Hi Andy, I think you are incorrect there. Spammers like to send spam. I am sure you get some in your email?
What is easier to get into a nice big community (without having to create a blog) and easily (?) send spam PM to all members of the community? You don’t even have to infect computers, as you can use the internal messaging system and you know most users will get the message as an email as well.
Hey, it saves them from email harvesting or buying ‘5 billion email addreses’ dbases as the community has already done this.
So, no, apparently (and this example that started this topic has proven this), it is possible on BuddyPress and it serves the spammers purpose, so disabling blog registration will not stop this. You can disable blog and user registration, but it might be hard to start a community that way..
Cheers, Harry
Hello.
I do have spam user registrations even with registration option set to:
[*] Only logged in users can create new blogs.
I understand this option to say that new user registrations are DISABLED but registered users may create blogs. Unfortunatly the “Register”-Button appears in the welcome widget with that setting — even though clicking it will redirect back to the homepage.
To disable the above option also disables the blog creation — which I do NOT want.
For an unkown reason I do see spam registrations (a couple per week) but it seems those users are not able to login and create blogs (or comment). I also do NOT get the usual notification mails for new user registrations.
It seems like a bug to me.
Looks like registration is disabled on your site. Do you have a guest username and PW I can use?
Anonymous User 96400Inactive
These functions should sort you out, garynagel:
function sv_check_current_users_blog( $active_signup )
{
if( ! is_user_logged_in() )
return $active_signup;
if( current_user_can( 'YOUR_CAPABILITY' ) )
return $active_signup;
else
return 'none';
}
add_filter( 'wpmu_active_signup', 'sv_check_current_users_blog' );
function sv_remove_create_blog()
{
if( ! current_user_can( 'YOUR_CAPABILITY' ) )
bp_core_remove_subnav_item( 'blogs', 'create-a-blog' );
}
add_action( 'wp', 'sv_remove_create_blog' );
You need to place these functions in your themes functions.php and replace YOUR_CAPABILITY with whatever capability you want to check for. You also need to have blog creation enabled. I’m using a slightly modified version of this to restrict users to maximum 1 blog, so I didn’t test this code at all.
The first function uses a filter to set the variable $active_signup to ‘none’ if the current user does not have a certain capability and for that user blog creation will be disabled. If the user has that capability the variable is not changed.
The second function removes the blog creation tab from the submenu. You probably need to modify the registration page as well.
Hope this helps.
Peterverkooijen: Of course, the goal is certainly *not* to disable the standard registration procedure — if that was the case, neither I would be interested in doing this. The point is to /support/ Open ID registration, not to enforce it (besides, IMO it would be against any true open ideology to do that; how is enfocring open-ness open? 
)
Xevo that is another thing that would be great.. They way I thought about that issue is to give members 2 options upon registration:
1: Simple blog (like you described)
2: Advanced blog (a fully featured WordPress blog like we have currently)
And the options for admins to disable one of the two if they rather have all users to have simple/advanced blogs
And are you saying I can already implement the BP menu on al blogs with the global header plugin, without any new code being written?
Hi elemsee – great avatar!
If you disable blog registration through the wp-admin backend, where do you still see ‘create a blog’ etc options? We can create a Trac ticket to get this improved for a future version.
this is a great plugin. since I do not want anyone to create a blog with a group (so far users are only allowed to start their own group and blog registration is disabled): How could I – as admin – exclusively attach blogs to certain groups? Is there any way that only admins (of bp and not group admins) are allowed to create “group blogs”?
thanks,
Reiner
I’m struggling with a lot of spam registrations.
– a lot list country entry as random characters “Ot9XLfiFD7WNCu” Is there a way to set Country so it has to be a legit one?
– a lot come from email addresses such as “myspacee.info” “@mysace.info” Is there a way to force email confirmation … so they have to receive an email and click on a link to confirm registration?
– is there a way to mark someone as a spammer and delete them at the same time in the admin?
Sigh… I don’t have time for this so I may give up.
Would be nice if a site user can “Flag” a spam entry to disable the user.
