Posted by & filed under WordPress.

Last September I release a WordPress plugin that allows an administrator to approve new users after they register for your site. I built the plugin for a private blog that I have and I wanted control over each member of the site. Since I thought others would be interested in using the plugin I decided to release it.

I didn’t realize the amount of work it would create to maintain it.

The thing is, there are many plugin developers donating their time for plugins that I am using. So I don’t mind doing it.

In fact, releasing the plugin was actually the best thing I could do. A few users found bugs and even sent a patch to fix the bug. That’s how it should be.

Anyway, the first update to the New User Approve Plugin was released last night. No new features. Just some bug fixes and code cleanup. Here are the details.

  • correctly display error message if registration is empty
  • clean up code
  • style updates
  • if a user is created through the admin interface, set the status as approved instead of pending
  • add avatars to user management admin page
  • improvements to SQL
  • verify the user does not already exist before the process is started
  • add nonces to approve and deny actions
  • temporary fix for pagination bug if more the 50 users are present in the WP database

If you are a user of the plugin, please let me know if you find any more issues or your thoughts in general on the plugin. And don’t forget to donate if you find this plugin useful.

Update: No more comments will be allowed. If you are having issues with the New User Approve plugin, please post in the New User Approve forums on WordPress.org.

25 Responses to “New User Approve Plugin Updates”

  1. Logophilos

    Hi – since I downloaded the latest version, I can no longer approve or deny users through the WP interface. I get a ‘page not found’ error (perhaps to do with the new nonce feature?) I have to go to the database and manually delete users who I deny.

    I love this plugin but this issue is a serious problem.

  2. Johnny Brainwash

    I am experiencing the same issue.

    First time it happened, I deleted the user and registered him myself, which bypassed the approval process. I’m going to do the same thing for someone else now.

    It’s a really handy plugin, though. Thanks.

    Error message:

    Internal Server Error
    The server encountered an internal error or misconfiguration and was unable to complete your request.

    Please contact the server administrator, support@supportwebsite.com and inform them of the time the error occurred, and anything you might have done that may have caused the error.

    More information about this error may be available in the server error log.

  3. bradms98

    I’m using this plugin in conjunction with “Registered Users Only” to create a blog that is private, but still lets visitors register and go through the approval process.

    So far, its working, but emails are not being sent to the site admins when a new user registers and needs approval, nor are emails being sent to users once approved or denied.Any ideas on how to get it to send these emails? I’m new to wordpress in general, my apologies in advance for my ignorance.

  4. Josh Harrison

    Sorry you’re not getting your emails. Are you getting any emails from your blog? For example, when somebody changes their password, are you being notified via email? The New User Approve plugin uses the wordpress API to send emails.

  5. Mark

    Hi

    I am interested in having a system where people can register on my blog/site and then they can upload their own files and post their own topic where they basically promote themselves, is this the kind of thing I need or do you know of anything that will work for me?

  6. bradms98

    Josh, thanks for the tip about my WordPress install not sending emails. I didn’t have an address filled in under “Settings > General > E-mail Address”. After entering a valid address here, I started getting the emails I was expecting. Thanks for making this great plugin!

    Mark, it sounds like you want to change the default role for your new users. In your admin console, click “Settings” then change “New User Default Role” to whatever level you want them to have. This plugin will still be handy though, as you may want to approve these users first, instead of just letting any person (or spam bot) register and start posting stuff on your site.

  7. Kyle

    This is a very interesting plugin. I used Register Plus in the past, but it hasn’t been updated for quite some time.

    I like the way everything is organized. Do you have any ideas on how to allow users to define their own passwords? I guess that function is dependent on whether or not your plugin simply withholds their login credentials, or if it prevents early login.

    That being said, your plugin is effective, and it is much appreciated. I see a lot of potential here, and I look forward to seeing how this evolves.

    I do like the idea of being able to customize the notifications sent. If I cannot allow users to create their own password, I would, at the very least like to point them to their profile page, where they can change it themselves.

