Membership Plugin - Extra Sign-up Steps?

By Perchpole - July 8, 2013

Hello, All -

A couple of years ago I created a CMSB website for a charity which works in some fairly remote locations all over the world. Every year they compile a directory of their members - which currently stands at about 400 people. It includes such details as their name, the location of their posting, date they became members, etc, etc. I recently compiled an online version of the directory and added it to the website (as a CMSB editor). The plan is to make it available to all the members in a "private user area".

The organisation wants to invite all its members to come and register - after which they will be able to access the private area. However, because some of these people work in far off lands, where privacy may be a little lax, I would prefer to add an extra layer of secutiry to the sign-up process. I want to ensure that only people who exist in the directory would be able to register.

Instead of sending them directly to the sign-up page, I want them to pass thru some sort of validation gateway first. Here the member would be asked to confirm their name and perhaps another detail which would be known only to them. The form would then check to see if the info tallies with the records in the directory. If the info checks out they would then be forwarded to the sign-up page.

Is this reasonable? What would be the best way to set this up?

:0s

Perchpole

By Perchpole - July 8, 2013

Hi, Greg -

Thanks for your advice. In this instance, what is the easiest method for "matching" between the input and existing data?

Thanks,

Perch

By gregThomas - July 8, 2013

Hi Perch,

I would use the mysql_count function to check if the user has a record in your user table, if you're using the website membership generated sign up form, something like this would work:

    if     (!@$_REQUEST['fullname'])                                                                                             { $errorsAndAlerts .= "You must enter your full name!<br/>\n"; }
    if     (!@$_REQUEST['email'])                                                                                                { $errorsAndAlerts .= "You must enter your email!<br/>\n"; }
    if     (!@$_REQUEST['first_pet'])                                                                                            { $errorsAndAlerts .= "You must enter your first pets name!<br/>\n"; }
    elseif (!isValidEmail(@$_REQUEST['email']))                                                                                  { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)<br/>\n"; }
    elseif ($emailAlreadyInUse)                                                                                                  { $errorsAndAlerts .= "That email is already in use, please choose another!<br/>\n"; }
    elseif(!mysql_count('members_table_name', "email = '".@$_REQUEST['email']."' AND first_pet = '".@$_REQUEST['first_pet']."'")){ $errorsAndAlerts .= "I'm sorry. We couldn't find you in our database."; }
    if ($useUsernames) {
      if     (!@$_REQUEST['username'])                                                                                           { $errorsAndAlerts .= "You must choose a username!<br/>\n"; }
      elseif (preg_match("/\s+/", @$_REQUEST['username']))                                                                       { $errorsAndAlerts .= "Username cannot contain spaces!<br/>\n"; }
      elseif ($usernameAlreadyInUse)                                                                                             { $errorsAndAlerts .= "That username is already in use, please choose another!<br/>\n"; }
    }
    elseif (!$useUsernames) {
      if (@$_REQUEST['username'])                                                                                                { $errorsAndAlerts .= "Usernames are not allowed!<br/>\n"; }
    }

This is just example code, so you'd need to make a few changes to get it working with your site. 

So if you had data a field that stored the users first pet and email address in fields called first_pet and email respectively, you could use the mysql_count function to check to return if a record existed for that user. You would have to add a new text field to the sign up form with a name of first_pet. If what the user had entered in the form matched what was in the first_pet and e-mail field, then 1 would be returned, otherwise 0 will be returned and an error will be triggered stating "I'm sorry. We couldn't find you in our database."

Thanks!

Greg

Greg Thomas







PHP Programmer - interactivetools.com

By Perchpole - July 11, 2013

Hi, Greg -

This is brilliant. It works really well. I changed the required information to firstname and lastname - in place of fullname. The system then checks to see if the combo is present in the Directory of members. If it isn't found, the sign-up form throws an error.

Perfect!

Perch

I would add a couple of fields to the sign up form.

http://www.forlingeries.com/