2. PHPRunner General questions
  3. Registration, only authorised persons
This topic is locked

Registration, only authorised persons

 		3/30/2008 8:47:00 AM
PHPRunner General questions
J
 Jepsen author

Here comes a kinky one that I can't figure out myself.
I am making a CMS based on PHPR 4.2 for an organisation that want a high degree of security and at the same time minimum administration.
They already have a member register with e-mail adresses registred, but they do not want to authomatically give everyone access. The aim is to allow authomatic registration as provided in PHPR, but only allow the registration if:
1: The e-mail adress is already registred in the database

2: The user have not registred before
The registration will utilise CAPTCHA and user activation
Any suggestions how I would do that?
Morten Jepsen
S
 		shawnmstout 3/30/2008

Here comes a kinky one that I can't figure out myself.

I am making a CMS based on PHPR 4.2 for an organisation that want a high degree of security and at the same time minimum administration.
They already have a member register with e-mail adresses registred, but they do not want to authomatically give everyone access. The aim is to allow authomatic registration as provided in PHPR, but only allow the registration if:
1: The e-mail adress is already registred in the database

2: The user have not registred before
The registration will utilise CAPTCHA and user activation
Any suggestions how I would do that?
Morten Jepsen


this is fairly easy, pull the registration from a db, and put in a checkmark for authorization and a level for access level, then only give access as needed and leave the default access to show nothing. not sure about the captcha though but im sure there should be someone here that can comment on that part, might be editing the registration page and requiring that part under validation
J
 		Jepsen author 3/31/2008

Thanks for your reply Shawnmstout, but I don't think this solves the problem.
I really wnat the registration page to only allo a e-mail which is already in the database. As it is now, it rejects the registration if the e-mail is in the database.
Morten
J
 		Jane 4/1/2008

Morten,
you can check entered email in the BeforeRegister event.
J
 		Jepsen author 4/1/2008

Morten,

you can check entered email in the BeforeRegister event.


Jane

That is fine, but I think it is more complex than that, or am I wrong?
Memberlist exist but members are not permittet access. Registration involved the following steps:
1: User supply e-mail and desired password.

2: If e-mail is in the list, password is stored in the list and activation mail is sent

3: Upon activation, user is given default rights
I see that all fhe functionality is there. The problem is that I will not try to insert new record (which is not allowed with duplicate e-mail) but I will update existing record with password.
I do not think this is possible without mooving behind the code, or am I wrong here?
:-)

Morten
J
 		Jane 4/1/2008

Morten,
yes. To change registration process you should edit generated code in the register.php file and replace insert statement with update.
Sergey Kornilov admin 4/1/2008

Morten,
The main issue is that registration page is designed to add a new record to the login table while you need to update an existing record.
Here is an idea that you can try.
In BeforeLogin check if email already exists.

If yes, delete this record from the login table and return true to let registration page inserts a new record.

If not, return false.
Sounds like a terrible hack though can save you from rolling your own registration schema.