Require a Specific Password Length

Many of the leading WordPress security plugins have the ability to force/require strong passwords for users. But one of the requests I’ve received from people is if there is a way to require passwords to be of a certain length. It seems that some users who work with clients are finding that some clients will reset a password to something “easier to remember” but not entirely secure, or the developer is trying to enforce a specific “password policy” and one of the aspects of a policy specifies a certain number of characters.

How to Set a Password Length Requirement

Setting a password length requirement is fairly easy since WordPress already provides a hook that occurs before a password is actually reset.  The hook is validate_password_reset, and it allows developers to verify aspects of the user-entered password before passing it through the password reset function. Here is an example code snippet:
add_action('validate_password_reset', 'wps_password_min_length_val', 10, 2); function wps_password_min_length_val($errors, $user){ if( strlen($_POST['pass1-text']) < 12 ){ $errors->add('password_too_short', 'ERROR: Password is too short.'); } }
The basics of this function (which can be placed in an active theme’s functions.php file or a custom plugin) are as follows:
  • The WordPress hook being used is validate_password_reset.
  • The function is comparing…

Read more

Using Dashicons in WordPress Themes

Many WordPress users learn about using Dashicons when they go to create their first Custom Post Type and assign a Dashicon to represent that Custom Post Type in the Admin menu.  But then the frustration begins as soon as you attempt to use a Dashicon on the frontend of the site. The developer resources at make it extremely easy to copy/paste either the Glyph, HTML, or CSS version of a Dashicon.  But if you have ever tried to copy/paste a Dashicon into a widget area or a post you would have experienced the frustration of nothing showing up. Why Dashicons? The reason the Dashicon doesn’t show up on the frontend is that the Dashicon stylesheet is not being enqueued to be used on the frontend.  So here are two code snippets you can use to start using Dashicons on your WordPress website immediately. Add Dashicons as a Dependency
function load_my_styles(){ wp_enqueue_style( 'mycustomstyle', get_stylesheet_uri(), 'dashicons' ); } add_action( 'wp_enqueue_scripts', 'load_my_styles' );
Simply Enqueue Dashicon Stylesheet
function enqueue_dashicons(){ wp_enqueue_style( 'dashicons' ); } add_action( 'wp_enqueue_scripts', 'enqueue_dashicons' );
I hope this helps you take advantage of Dashicons in your WordPress site.  Let me know how you utilize font icons in your web development.

Read more

The Power of the Body Class in WordPress

For many WordPress users who are stepping beyond the basics of WordPress and starting to customize different parts of a site based on the site’s template hierarchy, it can get pretty daunting to figure out WHICH page template is being used to render WHICH part.  The heart of this answer is in understanding more about WordPress template hierarchy. There is even a very useful visual map to help find your way to the right template. But this post is focused on another seldom talked about feature in WordPress that works with every properly coded theme.  I’m talking about the body class.
<body <?php body_class(); ?>>
The above code can be found in almost all WordPress themes and will output the multiple classes being used on a specific page in the HTML body element.  For example, if you were to visit a blog post page and look at the source code, you might see the HTML body element and corresponding classes that look like this:
<body class="post-template-default single single-post postid-2675 single-format-aside logged-in admin-bar no-customize-support one-col c1">
This long string of classes actually tells us a LOT about what area of a site the visitor is viewing along with other bits…

Read more

Eliminate the JUMP from WordPress Read More Link

WordPress has a method of splitting your content to only show the “top half” on the is_home() conditional location.  (This is normally the “Blog” feed page in WordPress.  It could be your homepage, or it could be a custom page depending on your theme and setup.)  This “splitting method” is called the “Read More” link. The “Read More” link is identified as <!--more-->  in the code/content area of your WordPress post/page.  The location in your post content that contains this “Read More” link will return an active link from the blog feed to the full post page.  What happens next when a reader clicks on the “Read More” link presents the “issue” that WordPress owners experience. The “Read More” link jumps to the place in the code where the <!–more–> tag had been placed, essentially chopping off the top of the post.  While some themes and designs may not be bothered by this experience, many developers create custom user experiences that differ from the blog feed and the individual post page.  Therefore the “Read More” link jump can be a jolting feeling for the readers. The following piece of code can be placed in the active theme’s functions.php file and will remove the jumping element of the “Read…

Read more

Take Control of the WordPress Auto-Paragraph Tag

WordPress has a function called wpautop() that very kindly “autowraps” and adds paragraph tags (<p></p>) around elements of your content.  While this is extremely helpful for users, those that may be more unfamiliar with HTML and those that only want to use WordPress as a content publishing platform.  Those users that desire more control over the structure of the site may want to manage what elements exist or don’t exist in the content structure. For a long time, WordPress users have had access to filtering out the wpautop() function by adding a simple line of code to their functions.php file of their active theme folder.
remove_filter( 'the_content', 'wpautop' );
But the above code can also leave users with an unintended issue.  This code snippet will remove ALL the auto-inserted paragraph tags.  To truly have control over when and where this wpautop() function interacts with content, we need to be able to manage this on an individual post/page level. This is where WordPress’ Custom Fields come to the rescue. If you do not see a metabox on your post/page editor screen, you may need to enable the metabox to be visible from within the Screen Options located inside the drop-down tab in the upper right of your screen window.

Read more