I'm new to wordpress. I'm modifying a plugin that create an ajax form to register a user. After registration if I refresh the page the user is automatically logged in. I don't want it (I need to send a random password to verify that the user read the email message).
I have tried to add
wp_set_current_user(0);
clear_auth_cookie();
after the user registration but nothing change.
What can it be?
Here is the function that receives the POST message from the form:
function the_do_login()
{
if($_SERVER[ 'HTTP_X_REQUESTED_WITH' ]=='XMLHttpRequest'){
if ( $_POST['the_form_action'] == 'login' ) {
// user already registered,
// do the login with wp_signon
}
elseif( $_POST['the_form_action'] == 'register' ){
if ( !empty( $_POST['user_login'] ) ) {
// check the user name..
} else {
// error on user name
}
if ( !empty( $_POST['user_email'] ) ) {
// check the password..
} else {
// ....
}
$user_data = array(
'ID' => '',
'user_pass' => $password,
'user_login' => $username,
'display_name' => $username,
'user_email' => $email,
'role' => get_option('default_role') // Use default role or another role, e.g. 'editor'
);
$user_id = wp_insert_user( $user_data );
// instead of wp_new_user_notification generate a random password and send it to the user
wp_new_user_notification( $user_id, $password );
echo '<div id="login_error">'.__('Your account has been created and an email is been sent to '.$email.'. Check your email to confirm registration').'</div>';
wp_set_current_user(0);
clear_auth_cookie();
die();
}
elseif( $_POST['the_action'] == 'reset_pass' ){
echo do_action('login_form', 'resetpass');
}
}else{
wp_redirect( home_url() );
die();
}
}
Aucun commentaire:
Enregistrer un commentaire