Samuel Elh Blog

WordPress, bbPress, BuddyPress, JavaScript tutorials and snippets

Tag: users

bbPress Messages – Send automatic welcome messages to new users

bbPress Messages – customizing and extending

Send automatic greeting and welcome messages to new users

In this quick tutorial we are going to talk about how to enable custom messages sent automatically to new user upon a successful registration on our WordPress blog or website.

Required plugins

For this process, you’re going to need:

  • bbPress, the parent plugin of bbPress Messages, for powering forums and communities
  • bbPress Messages: PRO ( v. 0.2.4 or greater), or lite ( v. 0.2.3 or greater ).

That’s all, and no, no BuddyPress is needed or involved.

Extending user registration system

We will be hooking into user_register, which provides us with a user ID for the currently registered user, which we will use to email the user a greeting and welcoming custom message of our own.

Make sure to provide a sender ID, and this is totally required, for the sake of simplicity I made it 1, which will be the first user on your blog and the admin. To find our your user ID, go to users, find your account, and click edit. Now in the address bar there will be something like ?user_id=ID_HERE . That’s the ID you should insert in the sender in follows-code.


Using BBP_messages_message::sender method

This method will allow us to insert the message. It takes 4 parameters, 3 required and one optional:

  • $user_id: (int) the recipient which we will direct the message to.
  • $message: (string) the custom message we are sending.
  • $sender: (int) the message sender user ID, which the user will be able to reply to (if possible) later upon login.
  • $notify(bool) choose whether to notify this user by email about this message or not. It defaults to true, but you can set it to false to not email.

The coding:

Add the following code, to your child theme’s functions file or with a custom plugin, and make sure to make necessary edits such as customizing the message and inserting the message sender ID.

add_action("user_register", function( $user_id ) { 
	if ( !class_exists('BBP_messages_message') ) return; // bbPress messages is not there

	$sender = 1; // admin. Please provide a valid user ID
	$message = sprintf(
		"Greetings, %s!\n\nThis is an automated message, sent to greet and thank you for signing up for a membership on our website.\n\nSee you online,\n%s — %s.",
		get_userdata( $user_id )->display_name,
		get_userdata( $sender )->display_name,
		get_bloginfo( "name" )
	); // message format

	return BBP_messages_message::sender( $user_id, $message, $sender );

That’s it. Hope this tutorial helps you greet and welcome your newly registered bbPress users, and point them to use the messaging functionality or provide instructions and so forth..

If you had any issues, please post in the plugin support forum provided provided by the author.

An effective way of preventing spam registration with JavaScript – WordPress

As I am writing this blog post about preventing spam registration on wordPress, many weblogs out there are getting tons of new accounts registered which belong to robots and are totally untolerated spam.

Preventing Spam Registration on WordPress

There are so many ways out there, free and paid, which would help you knock off spam registration on your WordPress blog or website. One of them is CleanTalk, I love this one as it has a great database of malware checks (blacklist) and many online ready tools to verify a user before it successfully signs up.

But for me, I always prefer not to add another plugin to the load, so if it was to coding a little snippet of script that would help then that would be super. So hopefully this could help out preventing spam registration somehow.

Preventing Spam Registration – JavaScript

As many of you know, or as if you don’t know, spam bots (robots) actually run microsystems that do not have JavaScript running. This means that no DOM JavaScript is available for bots, so we will use this point to add a required (but hidden) field into the user registration form that will work with WordPress nonces too (cool, right?) which will be verified with wp_verify_nonce() function..

Every time the registration screen is requested, the form field for spam check will be added on window load, and it will be required to process the registration.

Important notice – if you are on an environment where your users prefer not to enable JavaScript, then do not use this process OR, notify your users to enable JavaScript in order to register and then switch back to disabled JS mode.

Once the field was not added, the request will be killed with a simple error message:

WordPress are you spamming go back - preventing spam registration

Are you spamming?

