A WordPress Multi-Site Specific Plugin
The Business Problem
WordPress' multi-site option has a fatal flaw - it stores a central database of all users across all the sub-sites, managing permissions to each site at the global level.
The problem with this approach is when you want to use multi-sites in a situation where each site does not know that the other exists - in other words, a network of unrelated sites.
One reason that you would want to do this is to make managing many sites easier - one WP install versus 100, for example.
In this situation, if a user registers on one site and then through an unrelated path ends up trying to register on another site on the network, that second site will insist that the email already exists and refuse to let the user register with that address. That leaves the user very confused and wondering how the site could have their email address even though they had never been there before.
Imagine, then, that the user turns around and requests a password reset. That password reset affects both sites (maybe even more than two) but the user will not know that!
We need a way to register users on each site where we can know if the user already exists in the network and automatically assign them to the site they are trying to access without infuriating the user. This would be easy if not for that pesky thing called security.
If we just blindly added the user to the second site that they are trying to register on, then for any email address on the network, anyone can add it to any other site on the network without any kind of confirmation that the user controls the email address.
If the network of sites ran completely unrelated businesses in different industries and sectors, the odds of the user ending up on multiple sites on the network are low. However, in many cases the operator is running multisite because the sites are related by industry or sector; therefore, the odds rise dramatically that this situation will occur.
The solution to this issue seemed simple in theory but was very thorny in practice.
All the plugin has to do is intercept any registration request and ask for the email address. It could then check the network to see if the email address exists. If it does, it would add it in the background and then let the user proceed to the action they were about to perform.
But of course, there is the security issue.
So the plugin has to handle a lot more than one would think.
There are three scenarios that the plugin has to handle:
- The user's email address does not exist anywhere on the network.
- The users' email address exists on the network for another site.
- The users's email address already exists for the site they are trying to access.
In Scenario 1, the user is allowed to proceed on to the page they were trying to access. No other action is necessary.
In Scenario 2, the user is sent a PIN code and cannot continue until they enter it to verify that they do, indeed, control that email address.
In Scenario 3, the user is just given a pop up to log in. They are also sent a PIN just in case they had forgotten their email address.
This combination of interception allows the user to register without being aware that they are logging into a network of sites.