Skip Navigation

[Resolved] Auto login user without system generated password

This support ticket is created 6 years, 11 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun Mon Tue Wed Thu Fri Sat
- 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 7:00 – 14:00 -
- 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 15:00 – 16:00 -

Supporter timezone: Europe/London (GMT+00:00)

This topic contains 7 replies, has 2 voices.

Last updated by Nigel 6 years, 10 months ago.

Assisted by: Nigel.

Author
Posts
#607924

I have a Cred front end user registration form where the user is allowed to enter their own password.
I also have a function that automatically logs the user in when submitting the form.

The auto login works but the problem is that the password entered in the user registration form is ignored and is replaced by a system generated password instead.

Red the wordpress docs but couldn't find the cause.
I suppose it is one of the wp functions that generates the password, but I would like to bypass this.

First try was to use cred_before_save_data to access $_POST[field] but $form_data was an undefined variable.
Is this because it is a user form? Can't find anything about this in the documentation.
My goal was to use wp_signon with the password from the form...

I then tried to tie the auto login to wordpress user_register action instead of cred_success_redirect.
But the result was always the same. The password from the form was overwritten by a system generated one.

I have this:

function auto_login_exhibitor($url, $post_id) {
    if (!is_user_logged_in()) {
        $user = get_user_by('id', $post_id);
        if ($user) {
            $allowed_roles = array('exhibitor_webshop', 'exhibitor');
            if (array_intersect($allowed_roles, $user->roles)) {
                wp_set_current_user($user->ID, $user->user_login);
                wp_set_auth_cookie($user->ID, true, is_ssl());
                do_action( 'wp_login', $user->user_login, $user );
            }
        }
    }
    return $url;
}
add_action('cred_success_redirect', 'auto_login_exhibitor', 10, 2);
#607934

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

Screen Shot 2018-01-19 at 11.58.02.png

Hi Tina

Before digging any deeper, CRED User Forms can auto-generate passwords or have the user enter them.

I wonder if your settings have been mixed up.

If you auto-generate a form it will ask whether to auto-generate the password or not (see screenshot).

I suspect that if your form is set to autogenerate a password then that will be used regardless of whether a user enters a password in password fields or not.

So, first, check how the settings look if you use the auto-generate form content button (which should show what the current settings are).

#607937

Autogenerate password is disabled
Disabling the auto login on cred_success_redirect removes the problem and
user entered password are stored correctly.

#607955

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

Hi Tina

I started to look at your code and the first problem is that you are adding a cred_success_redirect action, but it's not an action hook it's a filter (https://toolset.com/documentation/programmer-reference/cred-api/#cred_success_redirect).

I think an appropriate hook would be cred_save_post (which fires when the user has been created and saved).

I started from scratch and wrote the following to auto-login the user. I think it would need a redirect on submission form setting so that the page reloads and we know the user is logged in.

/**
 * Auto-login new CRED user
 */
add_action( 'cred_save_data', 'tssupp_cred_autologin', 10, 2 );
function tssupp_cred_autologin( $post_id, $form_data ){

	if ( 6 == $form_data['id'] ) { // Edit as required

		if ( !empty( $_POST['user_login'] ) && !empty( $_POST['user_pass'] ) ) {

			// get the user credentials from the $_POST object
			$user = array(
				'user_login'	=>	$_POST['user_login'],
				'user_password'	=>	$_POST['user_pass'],
				'remember'		=>	true
			);
			$login = wp_signon( $user, false );

			if ( is_wp_error($login) ) {
				error_log( $login->get_error_message() );
			}

		}
	}
}

I tested it and it works, hopefully you'll find the same.

#607991

This is what I wanted to do from the beginning but $form_data returns error for me.
Nor is $_POST[] data available.
That is why I asked if this is due to the form being a user form not a post form?
That is why I switched to redirect where I at least got a user id.

#607997

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

This is just on a plain vanilla CRED User form to register new users added to a standard WP page.

Nothing else involved, no other code involved.

It works on a vanilla site that doesn't have any other custom code...

#612462

Replying to keep ticket open, have not had the time to test yet

#612646

Nigel
Supporter

Languages: English (English ) Spanish (Español )

Timezone: Europe/London (GMT+00:00)

Sure, let me set this as waiting for feedback from you.