1

A client would like me to make a single password work for all users of a certain role(Attendee). I/they know this is not a smart thing to do security-wise, but it must be done. This role has basically no abilities and the site has no particularly sensitive data within it.

I've managed to make this happen for individual users with

wp_set_password( 'password', 1 );

How can I apply that same function to all users with role of "Attendee"? (Real password will not be "password")

pseudojk
  • 67
  • 6

1 Answers1

3

How about fetching all users with that role, and applying the password?

$attendees = get_users('role=Attendee');
foreach ($attendees as $user) {
    wp_set_password('password', $user->ID);
}

Just to be sure, definitely backup your database before doing this.

Or alternatively, change the password for one user, copy the password hash in the users datatable, and update all users with the same role to that password. But the above code should work fine from PHP too.

Of course there is a problem of Attendees created in the future. For that, you could add a hook to your functions.php file:

https://developer.wordpress.org/reference/hooks/added_existing_user/

However, it's kindof a wonky behavior to immediately override a user's password after an admin created the profile. Hopefully, you only need to edit existing users.

Andrew
  • 827
  • 2
  • 6
  • 14
  • 1
    Much thanks! That snippet is doing the job perfectly so far, I put it in functions.php so it runs every time and affects future signups. Users won't set create a password at signup or get a reset email - they'll be sent the password shortly before the event. I'll continue to test different scenarios. – pseudojk Oct 25 '20 at 10:23