Or possibly if you don’t want to kill the request but show a warning message notice instead, comment out wp_die function and remove the comments for $errors->add method usage in the script code; inside se_nospam_register_validate callback function, and this would appear:

bad guy spotted spam registration wordpress - preventing spam registration

Cool! now where can I get the plugin? (no plugin, just some small snippet of non commented code) ; read on.

Preventing Spam Registration on WordPress: The code

You can use the following code to be added to your child theme’s functions file, or download the plugin from Github gist:

  * Plugin Name: No Spam Registration with JavaScript
  * Plugin URI:
  * Description: Prevents spam registration on your WordPress blog/website by adding a necessary form field with JavaScript on document load
  * Author:      Samuel Elh
  * Author URI:
  * Version:     0.1
add_action('register_form', 'se_nospam_register_append_input');
add_action('register_post', 'se_nospam_register_validate', 10, 3);
if ( !function_exists('se_nospam_register_append_input') ) :;
function se_nospam_register_append_input()
	<script type="text/javascript" id="se_nospam_inline_js">
		window.onload = function() { // it's all about this JS, once JS is loaded, the spamcheck field will be available..
			var e = document.getElementById('se_nospam_inline_js');
			if ( null !== e ) {
				e.outerHTML = '<input id="process-register" type="hidden" name="process-register" value="<?php echo wp_create_nonce( 'se-nospam-register' ); ?>" />';
			} return;
if ( !function_exists('se_nospam_register_validate') ) :;
function se_nospam_register_validate( $login, $email, $errors )
	$die_message = apply_filters( "se_nospam_register_error", "Are you spamming?<br/><br/> <a href=\"javascript: window.history.go(-1);\">&laquo; Go back</a>" );
    if( !isset($_POST['process-register']) ) {
    	wp_die( $die_message );
        // or just: $errors->add( 'empty_realname', "<strong>ERROR</strong>: Are you spamming?" );
    else if( empty($_POST['process-register']) )
    	wp_die( $die_message );
        // or just: $errors->add( 'empty_realname', "<strong>ERROR</strong>: Are you spamming?" );
    else if(!wp_verify_nonce($_POST['process-register'], 'se-nospam-register'))
    	wp_die( $die_message );
        // or just: $errors->add( 'empty_realname', "<strong>ERROR</strong>: Are you spamming?" );
    return $errors;

Cool! if preventing spam registration on WordPress with this custom trick has worked for you, then that’s what matters! Yay!! Personally it helped me a lot on my product support forums website where I have bbPress installed for the forums functionality.

Preventing Spam Registration on WordPress: After

Saying that it was helpful to preventing spam registration, there should be more to do after this, right? I mean like, capturing the prevented spam registration attempts and saving some count to the database so you can see a log of how many spam bots were blocked; something like adding this code:

update_option( $name = "se_how_many_spam", ( (int) get_option( $name ) ) + 1 );

That to be added right before each wp_die in the code, And then calling

get_option( "se_how_many_spam" );

to tell how much spam was denied. Also you might want to capture the user IP to block them or something, as long as possible, saying that spam can never be tolerated. (beware, bots will call you agressive then)

Note that this can also be effective on embedded forms like registration forms added with widgets or shortcodes, as the form field for spam check will be added with JavaScript there too.

That is it for this tutorial and I am hoping this helps you as it helped me and if there is any improvements or suggestions and ideas to implement, please feel free to discuss in below comments.

Thank you!

Add user last seen column to WordPress users table

In this quick tutorial, we will learn to add a custom column to the admin users column and show when our users were last caught visiting our website’s front end.

Each time a user browses your website, the meta in the database will be updated with the new time integer to get the exact last seen time for the logged in user.

Make sure to add the following code to your child theme’s functions file, or download as a plugin from the Github gist and upload it to your plugins.

A small preview:

wordpress users admin list last seen column preview

wordpress users admin list last seen column preview

This is a quick tutorial, feel free to share your thoughts and discuss below.

© 2017 Samuel Elh - Powered by WordPress, DigitalOcean & NameCheap

Theme by Anders NorenUp ↑

Subscribe to our mailing list

Sign up to receive updates about WordPress, free and premium plugins and themes in general and tips and tricks

* indicates required