Skip to main content
WordPress made easy with the drag & drop Total WordPress Theme!Learn More

WordPress Pluggable Functions

Last updated on:

Have you ever heard of WordPress Pluggable Functions? If not, then this article should draw your attention. In two words pluggable functions are WordPress core functions that you can override. All these functions are located into one single file: “wp-includes/pluggable.php“. Pluggable functions were introduced in WordPress 1.5.1, but in the most recent versions of WordPress this method isn’t used anymore. Recent functions now use filters on their output. But you can still override pluggable functions, and this is what I would like to cover in this post.

Which Functions?

Pluggable functions are:

You can click on the each function’s name to access its codex page.

How to Override Pluggable Functions

Well this is pretty simple, all you have to do is to create a file within your plugins containing an “if ( !function_exists() )…” statement and then re-define the function. I strongly recommend you to copy and paste the original function when you start. This is way you’re sure that the function will work. Here is an empty example:

if ( ! function_exists('wp_notify_postauthor') ) :
/**
 * Notify an author of a comment/trackback/pingback to one of their posts.
 *
 * @since 1.0.0
 *
 * @param int $comment_id Comment ID
 * @param string $comment_type Optional. The comment type either 'comment' (default), 'trackback', or 'pingback'
 * @return bool False if user email does not exist. True on completion.
 */
function wp_notify_postauthor( $comment_id, $comment_type = '' ) {

/* This is where you redefine the function */

}
endif;

I’d like to talk about the “wp_notify_postauthor()” function. This is the one responsible of sending an email to post’s authors when a new comment is added. In one of my plugin, the WordPress Issues Manager, i needed to disable this notification, but a specific custom post type only. So, i copied the whole function, and simply added this:

if ( ! function_exists('wp_notify_postauthor') ) :
/**
 * Notify an author of a comment/trackback/pingback to one of their posts.
 *
 * @since 1.0.0
 *
 * @param int $comment_id Comment ID
 * @param string $comment_type Optional. The comment type either 'comment' (default), 'trackback', or 'pingback'
 * @return bool False if user email does not exist. True on completion.
 */
function wp_notify_postauthor( $comment_id, $comment_type = '' ) {

if( $post->post_type != 'issue'):

/* content of the original function */

endif;

}
endif;

That’s simple, but that works great without having to make huge changes or to create a full custom function hooked to a custom action.

wp_mail()

As you saw in the pluggable functions list, wp_mail() is a pluggable function. This function is the one used for sending emails. Anywhere in WordPress when an email is sent it uses this function. That’s why customizing it can be very interesting. For example you could use an html default template for all emails sent from your WordPress install.

You could also send an hidden copy of every message to a specific email to have a kind of backup (trust me this can be useful when someone tells you he did not receive the message!).

wp_authenticate()

You could also modify wp_authenticate() and add some extra parameters to enforce security on your site (brute force attacks for example).

auth_redirect()

This function is the one that checks if a user is logged in, and if not it redirects them to the login page. That would be pretty easy to override the function and redirect the user to a custom page, instead of the default login page (for example if you want to hide the wp-admin folder).

wp_generate_password()

This function is the one that auto-generates passwords. Honestly you don’t really need to modify it, but now that you know what brute force attacks are, you could be interested in creating stronger passwords. Well, this is the function to improve.

Conclusion

To conclude this short post about WordPress pluggable functions, I’d like to point the fact that new functions don’t work like that anymore. As I wrote above they are now using filters. But pluggable functions are important functions in particular when creating really specific plugins. But be careful when using pluggable functions. If the newly created function isn’t working perfectly it can break a part of your website (in terms of functionality), so please test them in all conditions.

wordpress-pluggable-functions
Article by Remi WPExplorer.com guest author
Subscribe to the Newsletter

Get our latest news, tutorials, guides, tips & deals delivered to your inbox.

11 Comments

  1. Xaver

    I always wondering what happen if another plugin highjacked the function and my plugin requires that function. How to prevent that/prepare for that?

    • Remi

      i guess that when the function loaded is the modified one, so how to prevent that? Mmm… not sure what to answer! 😉 That’s a good question

  2. Mathew Porter

    Great resource as ever, always good to have something to look back on for reference when developing.

  3. Michael Phoenix

    How do pluggable functions apply to simply creating functions in a Child Theme’s functions.php file. I’ve also done it as a standard practice to wrap any function I put into a Child Theme inside the ‘if ( function_exists() ){}’ construct. My assumption is that it safeguards the function from breaking anything else that may or may not already exist.

    Moving forward, is using the filter hook a more stable approach to applying custom functions inside a Child Theme?

    • AJ Clarke | WPExplorer

      Because a child theme is meant to override a parent theme and plugins, then there really isn’t any need to create “pluggable” functions, I mean you won’t be creating a child child theme to override the child theme 😉

      Wrapping in if ( function_exists() ){ } is a good habit, but it’s unnecessary if the point of a child theme function is to override a parent function.

      Regards to the filter hook…it really depends on what you are accomplishing. In some cases you can’t override a function with a filter and you must duplicate the function.

      • Michael Phoenix

        I’m getting that a child theme has top priority in overriding functions. And that if a function needs to be overridden in the parent, it can happen in the child only if the original function is in a pluggable construct. However, that’s not necessary the best practice. And that’s where filter hooks come in. But as you said, filter’s don’t always necessarily override the function, so you must duplicate it.

        As far as organization of the global namespace is concerned, the pluggable construct, as well as proper naming conventions, is just a good idea to keep everything playing nicely together.

        Is that an accurate assessment?

        • AJ Clarke | WPExplorer

          This is correct 😉 And like you mentioned, a big issue is that not always do theme developers make their themes “pluggable” and thats the main issue.

  4. bonangzw

    good day, how can i disable wordpress from generating auto passwords for subscribers, i got a plugin that allows users to type own password but it still send both passwords to the subscribers

    • AJ Clarke

      To be honest I am not 100% sure, because I use a custom form on my site via Gravity Forms which has a cool add-on that requires users to activate their account before they get their password. Personally I think it’s best to help prevent SPAM. What plugin are you using?

  5. Bonang

    I am using a plugin from templatic for classifieds, when a user registers an account WordPress auto creates a password i wanted to disable WordPress from creating those passwords do you by any chance have an idea of how i can do it

    • AJ Clarke

      I recommend you reach out to Templatic because it depends how the plugin is coded, it may require the auto password creation. I am not familiar with that plugin.

Leave a Reply

Your email address will not be published. Required fields are marked *

Learn how your comment data is processed by viewing our privacy policy here.