BuddyPress.org

UPDATE:
I deleted all BP files and the plugin and did a reinstall.

PROBLEM #1)
I am still having trouble with the Register page. I do not know what this error refers to:

displays an error message:
“Profile Details
Warning: Creating default object from empty value in /home/content/p3pnexwpnas09_data01/28/2853428/html/wp-content/plugins/buddypress/bp-xprofile/classes/class-bp-xprofile-group.php on line 649”

Line 649 is:
$fields[ $key ]->visibility_level = $field_visibility;

PROBLEM #2)
Registration submission is now working, but an auto response email is being sent. Is there something in BuddyPress (or WordPress) to disable this? I’m getting an email saying:
Hi test4,
Thanks for registering!

To complete the activation of your account, go to the following link: http://blahblahblah.com/activate/ef23a0f24958c3a125917f7e3bac95f8/

I’m using s2Member to allow admin approval of registrations. This email needs to be removed. Thx.

I found a plugin for this: https://wordpress.org/plugins/bp-disable-activation-reloaded/

Now, i just need to edit the post-registration landing page. If anyone can point me to this, I’d be grateful.

Before I installed buddypress, users could register just fine. I also disabled the default generated password and let users choose their own passwords at registration.
However, I cannot find that option anymore. If users can only create insanely strong passwords, I’d rather have it back to the automatically generated passwords, but I can’t find that option anymore.

EDIT: When I deactivate BuddyPress, I get my old registration back, that works.
I would like the option to keep buddypress, but also keep my old registration.

Sorry I meant how do I disable registration?

Sorry, part of the above is not true. I am using bp-custom.php. The only function in there is to disable BP registration.

//EDIT

Oh my! I just found this post https://buddypress.org/support/topic/bp-legacy-in-bp-templates/ . Am I supposed to be using the files from bp-legacy as this post suggests? If so, what a terrible name for a folder!

@djsteveb – Hi thanks for the info! So does this mean this has nothing to do with BuddyPress at all?

Some posts are being posted with a user ID=0, even though registration is disabled already. Below is from the first 5

log_id log_type log_function log_priority log_date log_date_gmt log_host log_username log_user log_url log_referrer log_data
1 brute_force Invalid Login Attempt 5 2015-07-16 10:13:39 2015-07-16 10:13:39 23.250.34.71 rogeliomackie 0 a:0:{}
2 brute_force Invalid Login Attempt 5 2015-07-16 10:16:56 2015-07-16 10:16:56 172.85.106.118 rogeliomackie 0 a:0:{}
3 brute_force Invalid Login Attempt 5 2015-07-16 10:19:25 2015-07-16 10:19:25 172.85.103.167 rogeliomackie 0 a:0:{}
4 brute_force Invalid Login Attempt 5 2015-07-16 10:23:32 2015-07-16 10:23:32 45.59.26.85 rogeliomackie 0 a:0:{}
5 brute_force Invalid Login Attempt 5 2015-07-16 10:24:18 2015-07-16 10:24:18 50.118.159.10 rogeliomackie 0 a:0:{}

Hello,

Yes I had already tried changing theme and deactivating all plugins before I posted.

But.. I see you’ve reproduced. 🙂

I also noticed (after I downgraded to previous version) that even with registration disabled I was able to load register page. Then I upgraded BP again and it was still a case.

Thank you for your help,
Gina

Well, that was embarrassing.. 😀 Sorry for my stupidity.
I was searching on forums by “Disable name change” “Hide Name in registration” etc. Most answers I found were outdated, that’s why I registered to ask.

Follow-up:

7th:

Capability Manager Enhanced to define custom user roles, if you’re not satisfied with the default wordpress roles (subscriber, contributor,…).
The first step is to create your user roles

https://buddypress.org/support/topic/resolved-different-profile-types-and-different-user-roles/

As ready implied there: I did this – and it works so far.

8th:

Create a xprofile field (selectbox) with the title “User Role” and name the options “Band Role” and “Fan Role” – in my case. You can call them whatever you want. Place this field in the “base” profile group, otherwise it won’t be shown during registration. Also make the field “required”. In my case the user can’t decide, if the visibility of the field can be changed.

I did it already, when I installed and activated ‘BP Profile Search’-plugin – and it works.

However, to choosed a dropdown menu and the categories ‘team’ and ‘fan’.

