New installation of Joomla! 3. User registration gives me a problem that I cannot figure out how to solve: all new users got registered and activated but not enabled so when they are trying to login error messages "Login denied! Your account has been blocked" comes up. Checking on the back shows Activated but not Enabled.
I am using setting that will enable the user to register and use account right away without email confirmation.
The setting in User Management module are:
Allow User Registration:Yes;
New User Registration Group:Registered;
New User Account Activation:None;
Notification Mail to Administrators:None;
Please specify which other component are you using for you current site.
Might be some plugin will disable the user while creating new user, try to disable user plugin one by one and check it works or not
Setting for your preference:
Allow user registration: Yes;
New user registration Group: Registered;
New User Account activation: Self;
Although this is not a coding problem, still the answer to your question.
Related
I have a serious login problem with my new (and first ever) Drupal 7 site.
I have two different users so far, which of one is the admin which was created while installing Drupal. If, I log in with the other user's username and password, still, the hovering admin menu will and the menu shows the username of the admin user. This happens, if I log in to both accounts from the same computer, but now I tested the non-admin account from a computer that have never been used to log in the particular site before, and the problem
I am using the current 7.34 core of Drupal 7. The login module is the built-in one of the core.
How is this possible and what can be done about it?
Remove cookies from your browser for this site
Make sure your second user has not admin role.
I am using Easysocial Extension on my Joomla 3.0 site. i was able to successfully install and integrate it. But when ever a user get register i have to approve them to use the site. And don't want to approve every user, i want it in a auto mode. I have tried to Change the option for "New User Account Activation" to "None" under User Manager but No go. I have searcher for other options in Easysocial but not found any.
Can any one help in resolving this issue.
Do the following:
Login to the admin panel of the Joomla Back-end
Go to: Component > Easysocial > Settings > Profile types
Select your members group
Go to the Registration tab
Select Registration Type and Oauth Registration type (various options are there)
This may work, set these preferences in Joomla users > options
Allow user registration - Yes
New user registration Group - Registered
New User Account activation - Self
User will now need to click an activation link which will then authenticate them.
I am trying to secure my DNN site running on DNN version 7.01.02
WHat i am looking for is that anybody who registers for a new account must enter a valid email id and should be able to login only after he clicks the verification mail.
Currently the way i have it is Once the user enters his Email and chooses a password he is directly logged into the site and only gets the following message.
Here are the site settings for the Website i use to control the user Registration.
So how can i change this config so that the user can only log into the portal once he goes through the verification mail
PS: My verification mail works. I have checked the SMTP settings.
As an administrator, go to Site Settings, User Account Settings and change the User Registration Setting to "Verified."
The user will be required to enter a verification code when they log in for the first time.
I personally use the private setting, but I have a low traffic site. IF you dont mind verifying the accounts you can do that. Also you can set it to redirect to a page where it tells them that the account needs to be approved before they can login
I am trying to get user's online status during login. I am checking following property after ValidateUser, but it always return false.
objUser.Membership.IsOnLine
Just to confirm, i put following code in one of my module that can be accessed ONLY after login.
Dim _currentUser As UserInfo = DotNetNuke.Entities.Users.UserController.GetCurrentUserInfo()
Dim message as String = IIf(_currentUser.Membership.IsOnLine, "Online", "Not Online")
UI.Skins.Skin.AddModuleMessage(Me, message, Skins.Controls.ModuleMessage.ModuleMessageType.BlueInfo)
It always show 'Not Online', while user is logged in.
Am i missing something?
Please help.
I am using DNN 6.02.05 Community Ed.
Important steps to Enable Online Users in DotNetNuke
The “Users Online” module works on a background thread (via the scheduler) to add and expire users from the users online list. The scheduled job should exist in your installation, but it is disabled by default.
To enable the scheduled job:-
Login to your portal as a Super User account (e.g. host)
Navigate to Host -> Schedule
Edit the “DotNetNuke.Entities.Users.PurgeUsersOnline, DOTNETNUKE” job (click the pencil)
Check “Scheduled Enabled”
Click Update
Click 'run now' to get effect on the spot.
Now that you have configured the scheduled job, your users should begin to process background users. The problem is that there is an additional host setting you must set before this can occur.
To enable users online:-
Login to your portal as a Super User account (e.g. host)
Navigate to Host -> Host Settings
Expand “Other Settings”
Check “Enable Users Online”
Click Update
maybe a dumb question, but did you check whether users online feature is turned on in the host settings --> other settings?
I have in my web application a role called "Administrator". Users who have this role should be able to modify the information about the registered users.
I am thinking about displaying a table with the user details such as e-mail, username, and be able to change them but I don't know what should I do if a users comes to the office physically, goes to an admin and asks for a password change (yes they can do that). Should the admin just press a reset button over the row and tell the user to check his e-mail when he arrives home and proceed with the recovery? (reset link for example) Or should the administrator reset the user's password and give him his new password in that very moment? The second approach is preferable as I was asked to do that...
I know that the admin shouldn't be able to see the original password as it should be hashed and unknown.
What are your thoughts about this? How would you implement this functionality? Thanks for your help.
There is no one perfect answer for this question. The question of workflow will always be dependent on the specific use-cases of an application and will depend on the context it is built in.
That being said, you are right about one thing - it is horrible, and I do mean horrible, security breach to let an Admin or any other user view a clear text password for someone else. So that's definitely off the table.
In your case, it seems giving the admin the right to change someone's password is the way to go. If you're worried about how it looks, don't be. Google Apps allows domain administrators to change the password for any email account under that domain.
Finally, I would suggest a small additional safety measure. When an Admin changes another user's password, store the old encrypted password in a column, don't delete it. When the admin set's the new password, shoot out an email to the user saying "Your password was changed by the Administrator, if you did not request for this, please click here". When they click on the link in the email, simply overwrite the new password with their old one.
That way in case an Admin is changing passwords without the user requesting it, you have a recourse for the user and the logs will keep you informed of how many time an admin has had a password reset revoked by the user.