After users confirm their emails this function will make them auto login in their accounts.
wppb_activate_user is located in Profile Builder: /features/email-confirmation/email-confirmation.php and /front-end/register.php
init is located in wp-settings.php
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 | /* * Auto Login After Email Confirmation. Tags auto login, email confirmation */ add_action( 'wppb_activate_user', 'wppb_custom_autologin_redirect', 10, 3 ); function wppb_custom_autologin_redirect( $user_id, $password, $meta ){ // hack to fix conflict with WP Voting Contest in C:\www\pb20\wp-content\plugins\wp-voting-contest\includes\votes-save.php lines 420, 421, 422 // basically WP Voting Contenst will login any email field that's submitted via POST. So we're overwriting the global $current_user for this particular instance. global $current_user; $current_user = 0; $token = wppb_create_onetime_token( 'pb_autologin_'.$user_id, $user_id ); $location = add_query_arg( array( 'pb_autologin' => 'true', 'pb_uid' => $user_id, 'pb_token' => $token, ), home_url()); echo "<script> window.location.replace('$location'); </script>"; } add_action( 'init', 'wppb_custom_autologin' ); function wppb_custom_autologin(){ if( isset( $_GET['pb_autologin'] ) && isset( $_GET['pb_uid'] ) && isset( $_GET['pb_token'] ) ){ $uid = $_GET['pb_uid']; $token = $_GET['pb_token']; require_once( ABSPATH . 'wp-includes/class-phpass.php'); $wp_hasher = new PasswordHash(8, TRUE); $time = time(); $hash_meta = get_user_meta( $uid, 'pb_autologin_' . $uid, true); $hash_meta_expiration = get_user_meta( $uid, 'pb_autologin_' . $uid . '_expiration', true); if ( ! $wp_hasher->CheckPassword($token . $hash_meta_expiration, $hash_meta) || $hash_meta_expiration < $time ){ //wp_redirect( $current_page_url . '?wpa_error_token=true' ); die (' You are not allowed to do that. '); exit; } else { wp_set_auth_cookie( $uid ); delete_user_meta($uid, 'pb_autologin' . $uid ); delete_user_meta($uid, 'pb_autologin' . $uid . '_expiration'); wp_redirect( home_url() . '/edit-profile/' ); exit; } } } function wppb_create_onetime_token( $action = -1, $user_id = 0 ) { $time = time(); // random salt $key = wp_generate_password( 20, false ); require_once( ABSPATH . 'wp-includes/class-phpass.php'); $wp_hasher = new PasswordHash(8, TRUE); $string = $key . $action . $time; // we're sending this to the user $token = wp_hash( $string ); $expiration = $time + 60*10; $expiration_action = $action . '_expiration'; // we're storing a combination of token and expiration $stored_hash = $wp_hasher->HashPassword( $token . $expiration ); update_user_meta( $user_id, $action , $stored_hash ); // adjust the lifetime of the token. Currently 10 min. update_user_meta( $user_id, $expiration_action , $expiration ); return $token; } |
Create beautiful front-end registration and profile forms with custom fields. Setup member directories, custom redirects, cutomize user emails & more using the all in one user management plugin.
Get Profile BuilderCombine the power of Profile Builder with Paid Member Subscriptions to set up user registration, memberships, and recurring revenue.
Get 25% off with the bundle
