Fork me on GitHub

MEMBERSHIP APPROVAL *DEVELOPMENT THREAD*  Bottom

Go to page 1 - 2 [+1]:

  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 395
    Link to this post Posted: Jan 15, 2006 - 10:13 AM
    ok, so i got this module done,

    only thing holding up release is that i have yet to find a way to send an approved member their password.

    i dont think there is anyway to send the pass in clear text once it has been encrypted, if anyone has a solution to this, let me know


    the only way to get around this, is to turn off user chossing thier password, that way a pass can be generated after approval.






    this thread is for suggestions of what should be included in this module, please keep posts to only this.
  • AmmoDump
    AmmoDump
    Team Member
    • Rank: Team Member
    • Registered: Dec 07, 2003
    • Last visit: May 09, 2010
    • Posts: 2703
    Link to this post Posted: Jan 15, 2006 - 12:29 PM
    well there is code there somewhere where the first email is sent out activating the account. I would image you could use that code there. Or atleast take alook at how it looks at the DB.

    Good luck.

    --
    David Pahl
    Zikula Support Team
  • denisrf
    denisrf
    Developer
    • Rank: Developer
    • Registered: Feb 23, 2005
    • Last visit: May 09, 2010
    • Posts: 399
    Link to this post Posted: Jan 15, 2006 - 12:40 PM
    And maybe I would be better to have it that way any way. If we are going to go to the trouble of approving memberships sending the password after approval seems to be Ok. They can always change it after approval anyway. Just my 2 cents.

    Denis
  • **unknown user**
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 1097
    Link to this post Posted: Jan 15, 2006 - 10:42 PM
    As you are somehow replanning the userHack, I'll leave a note or 2...

    For the password, it is important that nobody except the user registering knows the password (even the adminitrator shouldn't know the password of a user). So the only time you can send the password is when saving the registration to your first table (temp table or pending table... whatever you call it). The password saved in this table must be encrypted as it usually is on a normal registration.

    The first email sent must be clear about that aspect.

    Example:

    Quote


    Thanks for registering on XXX

    We will review your application soon.
    If XXX accept your application, here is the information you submitted

    Username: USERNAMEHERE
    Password: PASSWORDHERE

    Keep this email secure and do not loose it. This email will be the only one having your password.


    bla bla bla of this kind.

    When the admin accept the application, another email must be sent to the user to let him know but you won't be able to send him his password as it will already be encrypted and will be useless to him.

    Have fun !
    wink
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 395
    Link to this post Posted: Jan 16, 2006 - 05:39 AM

    Chestnut

    As you are somehow replanning the userHack, I'll leave a note or 2...

    For the password, it is important that nobody except the user registering knows the password (even the adminitrator shouldn't know the password of a user). So the only time you can send the password is when saving the registration to your first table (temp table or pending table... whatever you call it). The password saved in this table must be encrypted as it usually is on a normal registration.

    The first email sent must be clear about that aspect.

    Example:

    Quote


    Thanks for registering on XXX

    We will review your application soon.
    If XXX accept your application, here is the information you submitted

    Username: USERNAMEHERE
    Password: PASSWORDHERE

    Keep this email secure and do not loose it. This email will be the only one having your password.


    bla bla bla of this kind.

    When the admin accept the application, another email must be sent to the user to let him know but you won't be able to send him his password as it will already be encrypted and will be useless to him.

