Avoid user change password in wordpress

Question

This is my first question... TIA for the help

In my blog I want to create a user "guest" (anonimo in spanish) but once connected he can change the password and I want to avoid that. I decided to create a trigger that restore the original password in case of change

CREATE TRIGGER anonimo_check
AFTER
  INSERT ON wp_users FOR EACH ROW 
BEGIN
update
  wp_users
set
  user_pass = "xxxxx"
WHERE   user_login = "anonimo";
END

But I get a syntax error... I have check with several options but ... nothing

I'm not expert in mysql in now I feel lost and I will appreciate any help

Thanks PD. The error is Error Code: 1064. You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 9 0.062 sec

Answer 1

As you run it via Wordpress, then you can use WP hooks to avoid password changing. Try this:

function deny_guest_password_change($user_data){
    $user_login = 'anonimo'; // User login which password will be forced
    $forced_password = 'xxxxxx'; // Password which will be set for $user_login user
    if( $user_data['user_login'] == $user_login ){
        $user_data['user_pass'] = wp_hash_password($forced_password);
    }
    return $user_data;
}
add_filter('wp_pre_insert_user_data', 'deny_guest_password_change', 10);

It will force the user anonimo to xxxxxx password.

Change $user_login and $forced_password as you need.

Answer 2

There are a few ways you can do it that are more user-friendly than allowing the user to think they have requested a password reset. WordPress has a filter allow_password_reset see documentation

Simply add the following to your theme functions.php file

function disable_password_reset() { return false; }
add_filter ( 'allow_password_reset', 'disable_password_reset' );

If a user attempts to reset their password they will receive the error message

Password reset is not allowed for this user