About: Jan Kingsley

Also, I would like to auto-generate a password in the upgrade email. This is the current code I’m using. It is without a password generator. Is there a way to do this?

function user_role_update( $user_id, $new_role ) {
if ($new_role == “s2member_level1”) {
$site_url = get_bloginfo(‘wpurl’);
$user_info = get_userdata( $user_id );
$to = $user_info->user_email;
$subject = “ASPEL Membership Approved”;
$message = “Hello ” .$user_info->display_name . “, Congratulations! Your ASPEL Membership has been approved.

Du ” .$user_info->password . ” ” .$user_info->username . ” kan nå logge inn på medlemssiden og lese medlemsblader, laste ned høydepunkter, delta i konkurranser og så videre.

Medlemspakken med det første medlemsbladet, plakat og medlemskort blir sendt ut i september. De to andre bladene blir gitt ut i desember og mai.

Med vennlig hilsen
NewUtd-teamet”;

}
}
add_action( ‘set_user_role’, ‘user_role_update’, 10, 2);
?>

and yes, I know some of the message is in English and some in another language. I’m worried about the coding…

Thanks for your help in advanced.

Hello,

First, Logan: no, not exactly. We contacted WP Engine who made a temporary change which is allowing it to work in the interim, but is without some security features.. Not quite sure what they are asking us to do.

Second, Mike: I have contacted our hosting company, WP Engine, and this was their response:

The problem on our platform comes from when the form is hard coded directly to “wp-login.php”. Here’s some example code from a similar issue:

<form action="/wp-login.php?redirect_to=” method=”post”>

To compare, here’s what WordPress uses in the “wp-login.php” file:

<form name="loginform" id="loginform" action="” method=”post”>

The most important part of the code from “wp-login.php” file is this portion:

site_url( ‘wp-login.php’, ‘login_post’ )

Our security measures rely on modifying the “site_url()” function when the second part of that function is “login_post”. If you’re not using the “site_url()” function, or if you’re are using the “site_url()” function but not “login_post”, then the custom login form is going to run into our security block.

Our engineers have recommended to modify the code to generate the login URL the same way that WordPress does because our system reads the direct call to wp-login.php.

So, in the interim, WPEngine has made it possible to make the requested updates to the login, however we are not quite sure what/where/how those should be done…?? maybe you could shed some light on that for us as WPEngine was a bit vague with it, considering we are very new to WP programming.

Thanks again for your help Mike, hope to hear from you soon.

Regards,
Jon

Hi Mike,

Thank you for your feedback. I have sent you a private contact form as requested. I have re-enabled the S2member Pro Login and set you up with some admin details to login. This way, you can experience the issue we are having, which is, when you login, you have to do it twice, once on our homepage, and then you are redirected to the wp-login.php backend to do it a second time. I do not see the reason in this. For the time being, we have been using an Ajax Login plugin which does not have this problem for us. I hope this helps you out, and in turn helps us out.

Cheers,

Jon

Yes, no problem Eduan, go ahead and change it over. I did not respond to Bruce as he had said that S2member login should send you to the wordpress back end to re-sign in. Or that is how I understood his answer at least. So I was and still am a bit confused on whether it is possible to use the s2member pro login widget without having to login twice?

Cheers