    Thanks for the effort

  8. Jay

    Hi Josh,

    I upgraded to 2.8, had big probs, rolled back to 2.7.1 and now getting:

    Fatal error: Call to undefined function esc_url() in /data/18/1/16/4/1668004/user/1798997/htdocs/ops/wp-content/plugins/new-user-approve/new-user-approve.php on line 286

    That line in my editor is only a }

    Here’s the code just above it:

    if ($deny) {
    $deny_link = get_option(‘siteurl’).’/wp-admin/users.php?page=’.basename(__FILE__).’&user=’.$user->ID.’&status=deny’;
    $deny_link = ( function_exists(‘wp_nonce_url’) ) ? wp_nonce_url($deny_link, ‘plugin-name-action_’ . get_class($this)) : $deny_link;

    Sorry to bother you with this, but if you have an idea what might have happened it would be greatly appreciated.

    Thanks for the great plugin.

  9. Mamoun Elkheir

    Hello Josh,
    I just want to thank you a lot as this plugin helped me very much in the site I am working on, and it worked for me very smoothly. It is a great plugin.
    One minor question: what part of code should I change in the plugin if I need to give the right of approving users to some less-than-level-10 users? e.g., from level 4 & up. Many thanks.

  10. Bryan

    Hi, is it possible to assign someone other than Administrator to be able to administer aprovals? I would like to assign this ability to one of my editors but I really don’t feel comfortable giving them full run of the admin panels.

    Thanks!

  11. Maddie

    I added this plugin to head off a large number of user registrations from Russia (spam) and it’s working well to catch and exclude those users from our blog- thank you.

    I would love to be able to delete the users completely when I deny them. As it is now, I have to deny them, then go in and delete them one by one from the user management area, a two step process made more difficult by the large number of registered users we have on our blog.

  12. Ian

    This plugin is just what we need. However, new users are able to approve their own accounts. Is there a WP setting that I need to disable? Thanks for your help.

  13. F

    hello. i have a problem with this plugin. i’m getting an email every time a new user registers but once i approve them, i learn that my subscribers arent getting the email that they’ve been approved. does anyone know why this is happening?

  14. Paul

    Part of the description for this plugin that I read states: “An email is then sent to the user indicating whether they were approved or denied.”
    However, if I deny a user (spammer) I would prefer NOT to send an email, so I don’t reveal a live email address. Can this be configured?

  15. DJ Allyn

    This is a great plugin and an improvement over some of the other ones out there.

    I do have one request though: I would LOVE to simply be able to delete the reprobates that I do not approve. I don’t have any need to fill up my users table with a bunch of fake names.

    Right now I am going though my list of 2800+ registered users trying to find and delete roughly 300+ bad registrations. It would be so much simpler for me to have the option of trashing them.

    Or maybe a feature that would automatically purge them after being on the “deny” list for n days?

  16. Donal

    Very nice plugin. Just playing around with it, doesn’t seem to unapprove a user once they’re approved if you subsequently unappprove them.

    Paul, lfp, look for the mail from plugin. Paul, you could change this address to a fake address if denying spammers. Ideally a checkbox after each user seeking approval whether to send a mail or not would be a nice way to do it.

  17. DJ Allyn

    Paul brings up a great point. If I deny someone, I don’t want an email sent at all. As I stated above, I would much rather be able to delete their request right then and be done with it. I don’t think I owe an email or explanation. In other words a “Deny” should just be a “Delete”. If you can figure out how to send it to a “blacklist”, that would be cool, but not necessary.

    ALSO, I would like to be able to edit the email that is sent out to those I do approve. For example, I personally want those people I do approve of to update their profile to at least enter their first and/or last name. I need that capability to edit the email being sent.

  18. NightStorm

    To answer the question on sending out denied emails…
    edit new-user-approve.php and comment out line 396

    @wp_mail($user_email, sprintf(__(‘[%s] Registration Denied’, $this->localizationDomain), get_option(‘blogname’)), $message);

    This should prevent it from sending the email.

    Now, to automatically delete Denied users, try this.
    In new-user-approve.php, immediately after:
    update_usermeta($user->ID, ‘pw_user_status’, ‘denied’);

    insert this line (should land around line 400):

    wp_delete_user($user->ID);

    Hope this helps.

  19. booboo

    Another cool feature would be the ability to customize the emails sent to users. Any chance of including that? I’m thinking of hacking it to do it but if you’re going to include that then maybe I’ll hold off.

    Great plugin, btw.

  20. LozTom

    G.R.E.A.T Plugin, just what I wanted…but, and there is always a but.. 🙂

    When used in conjunction with FaceBookConnect plugin, the authorisation is circum-navigated completely and renders it useless.

    Is this something which you could / would consider fixing?

    Please eMail me if you do as I’ll re-install it in a flash!

    Thanks

    Loz