WordPress: create a custom sign up page

WordPress: create a custom sign up page

How to create a custom sign up page in WordPress.

Creating a custom sign up page for WordPress is a two-steps task: first you need to create a new page template and then perform the registration routine just before the header of the page is actually called. During this process you can add as many fields you want but the three fundamental fields that always need to be used are the username, email and password parameters. Without these fields you can't successfully create a new WordPress user.

We're going to create a simple form with an hidden field. This field will tell our code that our form has been submitted. The page template is as follows:


<?php
  // Registration routine
?>
<?php
/**
 Template Name: Sign in
 */

get_header(); ?>

<div id="primary" class="site-content">
		<div id="content" role="main">

			<?php while ( have_posts() ) : the_post(); ?>
				<?php get_template_part( 'content', 'page' ); ?>
			<?php endwhile; // end of the loop. ?>
			
			
			
			<form action="<?php global $post; echo get_permalink($post->ID); ?>" method="post">
				<div>
					<label for="username">Username</label>
					<input type="text" name="username" id="username" />
				</div>
				<div>
					<label for="email">E-mail</label>
					<input type="text" name="email" id="email" />
				</div>
				<div>
					<label for="password">Password</label>
					<input type="password" name="password" id="password" />
				</div>
				
				<input type="hidden" name="sent" value="true" />
				
				<p><input type="submit" name="submit" id="submit" value="Sign up" /></p>
			
			</form>

		</div><!-- #content -->
	</div><!-- #primary -->

<?php get_sidebar(); ?>
<?php get_footer(); ?>

The registration routine will create a new WordPress subscriber user. After the user has been created, we'll redirect him to the login page:


<?php
  // Registration routine
  
  if(isset($_POST['sent']) && $_POST['sent'] == 'true') { // has the form been submitted?
    
    // You need to sanitize data here
    			
  	$password = $_POST['password'];
  	$username = $_POST['username'];
  	$email = $_POST['email'];			
	
  	// Create a new WordPress user
  	
	wp_insert_user(array(
		    	'user_pass' => $password,
		    	'user_login'=> $username,
		    	'user_email' => $email,
		    	'role' => 'subscriber')
    );
		    	
    $login = wp_login_url(); // Login page URL
    wp_redirect($login);  // Redirect the user
    exit();


}
?>

At this point our user will be redirected to the login page. After logging in, he will see his profile page which still needs to be filled in with other personal information. The wp_insert_user() function can actually add several other information to the user's profile, but username, password, email and role are mandatory. Passwords must be in plain format, so you don't actually need to encrypt them. You only have to check that they don't contain some characters which WordPress doesn't allow (e.g. backslashes).