Implement Email Verification in conjunction with Membership

Hi there,

I'm implementing Membership plugin but have a problem ...

- We offer our users a free trial.
- We do not want to force users to go through a payment gateway to get the free trial.
- We do however want them to have to verify their email address when they sign up.

Can you please advise the best way to achieve this?

Thanks,
James

  • James

    Hi Ari,

    I want verification emails because we are offering a free trial and need to stop people from putting in fake email addresses. The payment gateway isn't really relevant at this stage is it? I don't want them to have to go through one to get the free trial, it's stunting our business at the moment. If they decide to purchase after the trial, then they will be put through PayPal and I'd also like them to have the option of paying direct with their credit card, but I'm not worried about that at this stage.

    James

  • aristath

    I want verification emails because we are offering a free trial and need to stop people from putting in fake email addresses.

    having an email verification required will not stop people from getting multiple email addresses.
    Example:
    john@domain.com, john+34@domain.com, john+2342@domain.com and john+rules@domain.com may seem different and are registered on your WordPress site as different users, but theyt are all the same email address.
    The best solution is to simply put a time limit on their "test" subscription (for example a wekk). After that time is up, their subscription is automatically suspended unless they choose to renew it or upgrade to a premium level.
    In other words, email verifications won't stop or prevent anything. they will simply be a nuissance when users subscribe in the first place.
    There are other plugins you can use to prevent spam registrations if you want...

    The payment gateway isn't really relevant at this stage is it?

    Actually it is!
    Some payment gateways (PayPal for example if I'm not mistaken) bypass zero-priced purchases.
    Have you actually tried creating a zero-price, finite subscription?

    Please advise,
    Ari.

  • aristath

    Hello again @James,

    I'm sorry for the delay here, I just had the day off yesterday. It happens once a week... :slight_smile:
    I've been examining this issue and it turns out Membership actually uses a different method to send the emails than the standard registration page, although the accounts are created in a similar way.

    Because Membership will always ask for a password at signup, that password will be emailed to them and therefore no email verification is required.

    There's a workaround though... You can bypass the Membership registration page and use the default WordPress registration instead. This way users will be able to go through the default registration, get the verification email, and as soon as they verify their address, they will then be able to go through the membership subscriptions screen.

    As for the paypal issue, I'm sure we'll be able to find a workaround for that... We could just modify the PayPal payment gateway code so that when the price of a subscription is 0, it will not go through the payment gateway. I have notified our Second Level Support on this (they're the code gurus), hopefully they'll be able to provide some more feedback about this,

    Cheers,
    Ari.

  • Jose

    Hey @James,

    Hope you are doing great today!

    I must say that having email verification makes sense to me given your particular scenario. Sadly, this is not provided out of the box, and I assume it's due that most of the use cases for Membership plugin are paid subscriptions.
    To avoid free subscription spammers there are others workarounds like captcha plugins, signup limitation by IP, etc. But cant find anything that could help to achieve what you want.

    Therefore, you will need to customize your registration process.

    When Ari mention the default WordPress registration, he is making reference to the registration process that you would find in a fresh Wordpress installation. This default registration form only ask for username and email, and then it creates a random password and sends it via email along with a log in link.

    You can find this routine in the following file:
    /wp-includes/user.php line 1993 method register_new_user()

    The relevant part is:

    $user_pass = wp_generate_password( 12, false );
    	$user_id = wp_create_user( $sanitized_user_login, $user_pass, $user_email );
    if ( ! $user_id || is_wp_error( $user_id ) ) {
    	...
    }
    
    update_user_option( $user_id, 'default_password_nag', true, true ); //Set up the Password change nag.
    
    wp_new_user_notification( $user_id, $user_pass );//Sends the email with login information to the new user and also to the admin.

    The registration process in Membership plugin is a bit different, since the user provides the password in the registration form.

    For the popover registration, you can find the routine in the following path:
    \wp-content\plugins\membership\membershipincludes\classes\membershipadmin.php line 7845 method popover_register_process().

    Into this routine, you will see that there are things in common like:
    $user_id = wp_create_user(sanitize_user($_POST['user_login']), $_POST['password'], $email);
    (Note that it uses the same method wp_create_user, but the password is fetched from the POST request sent from the popup form)

    and also the email notification is sent to both user and admin:
    wp_new_user_notification($user_id, $_POST['password']);

    So, the way to proceed here would be to modify the sign-up form to remove the password field. You can override the signup form by hooking into the filter "membership_override_popover_signup_form".

    Then, in the registration routine, you would generate a random password that would be sent to the user.

    If you want to improve this even more, and you can put the necessary effort, I would advice you to take a look into BuddyPress registration routine. It implements a whole activation process via email and provides a more clear way to control fake/no-activated accounts. Of course, this would need a good amount of customization.
    You will find the relevant logic into the file:
    \wp-content\plugins\buddypress\bp-members\bp-members-functions.php
    In methods
    bp_core_signup_user()
    bp_core_signup_send_validation_email()

    Please let me know if I understood your issue correctly and if the information provided is enough to point you in the right direction.

    I'm here to help you if you have any concern.

    Cheers!
    JJ

  • James

    Thanks very much Jose,

    Yes it sounds like you've definitely understood the issue.

    I'll get my programmer to work on the implementation of it and let you know if we need any more details about it.

    One question I do have now is: With the registration process essentially being handled by WordPress instead of Membership, how can we ensure that once they've registered/validated that they are put into the first subscription/level group within Membership (which we've called "new member")?

    Thank you,
    James

  • Jose

    Hi @James,

    Glad to hear that my answer was useful for you.

    Regarding the initial subscription level, you can set it in
    Membership->Options->General, under Default subscription for registered users.

    The default subscription assignment is hooked to the action 'user_register' and, therefore, It will work the same no matter if you are using Membership registration or the WP default registration process.

    Please don't hesitate to ping me back if you have further questions.

    Cheers!,
    JJ

Thank NAME, for their help.

Let NAME know exactly why they deserved these points.

Gift a custom amount of points.