The following warnings occurred:
Warning [2] Undefined variable $unreadreports - Line: 26 - File: global.php(961) : eval()'d code PHP 8.2.25 (Linux)
File Line Function
/global.php(961) : eval()'d code 26 errorHandler->error
/global.php 961 eval
/showthread.php 28 require_once





× This forum is read only. As of July 23, 2019, the UserSpice forums have been closed. To receive support, please join our Discord by clicking here. Thank you!

  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
User registration
#1
Hi

Third post in about as many minutes Smile

In this post I talk about different access levels. I am not sure if this question ties into it or not. It does for me.

Due to legal requirements we must validate a person's registration request by ensuring they are a resident in our neighbourhood before allowing them access to private pages. This can be done by not sending the verification email after registration, but some other thank_you.php mail. We do our validation check and all is good. What now?

The verification email can now be sent, but this seems to require some serious fiddling.
Alternatively, once the validation is done, the user can be changed to a 'full user' with access to private pages in the Admin Dashboard -> User Panel. Also sounds like serious chopping and changing.

I don't know enough to know if either of these options are good or elegant. The whole registration process also becomes messy. Any suggestions/solutions are welcome.

Thanks
Pierre
  Reply
#2
Hello,

What you could do is "ban" users upon registering.

I would still send the verification email and let them verify prior to logging in - but you can set the default value of "permission" in the users table to 0, which means once they login, it indicates they are banned.

You can change this value from admin_user.php - so when you verify a user, whether by regular check or an email alert you setup, by changing the Block select from Yes to No.

Let me know if you have any issues.
  Reply
#3
I'm sure this is along the lines of what Brandin is saying, but at my work, I have a permission level called "staff" that has all the "real" pages besides login/logout etc. Basically you can't do anything on our system if I don't assign you the permission level of staff. Note that these can be used independently so you can require every page to have the staff permission.
  Reply
#4
Thanks Brandin and mudmin for your answers. It sounds like mudmin is aiming in the right direction.

I think I slipped up and overlooked the fact that I can create additional access levels. That's done now. I might come back for further help, depending on the direction the other post took.

Many thanks for the quick help.
  Reply
#5
Awesome. We're glad to help!
  Reply
#6
I'd recommend emailing yourself when a new user registers so you know someone has signed up and can verify their full access, and also inform the new user they are pending verification (perhaps in the same welcome email). One of the most frustrating things that can happen to a user is not having access to things they should.
  Reply


Forum Jump:


Users browsing this thread: 2 Guest(s)