website members set to disabled by default upon signup
2 posts by 2 authors in: Forums > CMS Builder: Plugins & Add-ons
Last Post: September 16, 2013 (RSS)
By Mikey - September 15, 2013
I'm having trouble setting the website members site access to disabled by default using the newer website membership plugin. See comment in code which are bold black and red. Anyone have some suggestions on how to set site access to disabled by default?
<?php
// load viewer library
$libraryPath = 'cmsBuilder/lib/viewer_functions.php';
$dirsToCheck = array('/home/content/00/0000000/html/domain/','','../','../../','../../../');
foreach ($dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }}
if (!function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); }
if (!@$GLOBALS['WEBSITE_MEMBERSHIP_PLUGIN']) { die("You must activate the Website Membership plugin before you can access this page."); }
//
$useUsernames = true; // Set this to false to disallow usernames, email will be used as username instead
$showSignupForm = true; // don't change this value
// error checking
$errorsAndAlerts = "";
if (@$CURRENT_USER) {
$errorsAndAlerts .= "You are already signed up! <a href='/'>Click here to continue</a>.<br/>\n";
$showSignupForm = false;
}
// process form
if (@$_POST['save']) {
// redirect to profile page after after signing up
setPrefixedCookie('lastUrl', $GLOBALS['WEBSITE_LOGIN_PROFILE_URL']);
// error checking
$emailAlreadyInUse = mysql_count(accountsTable(), mysql_escapef("? IN (`username`, `email`)", @$_REQUEST['email']));
$usernameAlreadyInUse = mysql_count(accountsTable(), mysql_escapef("? IN (`username`, `email`)", @$_REQUEST['username']));
if (!@$_REQUEST['fullname']) { $errorsAndAlerts .= "You must enter your full name!<br/>\n"; }
if (!@$_REQUEST['email']) { $errorsAndAlerts .= "You must enter your email!<br/>\n"; }
elseif (!isValidEmail(@$_REQUEST['email'])) { $errorsAndAlerts .= "Please enter a valid email (example: user@example.com)<br/>\n"; }
elseif ($emailAlreadyInUse) { $errorsAndAlerts .= "That email is already in use, please choose another!<br/>\n"; }
if ($useUsernames) {
if (!@$_REQUEST['username']) { $errorsAndAlerts .= "You must choose a username!<br/>\n"; }
elseif (preg_match("/\s+/", @$_REQUEST['username'])) { $errorsAndAlerts .= "Username cannot contain spaces!<br/>\n"; }
elseif ($usernameAlreadyInUse) { $errorsAndAlerts .= "That username is already in use, please choose another!<br/>\n"; }
}
elseif (!$useUsernames) {
if (@$_REQUEST['username']) { $errorsAndAlerts .= "Usernames are not allowed!<br/>\n"; }
}
// add user
if (!$errorsAndAlerts) {
// generate password
$passwordText = wsm_generatePassword();
if (@$SETTINGS['advanced']['encryptPasswords']) { $passwordHash = getPasswordDigest($passwordText); }
else { $passwordHash = $passwordText; }
//
$colsToValues = array();
$colsToValues['createdDate='] = 'NOW()';
$colsToValues['updatedDate='] = 'NOW()';
$colsToValues['createdByUserNum'] = $CURRENT_USER['num'];
$colsToValues['updatedByUserNum'] = $CURRENT_USER['num'];
// fields defined by form:
//$colsToValues['agree_tos'] = $_REQUEST['agree_tos'];
$colsToValues['fullname'] = $_REQUEST['fullname'];
$colsToValues['email'] = $_REQUEST['email'];
$colsToValues['username'] = coalesce( @$_REQUEST['username'], $_REQUEST['email'] ); // email is saved as username if usernames not supported
$colsToValues['password'] = $passwordHash;
// ... add more form fields here by copying the above line!
