Disable Password Required User Account Page

Hello,

As previously discussed, the social login plugin has a bug where users cannot change account settings without entering their current password (which they don’t have with a social login). The only way to get around this is for them to request a new password and set one for the account.

Is there a way to disable the password on the account page being required and to hide the “current password” field from the page? I’d like to see if this is another viable workaround.

Thank you,
Andrew

Thanks, we added this to the bug tracker so this will be fixed - users registered via the social login can’t change their password in the settings form since they don’t know their current password. It’s possible to hide the password and email fields in the settings form (these are the details that require the current password to be changed), but this would also disable the email/password change functionality for regular users (registered via the regular form, not social login). Please let me know if this works for you.

Hello,

I can definitely try it if you have a snippet, but that’s not exactly what I’m looking to do. My main issue with the social login password bug is actually that I’m using this snippet right here to make profile pictures required:

add_filter(
	'hivepress/v1/forms/user_update/errors',
	function( $errors, $form ) {
		$user = $form->get_model();

		if ( $user && ! $user->get_image__id() ) {
			$errors[] = 'Please upload a profile picture.';
		}

		return $errors;
	},
	100,
	2
);

When using this snippet, it requires the user to enter their password in order to upload a picture. If you have a snippet that requires users to upload a photo but NOT have to put their password in when changing their photo, then that will solve my issue.

Thank you,
Andrew

Please make sure that you leave the New Password and Email fields unchanged, because the Current Password should be required only if any of these fields change (for confirmation). These are the only conditions set for the “Current password is required…” error in the code so the image-related snippet shouldn’t affect this hivepress/class-user.php at master · hivepress/hivepress · GitHub

Hello,

When I go to save my settings/complete my profile with the shipper I posted above to require a profile photo, it requires a password still. I’ve attached a photo of it requiring a profile photo and then requiring a password after uploading one. No other setting was changed.

Do you have a way to disable requiring the current password for everything and just not using it at all? This way once the user logs in we’ll just trust them and let them change any settings they want. I’d rather have no “current password” requirement for anything and simply allow a user to directly change their password to a new one.

Edit: I can also confirm this is not a caching issue, as cache has been cleared and the issue is persistent on all devices. I use Cloudflare and LSCache and neither of them cache logged-in users, either. The issue does go away when the snippet for requiring a photo above is disabled.

Thank you,
Andrew


Please make sure that there are no other snippets that may cause this issue. I tried adding it locally and the first time the form is submitted this error appears Screenshot by Lightshot After uploading an image this message appears Screenshot by Lightshot

This issue may also occur if there’s a custom vendor attribute that conflicts with the built-in field (e.g. if it has the same name), so the function detects the email or password field as non-empty.

I can also check this issue for you if you send temporary WP access to support@hivepress.io Unfortunately there’s no way to disable the current password check, it’s built into the plugin but it should trigger only if the email or password field values are changed.

Hello,

From what I can tell, there are no snippets that interfere at all and the added attributes have nothing to do with the issue. Do I need to schedule a time to have you access the website or anything?

Thank you,
Andrew

If this issue persists please send a temporary admin access link using this plugin Temporary Login Without Password – WordPress plugin | WordPress.org via email to support@hivepress.io and I’ll check it. Please set the link expiration to 48 hours.

Hello,

I just sent the email and referenced this forum post.

Thank you,
Andrew

Hello,

I figured out the snippet that is causing the issue.
The snippet is:

add_filter(
	'hivepress/v1/forms/user_update',
	function( $form ) {
		if(isset($form['fields']['email'])){
			$form['fields']['email']['disabled'] = true;
		}

		return $form;
	}
);

For some reason, the page acts as if you’ve edited the email (even though it’s disabled and cannot be changed).

I tried implementing a temporary workaround by making the field’s required status false with this snippet:

add_filter(
	'hivepress/v1/forms/user_update',
	function( $form ) {
		if(isset($form['fields']['email'])){
			$form['fields']['email']['required'] = false; //Added line
			$form['fields']['email']['disabled'] = true;
		}

		return $form;
	}
);

Unfortunately, this doesn’t seem to work. Do you have any suggestions?

Thank you,
Andrew

Yes, if you disabled the email field, then its value is not sent with the form submission so it’s detected as the field change. Please try using the same snippet, but use the “readonly” parameter instead of “disabled”.