You also have to secure your bbPress install from spam signups (if you have forums installed).
Things you’d want to do is disable registrations in bbPress and redirect attempted signups to WPMU’s signup page.
Ok, I sort of “solved” the problem by editing the message in /buddypress/bp-core/bp-core-signup.php. I wrote that registrations are disabled and added a link to the application form. It’s quick and dirty, but works for now 
pxlgirl.
sigh
I:
— installed BP through wpmu plugin admin without any error messages.
— have not altered any directories, save for moving bp-themes to wp-content as instructed in setup instructions.
— have not touched any php files, save for bp-core-adminbar.php
— have only added the code above.
— am not using supercache.
— have cleared computer cache three times.
I’m going to have to find another solution. Maybe find the language “create a blog” and “blog registration has been disabled” and make it say something else. Thank you for your help, though.
In the meantime, can someone either a) address my original question and create a plugin (not that I’m demanding someone do work for me) or b) add something to the BP admin where you can turn off “create a blog” instances, or c) any other solution that I am clearly not well-versed enough to think of.
thanks.
Thank you, Jason. I’ve cleared my cache, as well as had two other people try this (restarting server not an option, unless my host can be asked to do so….)
Let me walk through what I’ve done:
- In wpmu site admin, “Only user account can be created” is enabled.
- Within bp-core-adminbar.php, I replaced this code:
echo '<li' . $alt . '>';
echo '<a>loggedin_user->domain . $bp->blogs->slug . '/create-a-blog">' . __('Create a Blog!', 'buddypress') . '</a>';
echo '';
- With this code from the patch:
if ( bp_blog_signup_enabled() ) {
echo '<li' . $alt . '>';
echo '<a>loggedin_user->domain . $bp->blogs->slug . '/create-a-blog">' . __('Create a Blog!', 'buddypress') . '</a>';
echo '';
}
- Saved and re-uploaded to buddypress/bp-core
- We created a new subscriber account to test. New user sees:
— “My Account” in admin bar, with “Create a blog” on flyout
— “You haven’t created any blogs yet, create one” on [profile] > Blogs > My Blogs
— “Blog registration is currently disabled” on [profile] > Blogs > Create a Blog
All “Create a blog” references should be gone, no?
Any obvious misstep?
If that means what I hope it does, I offer myself as a life-long fan
And can now gratefully retire from hunting where I can edit the text “Blog registration is currently disabled”
Just disable blog registrations in your Site Admin > Options panel. And please take some time to do a cursory search of Google or the WPMU forums as this is a basic question and nothing to do with Buddypress.
Am I reading this right? Couldn’t jorrie just disable user registration?
1) With WPMU and a user account, you can comment on any blog (provided you’re logged in)
2) This is possible… that page is a template file, so you could customize that with whatever you want.
3) If you already have users blogging on WPMU, BuddyPress will detect these user’s blogs (I’m quite sure BP detects them!). BP groups and forums build off of WPMU’s userbase; groups being a BP thing and forums being a BP/bbPress thing. So when you install BP, your users will have to configure their groups and forums from scratch.
4) Not sure on this one. There’s an option in WPMU to disable blog registration, but if you do that I think it will disable blog registration sitewide. This would be a better question for the WPMU forums.
5) BuddyPress does indeed utilize bbPress for forum functionality. The next version of BP will make it easy to integrate with. Right now, it still requires some grunt work.
You say want a forum for each blog? That’s a little overkill… but something like this can be accomplished with groups and a BP plugin (Marius Ooms’ groupblog plugin or Burt Adsit’s BP Community Blog plugin)
6) Yes you can list all blogs on a page using a WPMU function.
Hope that helps!
Any luck with bad behavior? I was having good success with wp-hashcash but recently found it was blocking all registrations. Even a legitimate one could never get off the wp-signup page. I finally had to disable it so people could register, and now I’m back to getting splogs again. All of them seem to be a name then numbers (angie539034). Very frustrating.
3318273Inactive
Tried checking your site out but I can only see a wp-theme. Clicking registration gets me this:
http://current_site_domaincurrent_site_path/
Have you disabled it or is more things not working?