9th:

I modified:

?php
function custom_bp_core_signup_user($user_id) {
    $user_role = strtolower(xprofile_get_field_data('User Role', $user_id));
    switch($user_role) {
        case "Band Role":
            $new_role = 'band';
            break;
        case "Fan Role":
            $new_role = 'fan';
            break;
    }
    wp_update_user(array(
        'ID' => $user_id,
        'role' => $new_role
    ));
}
add_action( 'bp_core_signup_user', 'custom_bp_core_signup_user', 10, 1);

into:

function custom_bp_core_signup_user($user_id) {
    $user_role = strtolower(xprofile_get_field_data('Mitglieder-Kategorie (Team oder Fan?)', $user_id));
    switch($user_role) {
        case "Team":
            $new_role = team';
            break;
        case "Fan":
            $new_role = 'fan';
            break;
    }
    wp_update_user(array(
        'ID' => $user_id,
        'role' => $new_role
    ));
}
add_action( 'bp_core_signup_user', 'custom_bp_core_signup_user', 10, 1);

(I omitted <?php, because I created not a new bp-costum.php, rather inserted the code into my yet existing bp-costum.php. I inserted the modified code above the line ?>.)

I did not understand, which effect this insertion should have – but, however, – as far as I see – it causes no harm.

Did anyone understood, for which purpose the above mentioned code is?

10th:

I inserted as well:

//hide the user role select field in edit-screen to prevent changes after registration
add_filter("xprofile_group_fields","bpdev_filter_profile_fields_by_usertype",10,2);
function bpdev_filter_profile_fields_by_usertype($fields,$group_id){

//only disable these fields on edit page
if(!bp_is_profile_edit())
return $fields;
//please change it with the name of fields you don't want to allow editing
$field_to_remove=array("User Role");
$count=count($fields);
$flds=array();
for($i=0;$i<$count;$i++){
if(in_array($fields[$i]->name,$field_to_remove))
unset($fields[$i]);
else
$flds[]=$fields[$i];//doh, I did not remember a way to reset the index, so creating a new array
}
return $flds;
}

into my bp-costum.php – again above the line ?>.

It does not work:

— threre the user role is still changeable:

http://kampfsportlerinnenneuwied.1a-spielwiese.de/wp-content/uploads/sites/2/2014/09/user_role_still_changeble.jpg

— http://1a-spielwiese.de/members/kampfsportlerinnenneuwied/profile/edit/group/1 causes an redirection error. – The redirection error disappears, when I’m not logged in as kampfsportlerinnenneuwied, rather as superadmin.

Hi

Thank you for all the responses.

Well, the issue of spam registrations & comments with the above mentioned plugins in addition to SI CAPTCHA Anti-Spam, Wordfence Security (?), etc had worked for months & was manageable, occasionally getting something in sometimes after weeks. I also blocked all IPs of spammers who would tried to login, etc.

A few days ago, though I started getting a barrage of bot-registrations + groups with bogus content created. New registrations would come in as soon as I deleted some.

Since it was late in the night in the middle of a very busy period, I thought someone probably getting similar issues could mention some quick solution I could find the following day.

It was not my first time in the forum. Some of the above solutions were found through searching the forum, which i agree should be the first step.

So far – in addition to the above plugins I first added JP User Registration Blacklist, WP-SpamShield and also reluctantly disabled user group creation. (Is there a plugin that enables moderation of user created groups, allowing the moderator to approve user created groups?)

That stopped the group creation, but spam registrations continued coming. So like recommended above, installed Wanguard, though this being a small site which currently gets in very little income, it is not yet worth paying for it. I hope the free wanguard account can work for a while.
That since yesterday only let in one or 2 registrations by some criminals, this being one of them – details shown by some plugin:

Benutzername: clairmcconnan

E-Mail: synfhongegizi@mail.ru

Angezeigter Name: Claire McConnan

Vorname: Claire

Nachname: McConnan
….
IP Address : 107.181.70.207
Reverse DNS : 107.181.70.207
Reverse DNS IP : 107.181.70.207
Reverse DNS Authenticity : [Possibly Forged]
Proxy Info : No Proxy
Proxy Data : 107.181.70.207
Proxy Status : FALSE
HTTP_ACCEPT_LANGUAGE : en

Names & emails suggest they mostly originate from Russia.

danbp suggested using .htaccess to block Ru-based submissions. I will look into BUT – on an unrelated Drupal-based site, I ever had a much more serious attack, with as many 25,000 attempted login/post attempts a day(!), which were blocked by the Drupal mollom plugin BUT that constantly filled some DB table, probably logging visits/attempts, to several 100MBs a day, causing me problems with the webhost. Source of attacks was Russia, ukraine, China & Poland.

The only solution that worked was adding literally several 10,000 lines of complete IP(blocks(?)s from those countries I got from some site to the .htaccess that blocked them out. Only that helped.

Later on, though – months on, the web host removed that .htaccess file, because my site account was supposedly overusing server resources. I am not sure that had anything to do with the IP address lines in the .htaccess file, but the good thing is that a similar attack has not happened again.

An .htaccess solution that only involves naming a country ( … ^(.*).ru/(.*) …) & not its thousands of IPs would of course be great & preferable, but I will do a search & see. My site does not need a single Russian & so can do without the country.

Ultimately, for the time being – what I would need is a functioning free solution until the currently small site can pay for itself, later on. This particular site had not had anything similar in over a year, assuming Wanguard cannot be used …

Anyway, thank you all.