Support » Plugins » Hacks » How to manipulate users

  • Resolved aberglas


    What are the correct methods for manipulating and creating users?

    There are methods like update_user_meta in user.php.

    Then there is the mysterious WP_User class, which mainly just seems to be a place holder but also retrieves some bits from the db like capabilities? I do not think that just updating its properties stores things to the database?

    There is also some sort of cache, which I think is just per request? and has potential for grief.

    wp_insert_user has a lot going on which I will work through tomorrow. But just after it updates the db it does
    new WP_User( $user_id );
    and then sets properties on the result, no update. Do they get updated in the db?

    And why all the stripslashes? I presume everything is escaped at html or sql output time.

    Any pointers to docs would be helpful. The codex mainly just describes the parameters from methods that are obvious from the source code anyway. My impression is that there are are several generations of methods.

    (I am trying to write a plugin that will allow users to self register in a multi site but only if they know one of the site passwords. I am new to WordPress and trying to understand the architecture. Have discovered that multi site and normal registration are unrelated code.)

Viewing 4 replies - 1 through 4 (of 4 total)
  • Moderator t-p




    Thanks t-p, but I am talking about the internals. Will continue to investigate, the documentation for an open source project is the source code…

    Moderator bcworkz


    As you suspect, wp_insert_user() is the main mechanism. If you pass an id it becomes an update function, without the id, a new user is created. The functions after a new WP_User is created do in fact update the db, they are all update or set type functions.

    The WP_User class is just a data structure container, the few methods that add or set something effect the db, otherwise it’s mostly just data to use. There is no point in directly setting any class properties, the changes will not persist.

    I agree the cache seems to be per request, but I don’t know anything about it. I don’t fully get stripslashes either. I think it’s because lower level functions expect it. If they are not stripped, when things are escaped later, we would end up with double escaped data.

    Pointers to docs? Ha! As you have found, examining source is more productive. Feel free to improve the docs after you’ve made a study of something 😉 WP has evolved quite a bit over the years, the Codex, maintained by volunteers, struggles to keep up.

    Hello bcworkz,

    Thanks for your pointers. I have now got that working having spent some time in the doc … ie the wordpress source code.


Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘How to manipulate users’ is closed to new replies.