- Level: EnlightenedPosts: 44
Hello,
I have switched on the buddypress invitation option where subscribers can invite other people to the website.
Unfortunately this feature has no limitation of mails send in a period of time per user. So spammers are happy about that as Tatiana states in this post:
https://bpdevel.wordpress.com/2021/05/26/bp-8-0-introduces-site-membership-invitations/imath points to the “proof of purpose” repository by dcavins but this “plugin” has no way to limit the emails send.
There is a plugin called “invite anyone”. This one has a setting to limit it but on my environment this plugin doesnt send out mails, not using the email templates from buddypress and seems to have a luck on support/bug fixing.
Therefore it seems some coding is needed to add this feature to buddypress.
Do you guys know how I can add a limit to invitations a user can send per day/month or in total to avoid being spammed? - Level: EnlightenedPosts: 44
Or alternatively add Recaptche to the form…?
- (BuddyDev Team)Posts: 24524
Hi Alex,
Thank you for the question.I am afraid, I lack the time to look much into this.
Something like this may work for you.
add_filter( 'bp_user_can', function ( $retval, $user_id, $capability, $site_id, $args ) { if ( 'bp_members_send_invitation' !== $capability ) { return $retval; } $count = BP_Invitation::get_total_count( array( 'inviter_id' => $user_id ) ); $max_allowed = 20;// change it. if ( $count >= $max_allowed ) { $retval = false; } return $retval; }, 10, 5 );I haven’t tested it, Please test it by setting lower limit and see if that works?
Regards
Brajesh - Level: EnlightenedPosts: 44
Hi Brajesh,
it works. Great! Thank you.Just two more questions on this.
1. At the backend on the invitations table you can see that the date is saved under “date modified”. Is it possible to get this date and then add it to your function? To check if the count is more than the max_allowed FOR THE SAME DAY, then set $retval to false?
2. After the limit is reached the message pops up saying “you dont have the rights to send invitations”.
Am I able to manipulate this message saying something like “you have reached the daily limit on invitations! Try again later”?Regards
AlexPS: I really wonder why nobody has this implemented over the last years. Looks like buddypress core development slows down, which is not good.
- Level: EnlightenedPosts: 44This reply has been marked as private.
- (BuddyDev Team)Posts: 24524
Hi,
Thank you for the reply.I am glad it worked.
BuddyPress does not provide the API for counting for an interval. It is certainly doable with direct queries. It will need significant time to develop(at least couple of hours to turn into a plugin with settings etc) .
Currently, I lack free time to do any further work on it though.
Regards
Brajesh - Level: EnlightenedPosts: 44
So is there any possibility to change the error message at least?
- Level: EnlightenedPosts: 44
I tried to overwrite the message with this filter below but inside the your surrounding filter it is not working. I suppose because the $message variable is unknown by the surrounding filter. But how can I solve this?
add_filter( ‘bp_user_can’, function ( $retval, $user_id, $capability, $site_id, $args ) {
if ( ‘bp_members_send_invitation’ !== $capability ) {
return $retval;
}$count = BP_Invitation::get_total_count( array(
‘inviter_id’ => $user_id
) );$max_allowed = 2;// change it.
if ( $count >= $max_allowed ) {
$retval = false;// overwrite message
add_filter(‘members_invitations_form_access_restricted’,’overwrite_message’);
function overwrite_message ($message) {
$message = ( ‘You have reached the limit of invitations.’);
return $message;
}}
return $retval;
}, 10, 5 );
- (BuddyDev Team)Posts: 24524
Hi Alex,
Thank you fro the reply.You will need to edit the invitation template file and put a message there(you will see the condition applied on the form).
Regards
Brajesh
You must be logged in to reply to this topic.