Cannot create new users with wp-members anymore

[axew3]

Standing into my tests:
i have an user paco that exist into phpBB, but not in WP, and when i try to register an user with the same email in WP, using the WP members page/form this happen:
if the user is active in phpBB it is added into WP at the time the user click into the registration submit, and the WP member warning say:

Sorry, that email address already has an account.
Please try another.

then i delete again paco and as deactivated phpBB user, i try to register him again and the result using the WP member registration form is:
the page redirect to the default WP login page, and the warning from the integration plugin display:

Notice: the username is currently inactive into our forum. Please contact an administrator.

and the user is NOT added into WP because not active into phpBB.
I did not try it if the WP default login page would be not available because disabled by some plugin, in this case the redirect should go where it is set (i assume) by the plugin that disable the login page, maybe.

[axew3]

So far so good, the difference here is that the default wp page stops and display the error while the wp-member registration probably stops, but not displaying the error so the user think the registration process succeeded.

so after (do not know what it changed, nothing, but...) i tested that in effect, if the user exist and is not active, and i try to register a same email, he is NOT added into WP, but WP members answer that the account has been created.
Do not know why the first time answered in a way and then in another.
Ok, we go to fix also this aspect because the behavior should be the same for many other plugins.
If the user is not created because there is another with same email or username NOT active into phpBB or banned, then a warning will display and the execution will stop.

[tlagren]

Yes, i did this with the new 2.9.3 version.
I think the error thrown was "provided email or username already exists on our forum database."

The username I tried to register into WP was not already present in phpbb, but the same e-mail was used at an old user account in phpbb.

Thanks for working with this

/Tomas

[axew3]

So, i've take a deep look into.

Then resuming there is this problem:
when/if, an user go to register into WP using the WP members page/form,
instead of do a login, so he would be added automatically and logged into WP,
when there is an existent username/email existent into phpBB:
using the wordpress default the user is correctly informed that the account has not been created because an email/username already exist into phpBB.
using the WP members registration form, the user instead is redirected to the wp members page that, even if the user has not been added due to the above, nor an email has been sent, the WP members notice say:

Congratulations! Your registration was successful.
You may now log in using the password that was emailed to you.

WP members bypass any default and go for his own way. The code flow assume that the user has been created and it display the wrong result.

From where it come from?
The error is of the WP member in this sense:
open up the file
/wp-content/plugins/wp-members/includes/api/api-users.php
lines 780/781

Code: Select all

// Inserts to wp_users table.
$user_id = wp_insert_user( $new_user_fields );

the following code simply do not care if the wp_insert_user fail or not and follow with

Code: Select all

do_action( 'wpmem_register_redirect', $wpmem->user->post_data, $user_id );

But the user has not been created because the wp_w3all.php function w3all_wp_pre_insert_user_data()
do this

Code: Select all

  if(empty($updating_user_id))
  {
   if(is_array($userdata) && !empty($userdata['user_email'])){
    $u = WP_w3all_phpbb::ck_phpbb_user($userdata['user_login'], $userdata['user_email']);
   } elseif(is_object($userdata) && !empty($userdata->user_email)){
      $u = WP_w3all_phpbb::ck_phpbb_user($userdata->user_login, $userdata->user_email);
     }

    if( !empty($u) ){
     $data = '';
     $error = new WP_Error();
     $error->add( 'invalid_email', 'Error: Username or email address exist into our forum.' );
    }
   }

if an email or username is found in phpBB it empty the var $data = '';
so, infact, into the file /wp-content/plugins/wp-members/includes/api/api-users.php
if you put this code
echo var_dump($user_id);exit;
just after

Code: Select all

$user_id = wp_insert_user( $new_user_fields );

you'll see this:

Code: Select all

object(WP_Error)#697 (3) { ["errors"]=> array(1) { ["empty_data"]=> array(1) { [0]=> string(36) "Not enough data to create this user." } } ["error_data"]=> array(0) { } ["additional_data":protected]=> array(0) { } } 

The user has not been created, but WP members do not care of nothing, nor about that there is not an userID, but instead there is an error, and follow with his hooks/filters and redirect with a wrong message, that do not rely into WP native errors, that's why you see the correct behavior using WP native registration form and NOT if using the WP members registration form.

Consider that doing this directly into the api-users.php file as test, so passing 0 as result, still follow answering that the user has been created!

Code: Select all

$wpmem->user->post_data = $user_id = 0;
do_action( 'wpmem_register_redirect', $wpmem->user->post_data, $user_id );

I will maybe follow with some solution.

[axew3]

I had some fun, testing the integration under any aspect these days, and this helped me to fix something that will make the plugin practically always compatible with any.
WP member plugin seem to be not compatible for example with Wordfence, it cause several problems on login forms as i have seen. AIOS have not been tested along with WP members, anyway this is a little example, not complete and very raw that anyway work:

into wp_w3all.php file there are these lines:

Code: Select all

// avoid user additon in wp when registration done into WP front end pages (like mepr membership subscription page)
// wp_pre_insert_user_data wp-includes/user.php
function w3all_wp_pre_insert_user_data($data, $update, $updating_user_id, $userdata){

just before add:

Code: Select all

# WP members redirect message fix
if(isset($_POST['_wpmem_register_nonce']) && !empty($_POST['username']) && !empty($_POST['user_email']))
{
  $phpbb_config = WP_w3all_phpbb::w3all_get_phpbb_config_res();
   if( !empty(WP_w3all_phpbb::ck_phpbb_user( $_POST['username'], $_POST['user_email'] )) ){
   	add_filter( 'wpmem_register_data', 'w3all_wpmem', 2 );
   }
}
  function w3all_wpmem($data, $tag='new'){
   global $wpmem_themsg;
   $wpmem_themsg = 'Error: Username or email address exists into our forum.';
    return $data;
  }

into the new coming soon integration plugin version 2.9.4, compatible with any plugin and also with 2fa logins on Wordfence or AIOS plugins login flows (on AIOS was already fine),
the call to the db can be done into any function, also out of the WP loop hooks and filters, without initializing it using

Code: Select all

 $phpbb_config = WP_w3all_phpbb::w3all_get_phpbb_config_res();

because it have been moved to be fired just after the class WP_w3all_phpbb inclusion into wp_w3all.php.

The above snippet that can be easily improved, or something other used, i have try several ways just to test the integration plugin working always fine.

The new version is coming. It will provide the possible inclusion of a custom file where filters of others plugins can be added.
The WP members example above will be there by default as example.
So you'll have, as explained when will be published, just to add the provided custom file into the
/wp-content/plugins/wp-w3all-custom/ folder
so that it will be parsed as part of the wp_W3all plugin code and executed along with. And additions/modifications on this file will not be overwritten when the plugin core update.

PS
see the new file into 2.9.4 version:
/wp-content/plugins/wp-w3all-phpbb-integration/common/custom_functions.php
Open it with a text editor, it contain the simple info on how to use and this basic above snippet and working example.