@r-a-y I have no idea where to begin with this…. I guess I’ll give the core hack a try
thanks
excuse me r-a-y what is the IRC room? could you give me a link?
@mercime – that hack you linked to is totally unnecessary! It is possible to use filters to achieve the same result. The same method was brought up in the IRC room a few days ago. It is actually quite a nice way around the problem 
@mercime 
@dandelionweb
For signups, please select the box which says user and blogs can be created.
To disable blog creation by non logged in user, put this code in your theme’s functions.php or bp-custom.php
Here is the code on pastebin(current forum has trouble posting code, so i posted it there).
http://bpdev.pastebin.com/1AyszwQ7
And the issue with bp-registration-options seems to be of PHP5.
sigh… like a number of plugins the bp-registration-options won’t activate
Parse error: syntax error, unexpected T_OBJECT_OPERATOR in /…../clubfootclub.org/community/wp-content/plugins/bp-registration-options/bp-registration-options.php on line 23
There is a hack to core BP files which can be turned into a plugin (hint, hint) which works in BP 1.2.3 and WPMU 2.9.2 …
Thanks for your response Brajesh – I’ll check these out
for the second…. if I select only logged in users can create new blogs this also disables new user registration completely.
Yes I need to have the host upgrade to PHP5 but I have a number of sites on the account and I just don’t have time right now to do any debugging if things break right now.
hi
For your first question, you may want to try this plugin
https://wordpress.org/extend/plugins/bp-registration-options/
checkout this thread too
https://buddypress.org/community/groups/how-to-and-troubleshooting/forum/topic/moderate-members/
For the second, yes, It is possible. Just go to SiteAdmin->Options and select the radio box which says only logged in users can create blog.
PHp5 may be an issue, better why not ask your server adminstrator to upgrade.
In all honestly, I wouldn’t recommend disabling email verification. In fact – you actually should not only use that, but use it with Gravatar to double verify members. My BP communities are brand new, in dev stages right now. I’ve already been subjected to spammers which is why I support use of Gravatars – because not only will your users be verified in your community, but globally and this is a big step in spam prevention.
If you want to customize the registration page, many of them can be through your theme framework. However, too much code will slice your page & overall framework right down the middle and break your site.
Can someone give solution that users that wish to sign up dont use buddypress signup page, instead they use regular wordpress signup which is much much safer.
Hmm, interesting. The generic BuddyPress register form does seem like a bit of a sieve (though it could just be my frustration talking).
I think you would just delete/disable /registration/activate.php and /registration/register.php. You would lose the ability for users to fill out extended profile fields at signup. However, quick signups are probably preferable, with seasoned users filling out extended profile fields as needed. I’ve read at least one article via delicious.com that suggests to me that signup forms need to be as simple as possible to help users focus on getting “behind the wall” fast and easy.
Login to the WPMU backend, navigate to “BuddyPress > Component Setup”, disable blog tracking.
Then disable blog registration.
Navigate to “Site Admin > Options”. Under “Allow new registrations”, select “Only user account can be created”.
Anton and hnla – thank you so so much for your very helpful comments. (I take it that most of the big functionality is working properly, since these are relatively small issues – that’s good news!)
Anton – Great point. I had originally not hardcoded the register link, but then had to hardcode it for some testing purposes and forgot to change it back. The latest trunk version creates the accept_link with site_url( BP_REGISTER_SLUG ), which is the same code used in BP core. Please let me know if it works for you.
hnla – Very sorry about my American date formatting I have changed it so that the format matches the setting in Dashboard > Settings > General. As for markup in the welcome message: I didn’t manually strip tags because I’m using $wpdb->prepare to write to the database, which means that all tags are escaped and therefore presumably not harmful. But I thought about it, and I think you’re right that it’s a good idea not to allow HTML in that box – it tends not to work well in email. The latest trunk version strips tags before sending the email/saving it to the db.
Finally, hnla, I’m guessing that your problem with /register/ redirects may have had something to do with one of the following:
– Anton’s problem (/register/ was hard coded into the accept_link)
– You are clicking on the link while logged in. BP redirects from the register page for logged in users. Log out, or try another browser.
– You’ve disabled registrations. In WPMU, look at Site Admin > Options; in WP I think it’s Settings > General > Anyone can register.
Thanks again for your help. I should be able to put a stable tag on it in the next day or so thanks to your feedback.
True, I keep a test install running live with minimal plugins other than BP, I can perhaps disable BP and take it back to WPMU and open registrations again and see what gets through and report that back which might help, but won’t be able to set that up till later.
Paul.
