好的,我安装了buddypress,它允许用户在注册时选择密码,但它没有任何要求,只要求输入两次。所以你可以有一个单字符的密码,这很荒谬。因此,我找到了在提交注册表表单时对其进行验证的函数,但我不知道如何正确地钩住它,添加一个简单的检查,以确保至少有6个字符。
首先是buddypress的核心函数。
function bp_core_screen_signup() {
global $bp;
if ( !bp_is_current_component( \'register\' ) )
return;
// Not a directory
bp_update_is_directory( false, \'register\' );
// If the user is logged in, redirect away from here
if ( is_user_logged_in() ) {
if ( bp_is_component_front_page( \'register\' ) )
$redirect_to = trailingslashit( bp_get_root_domain() . \'/\' . bp_get_members_root_slug() );
else
$redirect_to = bp_get_root_domain();
bp_core_redirect( apply_filters( \'bp_loggedin_register_page_redirect_to\', $redirect_to ) );
return;
}
$bp->signup->step = \'request-details\';
if ( !bp_get_signup_allowed() ) {
$bp->signup->step = \'registration-disabled\';
// If the signup page is submitted, validate and save
} elseif ( isset( $_POST[\'signup_submit\'] ) && bp_verify_nonce_request( \'bp_new_signup\' ) ) {
do_action( \'bp_signup_pre_validate\' );
// Check the base account details for problems
$account_details = bp_core_validate_user_signup( $_POST[\'signup_username\'], $_POST[\'signup_email\'] );
// If there are errors with account details, set them for display
if ( !empty( $account_details[\'errors\']->errors[\'user_name\'] ) )
$bp->signup->errors[\'signup_username\'] = $account_details[\'errors\']->errors[\'user_name\'][0];
if ( !empty( $account_details[\'errors\']->errors[\'user_email\'] ) )
$bp->signup->errors[\'signup_email\'] = $account_details[\'errors\']->errors[\'user_email\'][0];
// Check that both password fields are filled in
if ( empty( $_POST[\'signup_password\'] ) || empty( $_POST[\'signup_password_confirm\'] ) )
$bp->signup->errors[\'signup_password\'] = __( \'Please make sure you enter your password twice\', \'buddypress\' );
// Check that the passwords match
if ( ( !empty( $_POST[\'signup_password\'] ) && !empty( $_POST[\'signup_password_confirm\'] ) ) && $_POST[\'signup_password\'] != $_POST[\'signup_password_confirm\'] )
$bp->signup->errors[\'signup_password\'] = __( \'The passwords you entered do not match.\', \'buddypress\' );
$pass = $_POST[\'signup_password\'];
$bp->signup->username = $_POST[\'signup_username\'];
$bp->signup->email = $_POST[\'signup_email\'];
// Now we\'ve checked account details, we can check profile information
if ( bp_is_active( \'xprofile\' ) ) {
// Make sure hidden field is passed and populated
if ( isset( $_POST[\'signup_profile_field_ids\'] ) && !empty( $_POST[\'signup_profile_field_ids\'] ) ) {
// Let\'s compact any profile field info into an array
$profile_field_ids = explode( \',\', $_POST[\'signup_profile_field_ids\'] );
// Loop through the posted fields formatting any datebox values then validate the field
foreach ( (array) $profile_field_ids as $field_id ) {
if ( !isset( $_POST[\'field_\' . $field_id] ) ) {
if ( !empty( $_POST[\'field_\' . $field_id . \'_day\'] ) && !empty( $_POST[\'field_\' . $field_id . \'_month\'] ) && !empty( $_POST[\'field_\' . $field_id . \'_year\'] ) )
$_POST[\'field_\' . $field_id] = date( \'Y-m-d H:i:s\', strtotime( $_POST[\'field_\' . $field_id . \'_day\'] . $_POST[\'field_\' . $field_id . \'_month\'] . $_POST[\'field_\' . $field_id . \'_year\'] ) );
}
// Create errors for required fields without values
if ( xprofile_check_is_required_field( $field_id ) && empty( $_POST[\'field_\' . $field_id] ) )
$bp->signup->errors[\'field_\' . $field_id] = __( \'This is a required field\', \'buddypress\' );
}
// This situation doesn\'t naturally occur so bounce to website root
} else {
bp_core_redirect( bp_get_root_domain() );
}
}
// Finally, let\'s check the blog details, if the user wants a blog and blog creation is enabled
if ( isset( $_POST[\'signup_with_blog\'] ) ) {
$active_signup = $bp->site_options[\'registration\'];
if ( \'blog\' == $active_signup || \'all\' == $active_signup ) {
$blog_details = bp_core_validate_blog_signup( $_POST[\'signup_blog_url\'], $_POST[\'signup_blog_title\'] );
// If there are errors with blog details, set them for display
if ( !empty( $blog_details[\'errors\']->errors[\'blogname\'] ) )
$bp->signup->errors[\'signup_blog_url\'] = $blog_details[\'errors\']->errors[\'blogname\'][0];
if ( !empty( $blog_details[\'errors\']->errors[\'blog_title\'] ) )
$bp->signup->errors[\'signup_blog_title\'] = $blog_details[\'errors\']->errors[\'blog_title\'][0];
}
}
do_action( \'bp_signup_validate\' );
// Add any errors to the action for the field in the template for display.
