Front End Login WordPress Plugin – Model View Controller (MVC) – Tutorial – Part Two
Registration
The scenario of registration is this: a user fills in a form, selects a username and provides an email address. Assuming neither corresponds to a currently registered user, the user is registered with her selected username, and an email with the initial password is sent.
View
We will use the shortcode “ferl_register_form“. The development parallels what we have done before. After registering the shortcode, we create the register_form() and register_form_view() methods. Of course we also make a “Register” page to host the shortcode.
private function add_shortcodes() { add_shortcode('ferl_login_form', array( $this,'login_form' ) ); add_shortcode('ferl_password_form', array( $this,'password_form' ) ); add_shortcode('ferl_request_password_reset_form', array( $this,'request_password_reset_form' ) ); add_shortcode('ferl_reset_password_form', array( $this,'reset_password_form' ) ); add_shortcode('ferl_register_form', array( $this,'register_form' ) ); } (...) public function register_form() { $this->load_css = true; $output = ''; if(!is_user_logged_in()) { // check to make sure user registration is enabled $registration_enabled = get_option('users_can_register'); // only show the registration form if allowed if($registration_enabled) { $output = $this->register_form_view(); } else { $output = __('User registration is not enabled'); } } else { // could show some logged in user info here $current_user = wp_get_current_user(); $output = $this->logout_form_view($current_user); } return $output; } (...) private function register_form_view() { ob_start(); // show any error messages after form submission $this->show_error_messages(); $this->show_info_messages(); ?> <form id="ferl_registration_form" class="ferl_form" action="" method="POST"> <fieldset> <p> <label for="ferl_username"><?php _e('Desired username'); ?></label> <input name="ferl_username" id="ferl_username" class="required" type="text" value="<?= $this->model->get_username() ?>" /> </p> <p> <label for="ferl_email"><?php _e('Your e-mail'); ?></label> <input name="ferl_email" id="ferl_email" class="required" type="text" value="<?= $this->model->get_email(0) ?>" /> </p> <p> <label for="ferl_email1"><?php _e('Your e-mail *repeat'); ?></label> <input name="ferl_email1" id="ferl_email1" class="required" type="text" value="<?= $this->model->get_email(1) ?>" /> </p> <p> <input type="hidden" name="ferl_action" value="register" /> <input type="hidden" name="ferl_register_nonce" value="<?php echo wp_create_nonce('ferl-register-nonce'); ?>"/> <input type="submit" value="<?php _e('Register Your Account'); ?>" name="submit" /> </p> </fieldset> </form> <?php return ob_get_clean(); }
The form looks like this:
Controller
The Controller looks for the “ferl_action”, and calls the appropriate method in the Model. We add a case statement for the “register” action, which hands off to the Model register_user method..
case "register": add_action( 'init', array( $this->model, 'register_user' ) ); break;
Model
The Model takes care of making sure the selected username and email address are valid. If they are, the user is registered and a random password is generated which is then emailed to the new user.
public function register_user() { if(isset($this->post_array['ferl_username']) && wp_verify_nonce($this->post_array['ferl_register_nonce'], 'ferl-register-nonce') ) { $username = $this->post_array["ferl_username"]; $email = $this->post_array["ferl_email"]; $email1 = $this->post_array["ferl_email1"]; $this->email= $email; $this->email1= $email1; // validate username if(trim($username) == '') { // empty username $this->wp_error->add('username_empty', __('Please enter a username')); } else { if ( ! $this->is_valid_username($username) ) { $this->wp_error->add('username_invalid', __('Invalid username')); } else { if(username_exists($username)) { // Username already registered $this->wp_error->add('username_unavailable', __('Username already taken')); } } } // validate email if(trim($email) == '') { // empty email $this->wp_error->add('email_empty', __('Please enter an email address')); } else { // email fields not the same if ( $email != $email1 ) { $this->wp_error->add('email_fields_unequal', __('Please enter the same email address twice')); } else { if ( ! is_email($email) ) { // uses the WP is_email function $this->wp_error->add('email_invalid', __('Please enter a valid email address')); } } } // retrieve all error messages $errors = $this->wp_error->get_error_messages(); // only create the user in if there are no errors if(empty($errors)) { $new_password = wp_generate_password(12, false, false); $new_user_record = array( 'user_login' => $username, 'user_pass' => $new_password, 'user_registered' => date('Y-m-d H:i:s'), 'role' => 'subscriber' ); $new_user_id = wp_insert_user($new_user_record); // if it is NOT a number .. something went very wrong if (! is_numeric($new_user_id) ) { var_dump($new_user_id); echo "<br />"; die('Fatal error in user registration. <a href="'.site_url().'">Please contact us.</a>'); } else { // update the email (this allows for duplicate email addresses $new_user_id = wp_update_user( array('ID' => $new_user_id, 'user_email' => $email) ); } if (! is_numeric($new_user_id) ) { var_dump($new_user_id); echo "<br />"; die('Fatal error in user registration (2). <a href="'.site_url().'">Please contact us.</a>'); } if($new_user_id) { wp_new_user_notification($new_user_id); /* send an email to the newly registered user */ $to = $email; $body = ".."; $body .= "\nHello ".$username." !"; $body .= "\n\nWelcome to the \"".get_bloginfo('name')."\" website and thank you for registering"; $body .= "\n\nYour username is ".$new_user_record['user_login']."\n"; $body .= "\nYour new password is ".$new_user_record['user_pass']."\n"; $body .= "\nPlease Sign In to your account with your Username and the Password provided."; $body .= "\n".site_url()."/sign-in "; $body .= "\n\nAfter you are signed in, change your password :) "; $body .= "\n\nDo not reply to this message as replies are not monitored."; $body .= "\n\n"; wp_mail($to, "[".get_bloginfo( 'name' )."] Thank you for registering ".$username,$body); /* send the newly created user to the Sign In after registration */ wp_redirect(site_url().'/email-message-sent'); exit; } } } }
Note that we also added some validation methods to the Model.
private function is_valid_username( $un ) { $un_chars = array('.', '-', '_'); $valid = true; $valid = $valid && ctype_alpha( substr($un,0,1) ); $valid = $valid && (strlen( $un ) >= 4); $valid = $valid && $this->is_valid_string( $un, $un_chars ); return $valid; } private function is_valid_string ($s, $chars = array() ) { return ctype_alnum( str_replace($chars, '', $s) ); }
The registration email looks like this (click on the image)
Some final comments on the next page.