我想用用户名、电子邮件ID和电话号码登录wordpress。我在用户注册时在用户元中插入电话号码的地方。是否有任何钩子可以访问用户元并使用登录密码对其进行验证。
https://wordpress.org/plugins/wp-email-login/我知道这个插件用于登录时的用户名和电子邮件ID验证。因此,我可以使用用户名和电子邮件ID登录,但我的主要问题是用户元表中的电话nmber。
试试这个:
我们需要做的第一件事是删除默认的身份验证权限。将以下代码片段添加到函数.php文件中:
//remove wordpress authentication
remove_filter('authenticate', 'wp_authenticate_username_password', 20);
接下来,我们将添加自己的身份验证。为此,我们将使用add_filter。
将以下代码添加到函数.php文件中:
add_filter('authenticate', function($user, $email, $password){
//We shall SQL escape all inputs
$user_phone = $wpdb->escape($_REQUEST['user_phone']);
$password = $wpdb->escape($_REQUEST['password']);
//Check for empty fields
if(empty($user_phone) || empty ($password)){
//create new error object and add errors to it.
$error = new WP_Error();
if(empty($user_phone)){ //No email
$error->add('empty_phone', __('<strong>ERROR</strong>: Phone field is empty.'));
}
if(empty($password)){ //No password
$error->add('empty_password', __('<strong>ERROR</strong>: Password field is empty.'));
}
return $error;
}
//Check if user exists in WordPress database
//$user = get_user_by('email', $email);
//Instead of the above one use this
$user = reset(
get_users(
array(
'meta_key' => 'user_phone',
'meta_value' => $user_phone,
'number' => 1,
'count_total' => false
)
)
);
//bad email
if(!$user){
$error = new WP_Error();
$error->add('invalid', __('<strong>ERROR</strong>: Either the phone or password you entered is invalid.'));
return $error;
}
else{ //check password
if(!wp_check_password($password, $user->user_pass, $user->ID)){ //bad password
$error = new WP_Error();
$error->add('invalid', __('<strong>ERROR</strong>: Either the phone or password you entered is invalid.'));
return $error;
}else{
return $user; //passed
}
}
}, 20, 3);
此时的形式应该是:
当然,如果您想要一个输入字段,那么它可以完成。但是您需要决定如何选择要执行的验证电话号码,电子邮件地址或用户名
<form id="login" name="form" action="<?php echo home_url(); ?>/login/" method="post">
<input id="user_phone" type="text" placeholder="Phone Number" name="user_phone">
<input id="password" type="password" placeholder="Password" name="password">
<input id="submit" type="submit" name="submit" value="Submit">
</form>
您可以使用此插件登录并使用电话号码或电子邮件和密码进行注册。该代码将通过短信或电子邮件发送给您,您可以使用它进行身份验证。您的客户可以为他/她设置密码,因此无需再次通过短信或电子邮件发送激活码。
https://wordpress.org/plugins/login-with-phone-number/
这不是首选解决方案,因为我们需要创建自定义 实现此目的的登录表单
您需要在前端创建一个模板才能像这样显示:
<form id="login" name="form" action="<?php echo home_url(); ?>/login/" method="post">
<input id="username" type="text" placeholder="Username" name="username">
<input id="user_phone" type="text" placeholder="Phone Number" name="user_phone">
<input id="password" type="password" placeholder="Password" name="password">
<input id="submit" type="submit" name="submit" value="Submit">
</form>
上面写这个php代码,它将在表单上工作
我通过用户名获取用户的用户 ID,然后通过用户 ID 获取user_meta表中的用户电话,然后将其与提交的用户电话号码匹配。
您可以在以下代码中进行更改以验证电话号码 分别。
我将meta_key和输入类型名称都假定为"user_phone"
if($_POST) {
global $wpdb;
//We shall SQL escape all inputs
$user_phone = $wpdb->escape($_REQUEST['user_phone']);
$username = $wpdb->escape($_REQUEST['username']);
$password = $wpdb->escape($_REQUEST['password']);
$remember = $wpdb->escape($_REQUEST['rememberme']);
$user = get_userdatabylogin($username);
if($remember) $remember = "true";
else $remember = "false";
$login_data = array();
$login_data['user_login'] = $username;
$login_data['user_password'] = $password;
$login_data['remember'] = $remember;
//get user phone number from DB
$org_phone = get_user_meta($user->ID , 'user_phone',1);
$user_verify = wp_signon( $login_data, false );
if ( is_wp_error($user_verify) && $org_phone == $user_phone)
{
header("Location: " . home_url() . "/login/error/");
// Note, I have created a page called "Error" that is a child of the login page to handle errors. This can be anything, but it seemed a good way to me to handle errors.
} else {
echo "<script type='text/javascript'>window.location='". home_url() ."'</script>";
exit();
}
} else {
// No login details entered - you should probably add some more user feedback here, but this does the bare minimum
echo "Invalid login details";
}
假设您将电话号码存储在user_phone
元字段中。您可以使用我在其中一个插件"操作包"中使用的以下代码,该插件为 Elementor 页面构建器提供用户注册和登录功能。
// Login through phone number
add_filter( 'authenticate', function ( $user, $phone, $password ){
if ( $user instanceof WP_User ) {
return $user;
}
if ( empty( $phone ) || empty( $password ) ) {
if ( is_wp_error( $user ) ) {
return $user;
}
$error = new WP_Error();
if ( empty( $phone ) ) {
// Uses 'empty_username' for back-compat with wp_signon().
$error->add( 'empty_username', __( '<strong>Error</strong>: The phone field is empty.', 'actions-pack' ) );
}
if ( empty( $password ) ) {
$error->add( 'empty_password', __( '<strong>Error</strong>: The password field is empty.', 'actions-pack' ) );
}
return $error;
}
if ( ! ap_is_phone( $phone ) ) {
return $user;
}
$user = get_users( [ 'meta_key' => 'user_phone', 'meta_value' => $phone, 'number' => 1, 'count_total' => false ] )[0];
if ( ! $user ) {
return new WP_Error(
'invalid_phone',
__( 'Unknown phone number. Check again or try your username.', 'actions-pack' )
);
}
/** This filter is documented in wp-includes/user.php */
$user = apply_filters( 'wp_authenticate_user', $user, $password );
if ( is_wp_error( $user ) ) {
return $user;
}
if ( ! wp_check_password( $password, $user->user_pass, $user->ID ) ) {
return new WP_Error(
'incorrect_password',
sprintf(
/* translators: %s: Phone Number. */
__( '<strong>Error</strong>: The password you entered for the phone number %s is incorrect.', 'actions-pack' ),
'<strong>' . $phone . '</strong>'
) .
' <a href="' . wp_lostpassword_url() . '">' .
__( 'Lost your password?' ) .
'</a>'
);
}
return $user;
}, 20, 3 );
这是一个电话号码有效性检查功能。这取决于您如何接收电话号码。是否带有国家/地区电话代码。
/**
* Checks if it is a valid phone number
* @toDo Improvise validity check.
* https://stackoverflow.com/questions/14894899/what-is-the-minimum-length-of-a-valid-international-phone-number
*/
function ap_is_phone( $phone ){
$phone = filter_var($phone, FILTER_SANITIZE_NUMBER_INT);
$phone = str_replace("-", "", $phone);
if (strlen($phone) < 10 || strlen($phone) > 14) {
return false;
}
return $phone;
}