I have a site using elgg. And it has come out pretty well, though there is a big problem we are facing with the user validation process, the users can be validated only using the plugin uservalidationbyemail(When used everything is fine) But most of the times the validation email goes into the SPAM folder and users never know about the email, these days gmail is entirely blocking all the emails going out from our IP.
I was thinking the best way is to entirely remove the account validation requirement, and have the users go to the dashboard directly after registration without the need to validate their account.
I used the plugin siteaccess, for some reason it doesnt seem to be working correctly.
but still doesnt seem to be working, the user still is not forwarded to the dashboard after the regsitration.
I've used the uservalidationbyemail, code and inserted it into actions/register.php. I thought this should work but doesn't seem to be working not sure if its done right?
Any help is highly appreciated!
<?php
/**
* Elgg registration action
*
* @package Elgg
* @subpackage Core
*/
global $CONFIG;
// Get variables
$name = get_input('name');
$lastname = get_input('lastname');
$country = get_input('country');
$email = get_input('email');
$username = get_input('username');
$password = get_input('password');
$password2 = get_input('password2');
//Validation
if(empty($name)){
$error_field = " ".elgg_echo("fs:first:name");
}
if(empty($email)){
$error_field .= ", ".elgg_echo("fs:email");
}
if(empty($username)){
$error_field .= ", ".elgg_echo("fs:username");
}
if (!empty($error_field)) {
unset($_SESSION['register']);
$_SESSION['register']['name'] = $name;
$_SESSION['register']['lastname'] = $lastname;
$_SESSION['register']['country'] = $country;
$_SESSION['register']['email'] = $email;
$_SESSION['register']['username'] = $username;
$error_field = substr($error_field,2);
register_error(sprintf(elgg_echo("fs:fileds:null"),$error_field));
forward($CONFIG->wwwroot);
} else {
$friend_guid = (int) get_input('friend_guid',0);
$invitecode = get_input('invitecode');
$admin = get_input('admin');
if (is_array($admin)) {
$admin = $admin[0];
}
if (!$CONFIG->disable_registration) {
try {
if (trim($password) == "" || trim($password2) == "") {
throw new RegistrationException(elgg_echo('RegistrationException:EmptyPassword'));
}
if (strcmp($password, $password2) != 0) {
throw new RegistrationException(elgg_echo('RegistrationException:PasswordMismatch'));
}
$guid = register_user($username, $password, $name, $email, false, $friend_guid, $invitecode);
if ($friend_guid) {
$user = get_user($guid);
if ($friend_user = get_user($friend_guid)) {
if ($invitecode == generate_invite_code($friend_user->username)) {
if(isset($CONFIG->events['create']['friend'])) {
$oldEventHander = $CONFIG->events['create']['friend'];
$CONFIG->events['create']['friend'] = array(); //Removes any event handlers
}
$user->addFriend($friend_guid);
$friend_user->addFriend($user->guid);
if(isset($CONFIG->events['create']['friend'])) {
$CONFIG->events['create']['friend'] = $oldEventHander;
}
// @todo Should this be in addFriend?
add_to_river('friends/river/create', 'friend', $user->getGUID(), $friend_guid);
add_to_river('friends/river/create', 'friend', $friend_guid, $user->getGUID());
}
}
}
if ($guid) {
unset($_SESSION['register']);
$new_user = get_entity($guid);
/*
This should be the place where the validation process should be modified-
Reference was got from the uservalidationbyemail plugin and the changes to the core though not the best way, needs to be done and might have a good chance of working correctly instead of loading up additional plugins and slowing down the website.
*/
// the auto user validation by email plugin part ends here
//to add extra field
$new_user->lastname = $lastname;
$new_user->country = $country;
$new_user->save();
// @todo - consider removing registering admins since this is done
// through the useradd action
if (($guid) && ($admin)) {
// Only admins can make someone an admin
admin_gatekeeper();
$new_user->makeAdmin();
}
// Send user validation request on register only
global $registering_admin;
if (!$registering_admin) {
request_user_validation($guid);
}
if (!$new_user->isAdmin()) {
// Now disable if not an admin
// Don't do a recursive disable. Any entities owned by the user at this point
// are products of plugins that hook into create user and might need
// access to the entities.
$new_user->disable('new_user', false);
}
system_message(sprintf(elgg_echo("registerok"),$CONFIG->sitename));
// Forward on success, assume everything else is an error...
// forward();
$validate_success = set_user_validation_status($guid, TRUE, 'direct');
//
//enforcing the user login with the details registration details provided.
$username = get_input('username');
$password = get_input("password");
$persistent = get_input("persistent", false);
// If all is present and correct, try to log in
$result = false;
if (!empty($username) && !empty($password)) {
if ($user = authenticate($username,$password)) {
$result = login($user, $persistent);
}
}
// Set the system_message as appropriate
if ($result) {
//system_message(elgg_echo('loginok'));
if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {
$forward_url = $_SESSION['last_forward_from'];
unset($_SESSION['last_forward_from']);
forward($forward_url);
} else {
if ( (isadminloggedin()) && (!datalist_get('first_admin_login'))) {
system_message(elgg_echo('firstadminlogininstructions'));
datalist_set('first_admin_login', time());
forward('pg/admin/plugins');
} else if (get_input('returntoreferer')) {
forward($_SERVER['HTTP_REFERER']);
} else {
forward("pg/dashboard/");
}
}
} else {
$error_msg = elgg_echo('loginerror');
// figure out why the login failed
if (!empty($username) && !empty($password)) {
// See if it exists and is disabled
$access_status = access_get_show_hidden_status();
access_show_hidden_entities(true);
if (($user = get_user_by_username($username)) && !$user->validated) {
// give plugins a chance to respond
if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {
// if plugins have not registered an action, the default action is to
// trigger the validation event again and assume that the validation
// event will display an appropriate message
trigger_elgg_event('validate', 'user', $user);
}
} else {
register_error(elgg_echo('loginerror'));
}
access_show_hidden_entities($access_status);
} else {
register_error(elgg_echo('loginerror'));
}
}
// enforced login done.
//
forward('pg/dashboard');
// forward("pg/fs/thanks");
} else {
register_error(elgg_echo("registerbad"));
}
} catch (RegistrationException $r) {
register_error($r->getMessage());
}
} else {
register_error(elgg_echo('registerdisabled'));
}
}
//commenting the existing default forward and changing the forward as mentioned in the link below :
//http://community.elgg.org/pg/forum/topic/746414/forward-to-dashboard-after-registration/
forward(REFERER);
/*
if(isloggedin()){
forward($vars['url'] . "pg/dashboard");
}else{
forward($vars['url']);
}
*/
?>
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- Cash@costelloc
Cash - 0 likes
- elgguser@elgguser24
elgguser - 0 likes
- Kevin Jardine@kevin
Kevin Jardine - 0 likes
You must log in to post replies.You are still going to have the problem of your notification emails going to spam. Best to fix that problem first: http://docs.elgg.org/wiki/Email_and_spam_filters
Hey thanks Cash!
I know the best approach is to first fix the SPAM problem, but still if I think of taking this route, skipping the user authentication part and have them directly enter their dashboard, then how do I go about it? the above part doesnt seem to be working.
Elgguser, it seems to me that you are attempting to use a hammer to turn a screw.
Your problem is not Elgg's validation process but the fact that your server appears to be badly configured to send email. This is not an Elgg problem but a server configuration issue.
There's a huge amount of information available on properly configuring email sending on your server. You can start with Cash's link and Google for more.