    Have fun !
    wink


    that makes sense. because i know myself personally, i dislike when i dont choose my own password, and alot of users on my site feel the same way.


    i will implement that email system today, hopefully i'll have a download available by tonight.
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 395
    Link to this post Posted: Jan 16, 2006 - 05:09 PM
    today was hectic, will try get on it 2morow
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 183
    Link to this post Posted: Jan 17, 2006 - 09:14 AM
    Bookmark - really looking forward to this one
  • CliffT
    CliffT
    Helper
    • Rank: Helper
    • Registered: Mar 30, 2003
    • Last visit: Oct 21, 2009
    • Posts: 683
    Link to this post Posted: Jan 18, 2006 - 04:29 AM
    Keeping an eye out myself . . . .
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 395
    Link to this post Posted: Jan 18, 2006 - 06:34 PM
    downloads are available now: you can report any bugs you find. or any feature requests either in this thread or over at my website. http://dev.caribconnect.net

    http://dev.caribconnect.net/index.php?name=Downloads&req=viewsdownload&sid=1
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 395
    Link to this post Posted: Jan 18, 2006 - 06:40 PM
    a few ideas i wanna fling around:


    when u deny a user, should there just be a flag next to user that keeps it deactivated, or just delete that user?


    if a user tries to log on before he/she is activated (pending approval) it will say that the user does not exsit. should there be a special msg saying u still pending?
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 183
    Link to this post Posted: Jan 18, 2006 - 07:38 PM
    I'd go for keep it deactivated - why I'm not sure but seems like the way to go - not sure what others think...

    I think a special message would be in order - even if it was just a HTML block visible only by "pending" group....
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 183
    Link to this post Posted: Jan 18, 2006 - 07:55 PM
    Whilst I am waiting for approval of membership at your site:-

    I have an error after going to admin, click on the icon and get:-

    Warning: Smarty error: unable to read resource: "approval_admin_main.htm" in /var/www/html/jones/postnuke4/includes/classes/Smarty/Smarty.class.php on line 1088

    .761 withh Xanthia activated
  • ainigma32
    ainigma32
    Helper
    • Rank: Helper
    • Registered: Jan 29, 2004
    • Last visit: Oct 21, 2009
    • Posts: 852
    Link to this post Posted: Jan 18, 2006 - 08:18 PM

    Quote

    I think a special message would be in order - even if it was just a HTML block visible only by "pending" group....


    Wouldn't you have to be logged in to be able to make the distinction between unregistered and pending ? :?
  • **unknown user**

    Softmore
    • Rank: Softmore
    • Registered: Mar 16, 2002
    • Last visit: Oct 21, 2009
    • Posts: 183
    Link to this post Posted: Jan 18, 2006 - 08:23 PM
    No I currently use a Pending Group to hold members after applying - it has the same privileges as unregistered so you can make a HTML visible to them only via permissions

    3 Pending HTMLblock:: Notice:: Comment
    7 Pending .* .* Read
    8 Pending Menublock:: Main Menu:(My Account|Logout|Submit News): None

    This way only Pending & Admin see the message

    Edited to add

    Yes I am not thinking clearly tonight - ofcourse you are right - it works my way but not with the new module - because they would have to be logged in.

    It would work if those new members were automatically added to Pending - because they already get their password in the email advising them they are waiting approval.

    That way they could still log in but be restricted via permissions whilst waiting approval. The initial email wold advise them the will have restricted access until approval is granted.

    That then makes this module a shortcut to the way I have the site setup anyway - but this module allows me to approve and send an email advising them of approval in one motion - not several.

    Be much simpler if I can get past this initial hiccup
  • ainigma32
    ainigma32
    Helper
    • Rank: Helper
    • Registered: Jan 29, 2004
    • Last visit: Oct 21, 2009
    • Posts: 852
    Link to this post Posted: Jan 18, 2006 - 08:41 PM
    Yes but how will the system know that a user belongs to the pending group if the user isn 't logged in? If you're not logged in you're only a member of unregistered, right?

    So I guess the mechanism would have to be:

    2. [*:5a23e236b2]user registers
    3. [*:5a23e236b2]user gets password and is stuck in pending group
    4. [*:5a23e236b2]user logs in as member of pending group and sees only part of the site
    5. [*:5a23e236b2]user becomes 'full' member
    6. [*:5a23e236b2]user sees full site


    Just trying to get my head around it icon_smile

Go to page 1 - 2 [+1]:

Users on-line

This list is based on users active over the last 60 minutes.