Initial Login to Site

I'm not 100% sure this is where this topic belongs, if not please do move it to the correct forum thanks.

So I will be pre-registering users for them to use my site. Now to do this I must set a password. However, upon their first login with their pre-defined password, I need to page/pop-out menu to appear with; a welcome message, a few rules (also an agree button would be good) and finally a mandatory change of password!

Is there a plugin that does this, if so please point me in the right direction as I cannot find one! If not will it need a plugin or just some coding?

Look forward to a response.
Cheers
Ben

Hmm, not seen anything that will do that I'm afraid.

Father Barry has a 'welcome message' plugin that's triggered on user registration to send an e mail, but won't trigger if your pre creating the user but maybe could be moddified

There's also the 'cookies' menu that throws a message on first visit which could have the text edited to add some more rules (it's not publicly available yet but you can see it on my sites)

It's the mandatory password change that may cause most problems though

Ok I have had a look at Father Barry's plugin and have also asked on his site about modifying it. If anyone wishes to follow that Topic - http://www.keal.me.uk/plugins/forum/forum_viewtopic.php?8707

Ok any idea when the cookies menu will be released? Also would it be possible to change that to have a tick box for agree and if the box is not ticked their cannot go any further?

Any suggestions as for the change of password? Will it be something that is looked at in V2?

Right then looks like I will need to look at either writing or getting a plugin written then?

The idea would be that when the account gets logged into it will display a page and only once that page has been agree'd to / changed password, and the results (agree/disagree) stored in the db. Then the account will be allowed to continue onto the site?

I can't think of any easy way to do this.

Dave -- Does the auto promote plugin have anything in it that gets triggered on password change?

If it does you could set up another userclass that members get "promoted" to when they change their password, then it would be as simple as limiting pages/forums/etc to that new class instead of just "Members".

If it doesn't, looking into that plugin to add that functionality would be your best bet.

As far as the welcome message thing is concerned, you can display them based on class. So "Members" could get the "You are required to change your password before you can see anymore of the site." while the promoted members would either not see a message or see something different.

I think that the reset password function could be used if a direct link to this can be formed. Maybe you can redirect the users to forgot password page (fpw.php) and only give them their username and email, then they are forced to change password (they don't know the initial one, since you wont be providing it to them in this case).

As for the agree page, you can add a menu to the forgot password page telling them that by continuing with the reset password they are agreeing to your terms and conditions.

Or you can just edit the lan file for fpw, and say that by entering their username and email address they accept your term and conditions, rename the "Submit" to "I agree". Also you can add small menu on this page saying that on a successful agreement the user will receive a email confirmation and will be prompt to enter a password. I am not sure from where but there probably is a place or lan file that can be edited to modify the initial email text the users will receive.



Another idea is to copy the fpw file and rename it to something else, then you can edit the lan file and in stead of saying "Submit" it can say "I agree with your term and conditions".

After reset and successful login, rest is easy, since you can set different messages for different user classes, or even redirect them to a different page.

Sounds like a good idea, I have downloaded auto-promote and the there is no option so I will look into this!!

Would it be worth making the welcome plugin save the agree/disagree results save to the db once its done? Then have the auto-promote plugin read that to the promote them up again?




I also like this idea I will see if I can get septors idea to work first. If not this may be my only option! How do you mean with the entering a password with the email??

If you redirect them to a modified fpw.php they need to enter a username and email address (you will be giving them that info, but NOTHING MORE) to reset the initial password you have set. After pressing Submit (you ofc will be renaming this to I agree with bal blabla) they automatically receive an email with a link to reset the password ( it is a built-in core function).

If you play a bit with Forgot Password Page, you will see what I mean.
This action also solves your "agree before enter" issue, since they wont obtain the link to reset password before submitting/agreeing to your terms.

Below is how the default fpw looks, every text on it can be edited from the lan file from my knowledge (I didn't test it).



Downside of this: you need to attach a valid email address to their accounts on creation.

Ok cheers, I will give that a go now! And I shall let you know how I get on!

Thats fine with the email side of it as there arent may accounts

Ok I want to leave the fpw.php so it stays as it is!

If I was to change it to flpw.php (first login password) then the 'LAN' links don't work! How do I change this?

What I would do is infront of everything that I change ill just add 'FL' so 'LAN_05' would become 'FLLAN_05' that way I can keep it all in the same file

if you rename the file, you also make a copy of the original lan for fpw and rename it to lan_flpw, it is normal not to work.

Finished result -



Added a menu down the side to get the the page!

Will change the submit button and add more to the top of the page on what they will agree to when they click submit.

Last question on this one I think

Could I make it so that when they click submit/I agree on this page it's actually logged in the DB??

Very possible, though without looking at the plugin(s), I don't know how easy/much work it would be.



You could by modifying the file to do this, but it would require you to make a new preference or database table (which could be done in the same file).

This is very similar to something I'm working on. If your still looking for a fix then maybe I could share my work with you.

A client of mine has an e107 website with the registration switched off. It's just information pages and a contact form. They have asked for an area where staff can download commonly used documents and forms and interact with each other. They have about 160 people who need access to the area but the rest of the site needs to remain the same.

So, my problem seems to be the same as yours. Quite a few people need per-registered accounts on the site, but default passwords are a bad idea. This is what I'm in progress with...

An admin area where new "accounts" can be created. This emails the user with a "one time URL". The user clicks the link and is taken to a page where they need to confirm their email address and set their new password (they type the password twice). Once they have done this they can login as normal.

The trick is this... the actual e107 account is not created until the user visits the one-time URL and sets their password. Any existing users can log in as normal. Users can still register, but I have it switched off anyway. It's virtually impossible to guess the one time URL and even if you did, they would have to know the email address and it would have to be within the expiry period.

The admin area allows me to customise the outgoing email, set the default expiry of the URL, create new users and the URL's, and see 'unconfirmed' account, dates that accounts were confirmed, the I.P of the person who confirmed etc. Also the user 'confirm' page used javascript to validate email address, passwords matching and minimum length.

It's work in progress like I say. But I expect this to work as I planned. (?)

Hey Martin!

This seems like a brilliant idea and would be practically perfectly suited to what I would require!

How far have you got with this project? My only issue being i'm on a bit of a time schedule!! Would however love to see this in action. Let me know

I'm pretty close to finishing this. Although it will require a lot of testing (I will only test it for my purposes).

It should be ready for testing in a few days time I guess. PM me your email address and I'll send you a copy later this week.

I had a blitz on this plugin today and it's virtually ready for use. Send me a PM and I'll give you a copy to check out.

This would also be useful for sites where membership is by 'Admin Approval' Martin

Adds another layer of security

I see your point Dave, although I'm not sure how the two would work together. I'll put that thought on my to-do list.

It's pretty much finished anyway. I'm happy to use it for my needs but wont make this public just yet.

After testing this on live sites, I think it will be useful for people who email the site admin saying they can't login/create an account. Rather than giving instructions on registration, simply trigger an email with an expiry. All they need to do is click the link and set a password. They get an email reminder of their login name.

I'm sure there is more potential with this plugin but I'll see how it goes for now.