Hey Jfcarter,
Sorry for not being clear there.
If you’re using the default BP member theme, I replaced instances of bp_send_message_button with the newly, created bp_send_message_to_friend_button in these files:
* /bp-themes/bpmember/activity/just-me.php
* /bp-themes/bpmember/wire/latest.php
* /bp-themes/bpmember/profile/index.php
Keep in mind that if you’re using a different BP member theme, that those template links might be different.
Hope that was clear enough!
@r-a-y,
Thanks for this information. It was a manual signup.
I like what you’ve suggested and plan to use the code in my bp-custom file.
But what did you mean by this: “Then I edited the template files mentioned above with the new function call – bp_send_message_to_friend_button().”?
What exactly did you add to the templates, and which templates were you referring to?
Much, much appreciated.
Thx
I liked this idea, so I implemented it on my BP install.
I decided to do step #2.
Here’s what I added to my /wp-content/plugins/bp-custom.php:
function bp_send_message_to_friend_button() {
global $bp;
if ( bp_is_home() || !is_user_logged_in() || !friends_check_friendship($bp->loggedin_user->id,$bp->displayed_user->id) )
return false;
$ud = get_userdata( $bp->displayed_user->id );
?>
<div class="generic-button">
<a class="send-message" title="<?php _e( 'Send Message', 'buddypress' ) ?>" href="<?php echo $bp->loggedin_user->domain . $bp->messages->slug ?>/compose/?r=<?php echo $ud->user_login ?>"><?php _e( 'Send Message', 'buddypress' ) ?></a>
</div>
<?php
}
Then I edited the template files mentioned above with the new function call – bp_send_message_to_friend_button().
Now, the “Send Message” button only shows up if you are a friend of said user.
I’ve added a trac ticket about this issue as an enhancement, so maybe the above change will be built into the bp_send_message_button() function in the next BP release instead of having to add your own function.
—
There’s still the autocomplete feature in the “My Messages > Compose” area, as well as the wire and group wire to worry about though… one step at a time!
Is this a bot or a manual signup who manually sends messages to the users?
Anyway, the way I see it, there are two ways to combat this problem in the interim:
1) do a check to see if the logged-in user is a friend of that user, if so run the bp_send_message_button() function
2) code own function based on bp_send_message_button() and do the check within this function
Either option will require modifying the Buddypress member theme template in three places:
* /bp-themes/bpmember/activity/just-me.php
* /bp-themes/bpmember/wire/latest.php
* /bp-themes/bpmember/profile/index.php
(I’m using the default BP member theme as an example)
This is only for the “Send message” button though… how did the person spam your users?
John – thanks for the reply!! 
I’ll check with my host about the memory… that’s something new to me… hmm.
All the files are in the correct locations, triple and quadruple checked. Buddypress 1.0.2 was working fine, it’s the upgrade to 1.0.3 that caused this. It was never activated, got a fatal error on activation so I clicked deactivate and then POOF. It said that it could not activate the plug-in when i clicked activate. But, white screen of death before I could try to delete it or do anything. It really didn’t like that update.
I have a few plug-ins running, but without the admin back end working, I can’t deactivate them. Can I place them in a separate folder temporarily without causing even more havoc? i.e. welcome pack, monty spam, wp ban, limited log in attempts, askimet, etc.
Just really want to get my blogs back in action. Don’t want people hating on me for losing all their data… although data is all still there, it’s just invisible. bizarre indeed!
Thanks so much for responding. really appreciate it.
3635122Inactive
The FB-Connect issue was successfully addressed by removing the $DIM variable from fbconnect.php. However, this no longer seems to be effective and the error message I’m receiving seems to be complaining that out of 5 variables in fbc_get_avatar(), one is missing ie;
Missing argument 5 for fbc_get_avatar()
There are 5 variables here and I’ve removed one. However, even if I replace it so that there are now “5”, I still get the same error.
– Steve
Nope, Im afraid there´s not a newer version.
1.1 was coded by Andy himself, and there are no signs that it is going to be updated. He has made clear many times that its up to Buddypress community to continue with the update of Facebook connect plugin.
If I had coding skills, I would have updated it a long time ago, but I am still busy understanding how BP works ! ;-(
3635122Inactive
Hey, thanks for all the great help!.
I’ve installed reCaptcha and it works good. Won’t reCaptcha interfere with Askimet though since they are both anti-spam plugins (just wondering)?.
I couldn’t find any place in the latest version of BBPress to disable new registrations. Where would I go to find this option?.
I’m still stumped on the FB-Connect error. I’m currently using version 1.1. Is there a newer version (or an easy-to-install patch available?.
