '_');
$valid = true;
$valid = $valid && ctype_alpha( substr($un,0,1) );
$valid = $valid && (strlen( $un ) >= 4);
$valid = $valid && $this->is_valid_string( $un, $un_chars );
return $valid;
}
private function is_valid_string ($s, $chars = array() ) {
return ctype_alnum( str_replace($chars, '', $s) );
}
The registration email looks like this (click on the image)
Registration email
Some final comments on the next page.