Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Modules
Author Message
Doulos
Life Cycles Becoming CPU Cycles


Joined: Jun 06, 2005
Posts: 633

PostPosted: Sun Jun 08, 2008 12:03 pm Reply with quote

I tried the changes to disallow free email users to register, but we get a lot of kids who don't have access to the ISP account to set up their own email account. This is causing many to just forget about registering on our site. Therefore, I would like to allow them to register using free email address, but not allow them to change it later without admin intervention. I have been unable to find a hack which will require re-authentication in order to change the email address. If someone knows of one that is compatible with RN220 I would appreciated the info, thanks.

I found the code which displays the email address when someone tries to edit his user information. Your Account index.php on or about lines 1295-1310
Code:
            .'<tr><td bgcolor="'.$bgcolor2.'"><b>'._UREALEMAIL.':</b><br />'._REQUIRED.'</td>'

            .'<td bgcolor="'.$bgcolor3.'"><input type="text" name="user_email" value="'.$userinfo['user_email'].'" size="50" maxlength="255" /><br />'._EMAILNOTPUBLIC.'</td></tr>'

Commenting out these lines will not allow them to change their email address, but will it cause any other problems, I have not forseen? Any insights would be greatly appreciated.
 
View user's profile Send private message
Doulos
PostPosted: Sun Jun 08, 2008 12:16 pm Reply with quote

Hmm, this will allow them to change it via the forums profile, but not through Your Account. More work ahead.
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6793
Location: Ha Noi, Viet Nam

PostPosted: Sun Jun 08, 2008 1:43 pm Reply with quote

If they try to change it through the forum profile, they have to revalidate it or their account gets set to inactive.
 
View user's profile Send private message Send e-mail
evaders99
Former Moderator in Good Standing


Joined: Apr 30, 2004
Posts: 3221

PostPosted: Sun Jun 08, 2008 2:44 pm Reply with quote

... if the Forums Configuration has "User Activation" turned on

_________________
- Only registered users can see links on this board! Get registered or login! -

Need help? Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Visit poster's website
Doulos
PostPosted: Sun Jun 08, 2008 2:49 pm Reply with quote

So let me get this straight, if users cannot see the email field in Your account, and user activation is on in forums config, then users will not be able to change their email address without re-authenticating?
 
Guardian2003
PostPosted: Tue Jun 10, 2008 7:01 pm Reply with quote

Hiding the form field is not the ideal solution as you can still inject it, you would have to adjust the sql UPDATE statement to prevent it updating that field but for your average user, what you have should be ok and yes, if user activation is turned on in the forum preferences it will require the user to revalidate any email change.

Or you could just wait until RN2.3 when hopefully we'll have this and a raft of other user account gadgets to play with Smile
 
kguske
Site Admin


Joined: Jun 04, 2004
Posts: 6383

PostPosted: Tue Jun 10, 2008 7:19 pm Reply with quote

Quote:
...and a raft of other user account gadgets to play with...
...that need to be tested.

_________________
I google, therefore I exist...
Only registered users can see links on this board! Get registered or login!
 
View user's profile Send private message
Doulos
PostPosted: Wed Jun 11, 2008 10:41 am Reply with quote

Well, I figured that my solution could be circumvented by someone who knew what they were doing, but we wanted to do something.
 
Doulos
PostPosted: Sun Oct 05, 2008 4:18 pm Reply with quote

Whoa, I found that ,by hiding the email address field, I was causing the problem I wanted to stop. Every time someone changed anything else, or even just clicked to save button, their email address was getting deleted. I was able to prevent users from changing their email address from the Your Account module by making the Email address field 'readonly'. Users can still edit their email address in their forums/profile, and this will deactivate their account requiring them to re-authenticate using their new email address.

Thanks for your help.
 
Doulos
PostPosted: Mon Oct 06, 2008 7:45 pm Reply with quote

GRR, now we are having a different problem. Everything appears to be working fine, except now if someone changes their email address their account is made inactive. This is fine and just what we want, as we want users to keep an active, current email address in their profile.

However, now when they click the link in the re-activation email, instead of getting the "your account has been activated' message, they only see the parts of the webpage for anonymous users - and, their accounts do not get reactivated.

I have tested this to make sure, and yes sir, this is exactly what is happening. Copy and paste instead of clicking the link does not work, either.

Here is a copy on one ot the activation links users are receiving. I copied this from the reactivation email of a test user I made.

Quote:
http://clanfga.com/modules.php?name=Forums&file=profile&mode=activate&u=334&act_key=d04288
[/url][/quote]
 
slackervaara
Worker
Worker


Joined: Aug 26, 2007
Posts: 236

PostPosted: Mon Oct 06, 2008 10:01 pm Reply with quote

You can activate the user again with phpMyAdmin and the nuke_users table. It is just to change user_active 0 to 1. I think you can also activate the user through Forum Admin. Approx 5 % of my users gets inactive upon registering on my site. I think you get inactive then when you state that you are under 13 years old.
 
View user's profile Send private message
Guardian2003
PostPosted: Tue Oct 07, 2008 12:04 am Reply with quote

The key parameter is too short. Are you sure the rest of it is not wrapping onto a new line in the email client?
 
Doulos
PostPosted: Tue Oct 07, 2008 10:50 am Reply with quote

Guardian2003, the key is problem, but why would it be getting cut short? Yes I am sure it is not wrapping to a new line. Six users have forwarded the activation email to me, and I also tested this myself. This feature was working a few days ago.

Is this handled through Your Account? I uploaded a fresh copy of YA index.php and only made changes to 'read-only' the email field, and the signature field.

I will try uploading the whole module and test it again, before making any changes.
 
Guardian2003
PostPosted: Tue Oct 07, 2008 11:06 am Reply with quote

Yes it is handled by YA but as I mentioned in a previous post, we are extremely close to releasing RN 2.3 so please don't sweat over this too much.
 
Doulos
PostPosted: Tue Oct 07, 2008 11:13 am Reply with quote

OK, thanks. I tried re-uploading the entire YA module and it still sends out bad emails. Sad

I
 
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> Modules

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©