A client would like me to make a single password work for all users of a certain role(Attendee). I/they know this is not a smart thing to do security-wise, but it must be done. This role has basically no abilities and the site has no particularly sensitive data within it.
I’ve managed to make this happen for individual users with
wp_set_password( 'password', 1 );
How can I apply that same function to all users with role of “Attendee”? (Real password will not be “password”)
Advertisement
Answer
How about fetching all users with that role, and applying the password?
$attendees = get_users('role=Attendee');
foreach ($attendees as $user) {
wp_set_password('password', $user->ID);
}
Just to be sure, definitely backup your database before doing this.
Or alternatively, change the password for one user, copy the password hash in the users datatable, and update all users with the same role to that password. But the above code should work fine from PHP too.
Of course there is a problem of Attendees created in the future. For that, you could add a hook to your functions.php file:
https://developer.wordpress.org/reference/hooks/added_existing_user/
However, it’s kindof a wonky behavior to immediately override a user’s password after an admin created the profile. Hopefully, you only need to edit existing users.