3635122Inactive
The FB-Connect issue was successfully addressed by removing the $DIM variable from fbconnect.php. However, this no longer seems to be effective and the error message I’m receiving seems to be complaining that out of 5 variables in fbc_get_avatar(), one is missing ie;
Missing argument 5 for fbc_get_avatar()
There are 5 variables here and I’ve removed one. However, even if I replace it so that there are now “5”, I still get the same error.
– Steve
Nope, Im afraid there´s not a newer version.
1.1 was coded by Andy himself, and there are no signs that it is going to be updated. He has made clear many times that its up to Buddypress community to continue with the update of Facebook connect plugin.
If I had coding skills, I would have updated it a long time ago, but I am still busy understanding how BP works ! ;-(
3635122Inactive
Hey, thanks for all the great help!.
I’ve installed reCaptcha and it works good. Won’t reCaptcha interfere with Askimet though since they are both anti-spam plugins (just wondering)?.
I couldn’t find any place in the latest version of BBPress to disable new registrations. Where would I go to find this option?.
I’m still stumped on the FB-Connect error. I’m currently using version 1.1. Is there a newer version (or an easy-to-install patch available?.
Again, thanks so much, Steve
If you have disabled registration on your WordPress MU installation, and users are still signing up, you may have forgotten that if you are running group forums you have a bbPress installation that synchronizes users with the WordPress MU installation. Disable registration in bbPress and you should be good to go.
the fbc_get_avatar() error is from the facebook connect… it’s been addressed somewhere else in the forums. ..it’s been fixed. The spam.. the user “LnddMiles” is not just on buddypress sites, so it’s a spambot that looks for open registrations.
You should add a captcha or math problem to your registration page to divert these.
Is the hook to use this?:
user_register
Runs when a user’s profile is first created. Action function argument: user ID.
So something like this?:
<?php
/*
Plugin Name: Real Name Synchro
Plugin URI: http://
Version: v0.001
Author: peterverkooijen
Description: A plugin to store firstname and lastname from the fullname field in Buddypress registration in WPMU usermeta tables, based on examples in the <a href="http://www.devlounge.net">Devlounge</a> series.
*/
if (!class_exists("RealNameSynchro")) {
class RealNameSynchro {
function RealNameSynchro() { //constructor
}
function xprofile_sync_wp_profile() {
global $bp, $wpdb;
if ( (int)get_site_option( 'bp-disable-profile-sync' ) )
return true;
$fullname = xprofile_get_field_data( BP_XPROFILE_FULLNAME_FIELD_NAME, $bp->loggedin_user->id );
$space = strpos( $fullname, ' ' );
if ( false === $space ) {
$firstname = $fullname;
$lastname = '';
} else {
$firstname = substr( $fullname, 0, $space );
$lastname = trim( substr( $fullname, $space, strlen($fullname) ) );
}
update_usermeta( $bp->loggedin_user->id, 'nickname', $fullname );
update_usermeta( $bp->loggedin_user->id, 'first_name', $firstname );
update_usermeta( $bp->loggedin_user->id, 'last_name', $lastname );
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET display_name = %s WHERE ID = %d", $fullname, $bp->loggedin_user->id ) );
$wpdb->query( $wpdb->prepare( "UPDATE {$wpdb->users} SET user_url = %s WHERE ID = %d", bp_core_get_user_domain( $bp->loggedin_user->id ), $bp->loggedin_user->id ) );
}
add_action( 'xprofile_updated_profile', 'xprofile_sync_wp_profile' );
}
} //End Class RealNameSynchro
if (class_exists("RealNameSynchro")) {
$dl_pluginSeries = new RealNameSynchro();
}
//Actions and Filters
if (isset($dl_pluginSeries)) {
//Actions
add_action('user_register', array(&$dl_pluginSeries, 'xprofile_sync_wp_profile'), 1);
//Filters
}
?>
Testing it now…
Edit: Activating this plugin produces a white screen. Not a good start… 
Where did I go wrong?
