Description
This plugin allows you to restrict the usernames that new users may use when registering for your site.
If open registration is enabled for your site (via Settings -> General -> Membership (“Anyone can register”)), WordPress allows visitors to register for an account on your blog. By default, any username they choose is allowed so long as it isn’t an already existing account and it doesn’t include invalid (i.e. non-alphanumeric) characters.
Possible reasons for wanting to restrict certain usernames:
- Prevent usernames that contain foul, offensive, or otherwise undesired words
- Prevent squatting on usernames that you may want to use in the future (but don’t want to actually create the account for just yet) (essentially placing a hold on the username)
- Prevent official-sounding usernames from being used (i.e. help, support, pr, info, sales)
- Prevent official username syntax from being used (i.e. if all of your administrators use a prefix to identify themselves, you don’t want a visitor to use that prefix)
- Prevent spaces from being used in a username (which WordPress allows by default)
- Require that a username starts with, ends with, or contain one of a set of substrings (i.e. “support_”, “admin_”)
- Require a minimum number of characters for usernames
- Limit usernames to a maximum number of characters
When attempting to register with a restricted username, the visitor will be given an error notice that says:
ERROR: This username is invalid. Please enter a valid username.
NOTE: This plugin does not put any restrictions on usernames that the admin chooses for users when creating user accounts from within the WordPress admin. This only restricts the names that users choose themselves when registering for your site.
SPECIAL NOTE: Many membership plugins implement their own user registration handling that often bypasses checks (and hooks) performed by WordPress. As such, it is unlikely that the plugin is compatible with them without special plugin-specific amendments.
Compatible with Multisite and BuddyPress as well.
Links: Plugin Homepage | Plugin Directory Page | GitHub | Author Homepage
Hooks
The plugin exposes one filter for hooking. Typically, customizations utilizing this hook would be put into your active theme’s functions.php file, or used by another plugin.
c2c_restrict_usernames-validate (filter)
The ‘c2c_restrict_usernames-validate’ hook allows you to add your own customized checks for the username being registered. You can add additional restrictions or override the assessment performed by the plugin.
Arguments:
- $valid (boolean): The assessment by the plugin about the validity of the username based on settings. True means username can be used.
- $username (string): The username being registered.
- $settings (array): The plugin’s settings.
Example:
/**
* Add custom checks on usernames.
*
* Specifically, prevent use of usernames ending in numbers.
*
* @param bool $valid True if the username is valid, false if not.
* @param string $username The username.
* @param array $options Plugin options.
*/
function my_restrict_usernames_check( $valid, $username, $options ) {
// Only do additional checking if the plugin has already performed its
// checks and deemed the username valid.
if ( $valid ) {
// Don't allow usernames to end in numbers.
if ( preg_match( '/[0-9]+$/', $username ) ) {
$valid = false;
}
}
return $valid;
}
add_filter( 'c2c_restrict_usernames-validate', 'my_restrict_usernames_check', 10, 3 );