Again, thanks so much, Steve
If you have disabled registration on your WordPress MU installation, and users are still signing up, you may have forgotten that if you are running group forums you have a bbPress installation that synchronizes users with the WordPress MU installation. Disable registration in bbPress and you should be good to go.
the fbc_get_avatar() error is from the facebook connect… it’s been addressed somewhere else in the forums. ..it’s been fixed. The spam.. the user “LnddMiles” is not just on buddypress sites, so it’s a spambot that looks for open registrations.
You should add a captcha or math problem to your registration page to divert these.
It’s important to note that BuddyPress is an opensource project, just like all of the other WordPress related ones. That being said, if you find something isn’t working up to your expectations you are free to develop or contribute to the project to make it work how you wish. As it stands today, BuddyPress does a good job of keeping tidy and cleaning up after itself; better than most plugins in my opinion. The signups table is specific to MU and is a new addition, so you can expect it’s functionality to be misunderstood. When a user is deleted, the idea is that their signup remain in the signups table as proof of their previous registration. One could even argue that removing all user data is a bad idea in the event someone ever needs it later, say for law enforcement purposes.
Regarding blocking spam registrations, read some articles about Twitter. Some analysts have said that nearly 50% of all registrations on Twitter are spammers. Crazy eh? There just isn’t a fool proof way to prevent it from happening unfortunately.
Also, while none of the moderators are directly employed by Automattic, it’s about the best internship I think anyone in our respective businesses can hope for. We all do our best to represent Automattic and are here to help to the best of our abilities.
If you can find a specific bug or flaw in how users are currently managed between BuddyPress and WordPress, you’re welcome to respond here or file ticket in the trac. If you feel your opinion warrants more attention you can message me privately if you’d like also, and I’d be happy to help further.
I really do appreciate all the work you do. I’m just really frustrated with the lack of synchronization and consistency between Buddypress xprofile and WordPress users/usermeta etc. Automattic needs to take a serious look at member management.
FYI, here’s the response from the WPMU forum:
Because if a spammer signs up, for instance, and you delete their username and blogs, if their registration member is also deleted, then they can sign up again.
I’m not satisfied with that answer. There must be cleaner ways to block/blacklist spammers.
Isn’t there a plugin that deletes users more thoroughly?
Spam signups != comment spam.
Isn’t Akismet keeping the SPAM away?
No I turned of caching. For instance, I just deleted a bunch of spam registrants. The last spam registrant with a blog, their theme is taking over my home page. I don’t have any posts in my root blog.
Instead of looking at banning users, I would be more concerned with preventing spam signups.
That way you won’t have to think about banning people (at least not often!)
Hello
using capcha image for spam.
point 3 OK!
point 4 OK!
but point 1,3 very imortant
Hello
Point 4 is a standard WPMU option and can be found in the Site Options panel of the admin interface.
Photo albums are something that will become a part of BuddyPress eventually (i.e. don’t hold your breath). There is an interim plugin you can use which provides a photo gallery to BuddyPress. I haven’t used it myself but you can find it on https://buddypress.org/extend/plugins/.
The big problem I can see with point 2 is that you are inviting spammers and vandalism in to your site.
Seems to work wonderfully on 1.0.3.
I wish there was a way to let the user enter an invite message though. As it is, the message appears to come from the BP admin, and it looks super skynet. Don’t want to give the appearance that my site is spamming people… At any rate, it’s a brilliant plugin, and I appreciate all the hard work!
http://thegsn.org
I just wanted to add that I am using the following plugins:
SiteWide
bppicture-album
Welcome Pack
Bp-dev core
BP-dev groups extra
Others:
Most Active Blogs
Seo for buddypress
As well as the following in the mu-plugins folder:
bp-events
bp-featured members-widget
blog_defaults
plugin-commander
typepadAntiSpam
restrictprofiles
Buddy Press rocks.
One monetization idea for you guys — Akismet for message-spam…like that plague of MySpace message spam. I’ll hopefully have some better contributions for the BuddyPress pot-luck put together soon.
Morning all! I got rita-ized as well!
Yep… definitely need some type of anti-spam filter, in addition to Jeff’s upcoming privacy component.
I have not tested it yet but I am guessing it sends the activation link anyway (since the author mentions that a random password will be generated if one is not provided) which is fine by me as it will help somewhat to thwart spammers.
Brajesh, is there a way to have the user enter the password twice (like in other registration forms) to make sure it is entered correctly as the user wants?
Hey, I didn’t receive a spam message. I guess I’m just not popular. ;(
@socialpreneur-
The BuddyPress Privacy component will allow users the ability to decide who can send them PMs.
I received a spam message from rita4u as well.
Those kind of messages seems to appear on lots of communities nowadays, I guess its impossible to remove them automatically. 