$userNum = mysql_insert(accountsTable(), $colsToValues, true);
// set access rights for CMS so new users can access some CMS sections
$setAccessRights = true; // set to true and set access tables below to use this or false to disable
if ($setAccessRights && accountsTable() == "accounts") { // this is only relevant if you're adding users to the CMS accounts table
// NOTE: You can repeat this block to grant access to multiple sections
mysql_insert('_accesslist', array(
'userNum' => $userNum,
'tableName' => '_sample', // insert tablename you want to grant access to, or 'all' for all sections
'accessLevel' => '0', // access level allowed: 0=none, 6=author, 9=editor
'disabled' => '1', // access to site disable until approved NOTE this method doesn't work for some reason.
'maxRecords' => '', // max listings allowed (leave blank for unlimited)
'randomSaveId' => '123456789', // ignore - for internal use
));
}
// send message
list($mailErrors, $fromEmail) = wsm_sendSignupEmail($userNum, $passwordText);
if ($mailErrors) { alert("Mail Error: $mailErrors"); }
// show thanks
$errorsAndAlerts = "Thanks, We've created an account for you and emailed you your password.<br/><br/>\n";
$errorsAndAlerts .= "If you don't receive an email from us within a few minutes check your spam filter for messages from {$fromEmail}<br/><br/>\n";
$errorsAndAlerts .= "<a href='{$GLOBALS['WEBSITE_LOGIN_LOGIN_FORM_URL']}'>Click here to login</a>.";
$_REQUEST = array(); // clear form values
$showSignupForm = false;
}
}
?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
<style type="text/css">
body { font-family: arial; }
.instructions { border: 3px solid #000; background-color: #EEE; padding: 10px; text-align: left; margin: 25px}
</style>
</head>
<body>
<h1>Sample User Signup Form</h1>
<!-- USER SIGNUP FORM -->
<?php if (@$errorsAndAlerts): ?>
<div style="color: #C00; font-weight: bold; font-size: 13px;">
<?php echo $errorsAndAlerts; ?><br/>
</div>
<?php endif ?>
<?php if ($showSignupForm): ?>
<form method="post" action="?">
<input type="hidden" name="save" value="1" />
<table border="0" cellspacing="0" cellpadding="2">
<tr>
<td>Full Name</td>
<td><input type="text" name="fullname" value="<?php echo htmlencode(@$_REQUEST['fullname']); ?>" size="50" /></td>
</tr>
<tr>
<td>Email</td>
<td><input type="text" name="email" value="<?php echo htmlencode(@$_REQUEST['email']); ?>" size="50" /></td>
</tr>
<?php if ($useUsernames): ?>
<tr>
<td>Username</td>
<td><input type="text" name="username" value="<?php echo htmlencode(@$_REQUEST['username']); ?>" size="50" /></td>
</tr>
<?php endif ?>
<tr>
<td colspan="2" align="center">
<br/><input class="button" type="submit" name="submit" value="Sign up >>" />
</td>
</tr>
</table>
</form>
<?php endif ?>
<!-- /USER SIGNUP FORM -->
</body>
</html>
By Jason - September 16, 2013
Hi Zick,
There isn't a "disabled" field in the accesslist section, so that method won't work. Are you adding users to the accounts section, or a separate members section?
Do you want to disable a user's account until they are approved, so they can't login until they are approved? If so, you can set the disabled field in the member account like this:
// fields defined by form:
//$colsToValues['agree_tos'] = $_REQUEST['agree_tos'];
$colsToValues['fullname'] = $_REQUEST['fullname'];
$colsToValues['email'] = $_REQUEST['email'];
$colsToValues['username'] = coalesce( @$_REQUEST['username'], $_REQUEST['email'] ); // email is saved as username if usernames not supported
$colsToValues['password'] = $passwordHash;
$colsToValues['disabled'] = 1;
// ... add more form fields here by copying the above line!
Hope this helps
Jason Sauchuk - Project Manager
interactivetools.com
Hire me! Save time by getting our experts to help with your project.
http://www.interactivetools.com/consulting/