if ( !empty( $bp->signup->errors ) ) {
foreach ( (array) $bp->signup->errors as $fieldname => $error_message ) {
// addslashes() and stripslashes() to avoid create_function()
// syntax errors when the $error_message contains quotes
add_action( \'bp_\' . $fieldname . \'_errors\', create_function( \'\', \'echo apply_filters(\\\'bp_members_signup_error_message\\\', "<div class=\\"error\\">" . stripslashes( \\\'\' . addslashes( $error_message ) . \'\\\' ) . "</div>" );\' ) );
}
} else {
$bp->signup->step = \'save-details\';
// No errors! Let\'s register those deets.
$active_signup = !empty( $bp->site_options[\'registration\'] ) ? $bp->site_options[\'registration\'] : \'\';
if ( \'none\' != $active_signup ) {
// Make sure the extended profiles module is enabled
if ( bp_is_active( \'xprofile\' ) ) {
// Let\'s compact any profile field info into usermeta
$profile_field_ids = explode( \',\', $_POST[\'signup_profile_field_ids\'] );
// Loop through the posted fields formatting any datebox values then add to usermeta - @todo This logic should be shared with the same in xprofile_screen_edit_profile()
foreach ( (array) $profile_field_ids as $field_id ) {
if ( ! isset( $_POST[\'field_\' . $field_id] ) ) {
if ( ! empty( $_POST[\'field_\' . $field_id . \'_day\'] ) && ! empty( $_POST[\'field_\' . $field_id . \'_month\'] ) && ! empty( $_POST[\'field_\' . $field_id . \'_year\'] ) ) {
// Concatenate the values
$date_value = $_POST[\'field_\' . $field_id . \'_day\'] . \' \' . $_POST[\'field_\' . $field_id . \'_month\'] . \' \' . $_POST[\'field_\' . $field_id . \'_year\'];
// Turn the concatenated value into a timestamp
$_POST[\'field_\' . $field_id] = date( \'Y-m-d H:i:s\', strtotime( $date_value ) );
}
}
if ( !empty( $_POST[\'field_\' . $field_id] ) )
$usermeta[\'field_\' . $field_id] = $_POST[\'field_\' . $field_id];
if ( !empty( $_POST[\'field_\' . $field_id . \'_visibility\'] ) )
$usermeta[\'field_\' . $field_id . \'_visibility\'] = $_POST[\'field_\' . $field_id . \'_visibility\'];
}
// Store the profile field ID\'s in usermeta
$usermeta[\'profile_field_ids\'] = $_POST[\'signup_profile_field_ids\'];
}
// Hash and store the password
$usermeta[\'password\'] = wp_hash_password( $_POST[\'signup_password\'] );
// If the user decided to create a blog, save those details to usermeta
if ( \'blog\' == $active_signup || \'all\' == $active_signup )
$usermeta[\'public\'] = ( isset( $_POST[\'signup_blog_privacy\'] ) && \'public\' == $_POST[\'signup_blog_privacy\'] ) ? true : false;
$usermeta = apply_filters( \'bp_signup_usermeta\', $usermeta );
// Finally, sign up the user and/or blog
if ( isset( $_POST[\'signup_with_blog\'] ) && is_multisite() )
$wp_user_id = bp_core_signup_blog( $blog_details[\'domain\'], $blog_details[\'path\'], $blog_details[\'blog_title\'], $_POST[\'signup_username\'], $_POST[\'signup_email\'], $usermeta );
else
$wp_user_id = bp_core_signup_user( $_POST[\'signup_username\'], $_POST[\'signup_password\'], $_POST[\'signup_email\'], $usermeta );
if ( is_wp_error( $wp_user_id ) ) {
$bp->signup->step = \'request-details\';
bp_core_add_message( $wp_user_id->get_error_message(), \'error\' );
} else {
$bp->signup->step = \'completed-confirmation\';
}
}
do_action( \'bp_complete_signup\' );
}
}
do_action( \'bp_core_screen_signup\' );
bp_core_load_template( apply_filters( \'bp_core_template_register\', array( \'register\', \'registration/register\' ) ) );
}
add_action( \'bp_screens\', \'bp_core_screen_signup\' );
这很好,而且很大,但是在第90行,密码验证开始了,只是检查以确保它们匹配。我试着去了解它,但我不理解这个概念。
function bp_password_beefing() {
if ( !empty( $_POST[\'signup_password\'] ) )
if ( strlen( $_POST[\'signup_password\'] ) < 6 )
$bp->signup->errors[\'signup_password\'] = __( \'Your password needs to be atleast 6 characters\', \'buddypress\' );
}
add_action( \'bp_signup_pre_validate\', \'bp_password_beefing\');
正确的方法是什么?
