1. 18 May, 2012 1 commit
    • Richard Mansfield's avatar
      Add local hooks for registration and user initialisation (bug #1001064) · 5d737aa5
      Richard Mansfield authored
      
      
      Three new hooks are added:
      
      local_init_user() - called after $USER is initialised.  This is useful
      for changing the user's theme before $THEME is initialised.
      
      local_register_submit() - called when the registration form is
      successfully submitted, but before the submitted values are saved to
      usr_registration.  This is useful for remembering the properties or
      preferences of the logged-out user when the form was submitted.
      
      local_post_register() - called after a user has successfully been
      created and logged in during registration.  This is useful when
      properties of the user (which may have been saved to usr_registration
      by local_register_submit()) need to be transferred to the newly
      registered user.
      
      Change-Id: Ifcb19737bdcecb550185624f2fd78e541690a337
      Signed-off-by: default avatarRichard Mansfield <richard.mansfield@catalyst.net.nz>
      5d737aa5
  2. 15 May, 2012 1 commit
    • Hugh Davenport's avatar
      Add ability to register with a BrowserID (bug #986004) · a5a97f21
      Hugh Davenport authored
      
      
      When a user clicks on "BrowserID Login", one of three things will happen
      1- If they have an account, they will login
      2- If they don't but there is one authinstance with browserid is present
          AND it has weautocreateusers enabled, then they will get an account
          in that institution, and login
      3- If none of the above is true, they will get redirected to a register
          page, which follows same self registration pattern as the internal
          authentication with the "confirm email" step removed.
      
      Change-Id: Idde3166e0664bf2acdc1da32271125e91d43af9c
      Signed-off-by: default avatarHugh Davenport <hugh@catalyst.net.nz>
      a5a97f21
  3. 07 May, 2012 1 commit
  4. 01 May, 2012 2 commits
  5. 30 Apr, 2012 3 commits
  6. 27 Apr, 2012 1 commit
  7. 12 Mar, 2012 1 commit
  8. 27 Jun, 2011 2 commits
  9. 24 Jun, 2011 1 commit
    • Darryl Hamilton's avatar
      Add optional institution registration confirmation (bug #662775) · f46e341e
      Darryl Hamilton authored
      
      
      There is now a new option in the settings for an institution to
      confirm registrations. When this is set, a new user admitting
      themselves to an institution is required to complete an extra step
      during registration, where they must provide a "reason" for their
      registration.
      
      After email verification the user must wait until an administrator
      approves or denies their registration before they can properly
      access the site. For the administrator, this is done via a new
      admin page under Institutions, called "Pending Registrations".
      
      Change-Id: I2bd68e39a9f4ef89f350ac573d8232f342de6fdc
      Author: Stacey Walker <stacey@catalyst-eu.net>
      Signed-off-by: default avatarBrett Wilkins <brett@catalyst.net.nz>
      Signed-off-by: default avatarDarryl Hamilton <darrylh@catalyst.net.nz>
      f46e341e
  10. 20 Jun, 2011 1 commit
  11. 13 May, 2011 1 commit
  12. 29 Apr, 2011 1 commit
  13. 23 Dec, 2010 1 commit
  14. 20 Jul, 2010 1 commit
  15. 04 Jul, 2010 1 commit
  16. 11 Jun, 2010 2 commits
  17. 18 Apr, 2010 1 commit
  18. 16 Apr, 2010 1 commit
  19. 14 Apr, 2010 1 commit
  20. 08 Apr, 2010 2 commits
  21. 07 Apr, 2010 2 commits
    • Evan Goldenberg's avatar
      add pluggable anti spam features for forms · f307844a
      Evan Goldenberg authored
      
      
      This is a pluggable anti-spam infrastructure for protecting forms in
      Mahara again spam.
      
      The contact and register forms have been modified to include the
      following anti-spam features:
          - hashed field names
          - honey pot (invisible) fields
          - submission time monitoring
      
      Additionally, content checking is provided by the following spam traps:
          - NoneSpamTrap: the base class for other spam traps, does no
            checking on its own
          - SimpleSpamTrap: provides basic checks that don't require an
            internet connection
          - AdvancedSpamTrap: provides better checks that require an internet
            connection, including checking for the existence of mailservers
            and the presence of blacklisted URLs
      
      New spam traps can easily be created by adding a file to lib/antispam
      with the name MyTrapNameSpamTrap.php. Added spam traps will be
      automatically detected and available for selection in the site options
      page.
      Signed-off-by: default avatarEvan Goldenberg <evang@catalyst.net.nz>
      f307844a
    • Evan Goldenberg's avatar
  22. 27 Oct, 2009 1 commit
  23. 15 Sep, 2009 1 commit
  24. 25 Aug, 2009 1 commit
  25. 24 Aug, 2009 1 commit
  26. 02 Jul, 2009 2 commits
  27. 14 Jun, 2009 2 commits
  28. 12 Feb, 2009 1 commit
  29. 26 Aug, 2008 1 commit
  30. 06 Jun, 2008 1 commit
    • Nigel McNie's avatar
      Make usernames unique over their lowercase values, and put validation in... · 7c7ed40b
      Nigel McNie authored
      Make usernames unique over their lowercase values, and put validation in everywhere so two users can't do this again.
      
      Usernames _are_ meant to be case insensitive in the system. But at no point where users could be created (except for XMLRPC users), was this actually being enforced. So eventually someone actually did this, which caused login for both users to break.
      
      Now, all entry points for new users are checked to make sure users can't claim names whose lowercase value is the same as another user. And on postgres, we now have a unique index over LOWER(username). This isn't possible in MySQL, so MySQL users miss out (yet again).
      7c7ed40b
  31. 04 Mar, 2008 1 commit