BuddyPress.org

when users sign up on my bp 1.1 site (wpmu 2.9) and they enter a username with a space in it like “joe smith” then the register page doesn’t give them an error and yet it automatically removes that space. the user then gets an automated email with an authentication link but that email doesn’t tell the user what their username is.

If the user selects ‘forgot password’ then the reset email that arrives does have the username.

so my suggestion is to simply return an error if a space is selected.

i tried making a ‘custom.php’ as described above but it made my site disappear, i would love the option of email username and password to a user – i agree that in low security sites it’s better to keep it simple

I’ve changed ip and browser and it’s all ok. Thankyou Cowboy!

Try logging out before you try this.

I think you will find that it only works for logged out users… after all, why should a logged in member want to register?

I have the same problem, but I’ve already edit the settings in the dashboard with no results.. any suggestions? Plobably is a bug, it isn’t?

@ Mike—

“The fact that this occur for you in v1.1.3 obviously points to the fact that you have had issues independent of v1.2. What version of WPMU?”

“Are you setting the password during registration AND receiving an email with a DIFFERENT password?” — Um yes, that’s obvious and it is what the thread is about.

“Are you expecting to receive an email with a password (if so, why? given that’s not how BP works – in spite of @Peter’s incessant protests” —- If BP ASKS the user for a password, then the email SHOULD state that password, not something different. This is confusing the user and you already agreed with me on this earlier in the thread.

Using WPMU alone, you are not asked to set a password, therefore when the email arrives from WPMU, the password works. Not so with BP because the user has already set a password.

If this is not how BP is supposed to work, then how IS it supposed to work? You have stated previously “That’s it. No email.” —- Then why are my users getting emails to activate, then another email with a password after?

Again, there is no option for an admin to turn off BP overriding the password, or WPMU NOT to send the emails out. So obviously this is an underlying code issue somewhere involving BP since IT IS SUPPOSED to override WPMU.

It is apparent I am not the only one experiencing this and I think the issue is quite clear right from the OP’s first post.

I had this and it was driving me crazy – turns out it’s a simple wordpress setting rather than buddypress. Go to your wordpress dashboard > settings > general and allow users to register – you’ll then see the registration link

this doesn’t sound good. I would disable all registrations immediately, clean out all of the users whom have been added, delete all of your wp and bp files and reinstall to make sure that you don’t have any modified files. And you might examine the db tables closely to see if they need may need repair.

@jfigura I am happy to help figure out your problem but yo u have not given us enough information. The fact that this occur for you in v1.1.3 obviously points to the fact that you have had issues independent of v1.2. What version of WPMU? Are you setting the password during registration AND receiving an email with a DIFFERENT password? Are you expecting to receive an email with a password (if so, why? given that’s not how BP works – in spite of @Peter’s incessant protests) Does anyone have passwords that work? Did they receive them in an email or are they using the one they set on registration? These questions should help us figure out this dilemma.

Ok! New version coming up.

Fixed: User registration being ignored in most cases on WP installs.

Fixed: Welcome Message sender name not appearing on the message page (screenshot)

EDIT: Also fixed: Fixed error when updating wpmu-edit.php (MU only).

https://trac.buddypress.org/browser/trunk/bp-core/bp-core-activation.php#L79

There are two ways for this email to still get sent:

1.) Your active theme does not have either /register.php or /registration/register.php in it.

2.) You are an admin that has just added a user to your site.

If either of those things are true, the email will get sent out.

If you are hard pressed to make this issue go away, try adding this to your functions.php or bp-custom.php.

/* Unhook BuddyPress wpmu email blocker */

remove_filter( 'wpmu_welcome_user_notification', 'bp_core_disable_welcome_email' );



function block_wpmu_email() {

if ( is_admin() && $_GET['e'] )

return true;



return false;

}

/* Rehook custom function */

add_filter( 'wpmu_welcome_user_notification', 'block_wpmu_email' );

The above routine doesn’t help us test this issue any, but it does stop the email from going through unless you add a user yourself.

1) Moderation suite – look into the various filters – bp-activity-filters.php, bp-forums-filters.php

4) Alter main menu of site – look into bp-core/bp-core-adminbar.php

5) User can select password – already exists

6) Multple unique identifiers – would be a cool plugin. are you thinking of custom profile urls?

7) Reserve usernames – in WPMU you can blacklist usernames from registration, not sure if such a feature exists in single WP.

It will use the BP slugs for registration if the template files exist, otherwise the old wp-signup.php or wp-register.php will kick in.

Actually, the BP registration process does use registration/register.php in the theme folder. Can you check and see if that file is there.

@cyndy: I totally agree with you, Capthca’s are ony good for creating jobs in Asian countries and a useless hurdle to users. I second (third?) stwc and Andrea though: once changing the defaults, splogger change from several times daily to once a month….

Don’t forget to delete or rename (or empty if you want to avoid loads of entries in your error log) the wp-signup.php file, as that is what most sploggers come in on. Though I am pretty sure that now BP works on WP, some new methods need to be found soon on both sides of the fence

Just figured out the solution. I forgot to exclude BP_REGISTER_SLUG from (!is_logged_in):

This solution works for me (put it in bp-custom.php)

function restrict_access() {



global $bp, $bp_unfiltered_uri;



if (!is_user_logged_in() && (BP_REGISTER_SLUG != $bp->current_component  )) {



//bp_core_redirect( $bp->root_domain );

bp_core_redirect( $bp->root_domain . '/' . BP_REGISTER_SLUG );



}

}



add_action( 'wp', 'restrict_access', 3 );

Two of the suggestions above, changing the register slug and changing known text in the footer, are things I outline in my article Bowe links above (http://www.bp-tricks.com/tips_and_tricks/stopping-the-sploggers/).

Clearly, I can’t read. >_<

I actually already have Invisible Defender running — and I don’t know if it’s really done anything, but certainly it’s better than nothing. And my form is slightly tweaked; don’t know why I never thought to change the slug, though.

Anyway, thanks David!

BP inherits the registration system from WordPress, so therefore you’d need to override WP’s username functionality.

@Cyndy: The two posts above you give alternatives to using captcha. It’s not the “only known solution”. SPAMers use bots. Bots look for known text and urls… like “Powered by BuddyPress” or http://www.mysite.com/register or whatever. Changing those things can help a lot. And invisible defender helps too. All without captcha. Which I think everyone will agree… sucks.

With all of the web standards and accessibility built into WP and BP, it really makes me sad that a captcha plugin is the only known solution to this.

Captchas are probably my biggest pet peeve on a site. Even the ones that aren’t horribly mangled pictures or have sound alienate those with vision and/or hearing loss. The BP site I run gets its share of spam registration — and like Andy I just mark them as spam as quick as I can. But a captcha isn’t going to help me in any way since 80% of my member base (including myself) are blind or visually handicapped.