letting user into the site without uservalidation by email

I have a site using elgg. And it has come out pretty well, though there is a big problem we are facing with the user validation process, the users can be validated only using the plugin uservalidationbyemail(When used everything is fine) But most of the times the validation email goes into the SPAM folder and users never know about the email, these days gmail is entirely blocking all the emails going out from our IP.

I was thinking the best way is to entirely remove the account validation requirement, and have the users go to the dashboard directly after registration without the need to validate their account.

I used the plugin siteaccess, for some reason it doesnt seem to be working correctly.

but still doesnt seem to be working, the user still is not forwarded to the dashboard after the regsitration.

I've used the uservalidationbyemail, code and inserted it into actions/register.php. I thought this should work but doesn't seem to be working not sure if its done right?


Any help is highly appreciated!



 * Elgg registration action


 * @package Elgg

 * @subpackage Core


global $CONFIG;

// Get variables

$name = get_input('name');

$lastname = get_input('lastname');

$country = get_input('country');

$email = get_input('email');

$username = get_input('username');

$password = get_input('password');

$password2 = get_input('password2');




$error_field = "   ".elgg_echo("fs:first:name");



$error_field .= ", ".elgg_echo("fs:email");



$error_field .= ", ".elgg_echo("fs:username");


if (!empty($error_field)) {


$_SESSION['register']['name'] = $name;

$_SESSION['register']['lastname'] = $lastname;

$_SESSION['register']['country'] = $country;

$_SESSION['register']['email'] = $email;

$_SESSION['register']['username'] = $username;


$error_field = substr($error_field,2);



} else {


$friend_guid = (int) get_input('friend_guid',0);

$invitecode = get_input('invitecode');


$admin = get_input('admin');

if (is_array($admin)) {

$admin = $admin[0];



if (!$CONFIG->disable_registration) {

try {

if (trim($password) == "" || trim($password2) == "") {

throw new RegistrationException(elgg_echo('RegistrationException:EmptyPassword'));



if (strcmp($password, $password2) != 0) {

throw new RegistrationException(elgg_echo('RegistrationException:PasswordMismatch'));



$guid = register_user($username, $password, $name, $email, false, $friend_guid, $invitecode);

                                if ($friend_guid) {

                                    $user = get_user($guid);

                                    if ($friend_user = get_user($friend_guid)) {

                                            if ($invitecode == generate_invite_code($friend_user->username)) {

                                                    if(isset($CONFIG->events['create']['friend'])) {

                                                            $oldEventHander = $CONFIG->events['create']['friend'];

                                                            $CONFIG->events['create']['friend'] = array(); //Removes any event handlers




                                                    if(isset($CONFIG->events['create']['friend'])) {

                                                            $CONFIG->events['create']['friend'] = $oldEventHander;


                                                    // @todo Should this be in addFriend?

                                                    add_to_river('friends/river/create', 'friend', $user->getGUID(), $friend_guid);

                                                    add_to_river('friends/river/create', 'friend', $friend_guid, $user->getGUID());




if ($guid) {


$new_user = get_entity($guid);


 This should be the place where the validation process should be modified-

 Reference was got from the uservalidationbyemail plugin and the changes to the core though not the best way, needs to be done and might have a good chance of working correctly instead of loading up additional plugins and slowing down the website.



// the auto user validation by email plugin part ends here

//to add extra field

$new_user->lastname = $lastname;

$new_user->country = $country;



// @todo - consider removing registering admins since this is done

// through the useradd action

if (($guid) && ($admin)) {

// Only admins can make someone an admin





// Send user validation request on register only

global $registering_admin;

if (!$registering_admin) {




if (!$new_user->isAdmin()) {

// Now disable if not an admin

// Don't do a recursive disable.  Any entities owned by the user at this point

// are products of plugins that hook into create user and might need

// access to the entities.

$new_user->disable('new_user', false);





// Forward on success, assume everything else is an error...

// forward();

$validate_success = set_user_validation_status($guid, TRUE, 'direct');


//enforcing the user login with the details registration details provided.

$username = get_input('username');

$password = get_input("password");

$persistent = get_input("persistent", false);

// If all is present and correct, try to log in

$result = false;

if (!empty($username) && !empty($password)) {

if ($user = authenticate($username,$password)) {

$result = login($user, $persistent);



// Set the system_message as appropriate

if ($result) {


if (isset($_SESSION['last_forward_from']) && $_SESSION['last_forward_from']) {

$forward_url = $_SESSION['last_forward_from'];



} else {

if ( (isadminloggedin()) && (!datalist_get('first_admin_login'))) {


datalist_set('first_admin_login', time());


} else if (get_input('returntoreferer')) {


} else {




} else {

$error_msg = elgg_echo('loginerror');

// figure out why the login failed

if (!empty($username) && !empty($password)) {

// See if it exists and is disabled

$access_status = access_get_show_hidden_status();


if (($user = get_user_by_username($username)) && !$user->validated) {

// give plugins a chance to respond

if (!trigger_plugin_hook('unvalidated_login_attempt','user',array('entity'=>$user))) {

// if plugins have not registered an action, the default action is to

// trigger the validation event again and assume that the validation

// event will display an appropriate message

trigger_elgg_event('validate', 'user', $user);


} else {




} else {




// enforced login done.




                    //                    forward("pg/fs/thanks");

} else {



} catch (RegistrationException $r) {



} else {




//commenting the existing default forward and changing the forward as mentioned in the link below :





forward($vars['url'] . "pg/dashboard");






  • You are still going to have the problem of your notification emails going to spam. Best to fix that problem first: http://docs.elgg.org/wiki/Email_and_spam_filters

  • Hey thanks Cash!

    I know the best approach is to first fix the SPAM problem, but still if I think of taking this route, skipping the user authentication part and have them directly enter their dashboard, then how do I go about it? the above part doesnt seem to be working.

  • Elgguser, it seems to me that you are attempting to use a hammer to turn a screw.

    Your problem is not Elgg's validation process but the fact that your server appears to be badly configured to send email. This is not an Elgg problem but a server configuration issue.

    There's a huge amount of information available on properly configuring email sending on your server. You can start with Cash's link and Google for more.