I’m using WPMU 2.9 and the latest BP 1.2 release.. When I enable your plugin and sign up a new user the registration process goes fine, but no emails are sent out and thus registration is not possible. When I disable the plugin the registration emails do arrive, so something bad must happen somewhere.. I’ll try to pindown the problem
If you put the following code in a plugin then this will disable activation, although the users will still receive an activation email. In any case, they will be able to log straight in and the new account screen will tell them that.
If someone wants to add this to a plugin and release it please do, but I haven’t tested it, so do that first. In the next version I will add an option to disable activation emails too.
function disable_validation( $user_id ) {
global $wpdb;
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_status = 0 WHERE ID = %d", $user_id ) );
}
add_action( 'bp_core_signup_user', 'disable_validation' );
function fix_signup_form_validation_text() {
return false;
}
add_filter( 'bp_registration_needs_activation', 'fix_signup_form_validation_text' );
Theoretically, if we’d like to disable it, is there a way we can define it in wp-config or bp-custom?
We’ve got a workaround, but it involves changing a core file, bp-core-signup.php. We changed this line:
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_status = 2 WHERE ID = %d", $user_id ) );
to set the user_status as 0 (activated)
$wpdb->query( $wpdb->prepare( "UPDATE $wpdb->users SET user_status = 0 WHERE ID = %d", $user_id ) );
Next, we changed a line in register.php, in a child theme, where we changed the conditional
<?php if ( bp_registration_needs_activation() ) : ?>
to
<?php if ( !bp_registration_needs_activation() ) : ?>
This solves the problem, but it involves modifying a core file. Any workaround for that?
Okay… I am STILL getting SPAM registrations. I’ve done the following:
- Changed signup slug
- Installed hashcash (works with BP now)
- Disabled “Allow blog administrators to add new users…”
- Deleted BuddyPress credit in footer.php
- Deleted wp-signup.php
- Created a robots.txt file to disallow robots from my signup slug
Any more ideas? Short of Catcha? Altho’ I’m thinking even that won’t work.
So to sum up:
- Change your signup slug
- Add some required custom profile fields (or use the hashcash trick posted at the start of this thread)
- Disable “Allow blog administrators to add new users to their blog via the Users->Add New page”
- Delete BuddyPress credit in footer.php
- Delete wp-signup.php
- Create a robots.txt file with User-agent: * Disallow: /register/ (or whatever your slug is)
- If all else fails, use CAPTHCA or preferably a simple random question (what colour is snow)
Am I wrong or missing anything?
Also… all of my SPAM registrations were coming from .info domains. I added this to my .htaccess file but I’m not sure it’s correct. I found a million examples via Google search for how to ban full domains or subdomains… but nothing about blocking an entire extension (i.e… whatever.info). Anyway, this is what I wrote:
RewriteCond %{REMOTE_HOST} \\.info$
RewriteRule .* - [F]
Help! There’s no register button on my BuddyPress site!
If you’re using standard WP, login to the WP admin area, navigate to “Settings > General”, and make sure “Anyone can register” is checked.
If you’re using WPMU, login to the WPMU admin area, navigate to “Site Admin > Options”, and under “Allow new registrations”, select any option but “Disabled”.
If you’re using standard WP, login to the WP admin area, navigate to â€Settings > Generalâ€, and make sure â€Anyone can register†is checked.
If you’re using WPMU, login to the WPMU admin area, navigate to “Site Admin > Options”, and under “Allow new registrations”, select any option but “Disabled”.
Use captcha, have one profile field be required and change the slug.
define( 'BP_REGISTER_SLUG', 'name-this-something-unique' );
oh and if you are on WPMU then you need to disable the ability for blog owners to add users via their admin section. This is an easy way for spammers to get entry.
Thanks everyone for the tips and tricks, I’ll be checking this page again!
It’s strange but the moment I upgraded to WP2.9.2 and BP 1.2 spam started again.
Previously, I just added SI Captcha and I went from getting 10-20+ spam registrations to none. I added WP-hashcash now and I’ve only had one registration since.
I’ve just disabled the blog registration on the signup page, hopefully that’ll help too.
By the way, there’s also a meta tag in the header of many templates :
<meta name="generator" content="WordPress 2.9.2" />
Removing that may help too….
Enable registration on your WPMU install.
Login to the WPMU dashboard, navigate to “Site Admin > Options” and under “Allow new registrations” select anything but “Disabled”.
He means either a) install Buddypress with regular, non WPU version of WordPress, possible since BP1.2 or b) go into your Site Admin–>Admin–>Allow new registrations and disable it in the WPMU dashboard.
