Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Registration must be approved by admin  (Read 7256 times)

0 Members and 1 Guest are viewing this topic.

another_angel

  • Coppermine novice
  • *
  • Country: 00
  • Offline Offline
  • Posts: 28
    • Team Skarsgård
Registration must be approved by admin
« on: July 13, 2004, 01:31:26 am »

I was wondering if there is a way to add code that will not allow registrations to become active until the admin approves them?

Thanks,
Angel
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Registration must be approved by admin
« Reply #1 on: July 13, 2004, 08:46:02 am »

you can require verification emails to be sent in coppermine config, and then modify the confirmation email to be sent to you (the admin) insted of the user. Edit register.php, find
Code: [Select]
if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), strtr($lang_register_confirm_email, $template_vars))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
and change to
Code: [Select]
if (!cpg_mail($CONFIG['gallery_admin_email'], sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), strtr($lang_register_confirm_email, $template_vars))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
You (as admin) will then be sent the confrmation mail, you can activate the user by clicking on the link inside the email.

GauGau
Logged

raromachine

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 5
    • raromachine
Re: Registration must be approved by admin
« Reply #2 on: August 26, 2004, 02:21:03 am »

Ah perfect - I was going to start hacking a far more complicated system - I must have been feeling mad.

Is there any chance this will become a switchable feature on the config screen?
It's sometimes nice to limit registration to a small and known community.

r.
Logged

Nibbler

  • Guest
Re: Registration must be approved by admin
« Reply #3 on: August 26, 2004, 03:08:49 am »

You can already have notification mails sent to you when people register, and you can activate users manually in the user manager page by editing them. Imho this hardcoding method is less convenient than the already existing setup.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Registration must be approved by admin
« Reply #4 on: August 26, 2004, 06:41:03 am »

I'm currently making my mind up how to integrate admin-approved membership into the next coppermine version, as it's a feature that gets reuqested rather often. Not sure yet which method to chose, but then there will be some time untill the next version will be released - so don't hold your breath ;).

Joachim
Logged

raromachine

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 5
    • raromachine
Re: Registration must be approved by admin
« Reply #5 on: August 27, 2004, 07:44:17 am »

Breath not held - well, slightly held.

In the end I hacked the registration page to:

Send and email to the Admin with auth code,
Send an email to the user saying thanks and please be patient,

Allow the Admin to approve when logged in, and
Send a email to the user on approval.

Horribly messy - but it has worked in all cases!

Coppermine is great :)
Logged

syedali

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 36
Re: Registration must be approved by admin
« Reply #6 on: September 03, 2004, 10:36:32 pm »

Hey GauGau I know I've personally asked this quite a few times let alone comment on anyone else who post anything related to this, but I was wondering if you can do the same thing like we see on Forums nowadays, when you register. It mails you telling that the profile has yet to be approved by the admin and then sends you an "account activated" link. You can checkout www.jaltheband.com where I registered and went "oh hey why cant we do that in coppermine"
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Registration must be approved by admin
« Reply #7 on: September 03, 2004, 11:03:48 pm »

as I already wrote two postings earlier, this is being considered. I know the usual options bbs apps offer, and it will be something similar.

Joachim
Logged

ElCool

  • Coppermine newbie
  • Offline Offline
  • Gender: Male
  • Posts: 4
  • ...my pretty head? in a box?
Re: Registration must be approved by admin
« Reply #8 on: October 12, 2004, 10:01:17 am »

Well, at least I now control the activation :)

but.... in the email, the users password appears...
I don't think this is very good, ( It could be benefitial in a way, lol.... but I don't think I should know those passwords)
where do I edit what goes out in that email?

*edit....
 ookk.... I don't think this is much of a purpose anyway.... since, I can see the passwords in the sql database

I think for the future, you should fix this.... encrypt the password stored in the database....im a good admin, but people can do stuff with it...
« Last Edit: October 12, 2004, 11:33:06 pm by ElCool »
Logged
- don't forget to bring a towel

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Registration must be approved by admin
« Reply #9 on: October 12, 2004, 11:46:00 pm »

this has been discussed before and will be changed for paranoid coppermine admins in future versions (although there's little point in this, as admin is always king), please don't hijack this thread - instead: search the board for the discussion on md5 encryption of passwords in the db.

Joachim
Logged
Pages: [1]   Go Up
 

Page created in 0.03 seconds with 19 queries.