Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.
New member that have not unconfirmed email gets wrongly assigned user "Member"
Prosper
✭✭
On Vanilla version 2.2, newly registered but not yet confirmed emails get wrongly assigned user role "Member" on "dashboard - Users - Manage users". What is the best way to assign the role "Confirm Email" on on "dashboard - Users - Manage users" for new registered users that have not confirmed email?
Role "Member' is only for users that have confirmed their emails.
Tagged:
0
Comments
if you are not using approval method this used to work in vanilla 2.1 (may work in 2.2, you need to test)
confirm e-mail and approval - don't work well or didn't in 2.1 - people were fooled when users confirmed emails and became members without approval.
however,,,, confirm email config statements are as follows
$Configuration['Garden']['Registration']['ConfirmEmail'] = '1';
$Configuration['Garden']['Registration']['ConfirmEmailRole'] = '3'; // if confirm email role is id 3
assuming ConfirmEmailRole is role id 3 - check your role table.
see the official documentation
http://docs.vanillaforums.com/features/roles-permissions/default-role-types/
this item is no longer true in vanilla 2.2 - the easy way to reset roles was removed (perhaps security or ease).
http://vanillaforums.org/discussion/comment/219688/#Comment_219688
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine - I can't find this page on the forum www.my-forum.com/dashboard/role/defaultroles
What I see is this;
That looks like your roles and/or permissions haven't set up properly.
Have you run utility/structure/all?
If you have a copy of your DB before upgrade, you could try exporting the roles and importing them into your new DB.
@whu606 - when I ran utility/structure/all? it says "Scan your database for changes" when I click on scan button, I got the code below;
update GDN_RoleRole`set Type = 'applicant'
where RoleID = '4';
update GDN_Role
Roleset Type = 'member'
where RoleID = '8';
update GDN_Role
Roleset Type = 'unconfirmed'
where RoleID in ('3', '33');
update GDN_User
Userset Permissions = ''
where Permissions <> '';`
Clicking on the "Run structure & scritps" button shows - The structure was successfully executed.
Please what does that mean?
as I said in my post that info has been removed from dashboard in 2.2, so yes that is all you would see in your image normally in 2.2
it was an easy way to adjust config prior to 2.2. now you may need to manually do it via config.php.
post your config.php - (remove all sensitive information (passwords, salts, email, etc )
what is role 33 in your role table?
I think one of these links when clicked has no usable information whatsoever.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine The default roles information was merged into the standard roles management page:
You can change the associated role right in the edit page now.
Search first
Check out the Documentation! We are always looking for new content and pull requests.
Click on insightful, awesome, and funny reactions to thank community volunteers for their valuable posts.
Fair enough hg. if you want to add that to FAQ - might help some people.
but instead of adding it would be better to replace the item (less clutter the better).
http://vanillaforums.org/discussion/comment/219688/#Comment_219688
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine - This is some part of the config.php
// Garden $Configuration['Garden']['Title'] = 'Prosper Forum'; $Configuration['Garden']['Cookie']['Salt'] = '***'; $Configuration['Garden']['Cookie']['Domain'] = ''; $Configuration['Garden']['Registration']['ConfirmEmail'] = '1'; $Configuration['Garden']['Registration']['Method'] = 'Captcha'; $Configuration['Garden']['Registration']['ConfirmEmailRole'] = '33'; $Configuration['Garden']['Registration']['CaptchaPrivateKey'] = '***'; $Configuration['Garden']['Registration']['CaptchaPublicKey'] = '***'; $Configuration['Garden']['Registration']['InviteExpiration'] = '1 week'; $Configuration['Garden']['Registration']['InviteRoles']['3'] = '0'; $Configuration['Garden']['Registration']['InviteRoles']['8'] = '-1'; $Configuration['Garden']['Registration']['InviteRoles']['16'] = '-1'; $Configuration['Garden']['Registration']['InviteRoles']['32'] = '-1'; $Configuration['Garden']['Registration']['SendConnectEmail'] = '1'; $Configuration['Garden']['Registration']['DefaultRoles'] = array('8'); $Configuration['Garden']['Registration']['ApplicantRoleID'] = '4'; $Configuration['Garden']['Email']['SupportName'] = 'Prosper Forum'; $Configuration['Garden']['Email']['SupportAddress'] = 'info@my-forum.com'; $Configuration['Garden']['Email']['UseSmtp'] = false; $Configuration['Garden']['Email']['SmtpHost'] = ''; $Configuration['Garden']['Email']['SmtpUser'] = ''; $Configuration['Garden']['Email']['SmtpPassword'] = ''; $Configuration['Garden']['Email']['SmtpPort'] = '25'; $Configuration['Garden']['Email']['SmtpSecurity'] = 'ssl'; $Configuration['Garden']['Email']['MimeType'] = 'text/html'; $Configuration['Garden']['Version'] = '2.1.13p1'; $Configuration['Garden']['RewriteUrls'] = '1'; $Configuration['Garden']['CanProcessImages'] = true; $Configuration['Garden']['Installed'] = true; $Configuration['Garden']['InstallationID'] = '***'; $Configuration['Garden']['InstallationSecret'] = '***'; $Configuration['Garden']['Format']['Hashtags'] = false; $Configuration['Garden']['Format']['Mentions'] = '1'; $Configuration['Garden']['Format']['YouTube'] = '1'; $Configuration['Garden']['Format']['Vimeo'] = '1'; $Configuration['Garden']['Format']['MeActions'] = false; $Configuration['Garden']['Theme'] = 'prospertheme'; $Configuration['Garden']['Picture']['MaxHeight'] = '100000'; $Configuration['Garden']['Picture']['MaxWidth'] = '60000'; $Configuration['Garden']['Profile']['MaxHeight'] = '1000'; $Configuration['Garden']['Profile']['MaxWidth'] = '250'; $Configuration['Garden']['Profile']['ShowActivities'] = '1'; $Configuration['Garden']['Profile']['Public'] = '1'; $Configuration['Garden']['Thumbnail']['Size'] = '50'; $Configuration['Garden']['Errors']['MasterView'] = '4'; $Configuration['Garden']['Modules']['ShowGuestModule'] = '1'; $Configuration['Garden']['Locale'] = 'en'; $Configuration['Garden']['EditContentTimeout'] = '-1'; $Configuration['Garden']['InputFormatter'] = 'Html'; $Configuration['Garden']['HomepageTitle'] = 'Prosper Forum'; $Configuration['Garden']['Description'] = 'forum featuring newspapers topics and daily news. Members can create new topics and comment on topics. Registration is free.'; $Configuration['Garden']['SystemUserID'] = '64383'; $Configuration['Garden']['MobileTheme'] = 'prospermobile'; $Configuration['Garden']['Upload']['AllowedFileExtensions'] = array('m4v', 'avi', 'mov', 'mpg', 'mpeg', 'mp4', 'wmv', 'txt', 'jpg', 'jpeg', 'gif', 'png', 'bmp', 'tiff', 'zip', 'gz', 'tar.gz', 'tgz', 'mp3', 'psd', 'ai', 'fla', 'swf', 'pdf', 'doc', 'xls', 'ppt', 'docx', 'xlsx', 'log', 'rar', '7z', 'wav', 'aiff', 'mov', 'iframe', 'wma'); $Configuration['Garden']['Upload']['MaxFileSize'] = '20M'; $Configuration['Garden']['Embed']['Allow'] = true; $Configuration['Garden']['User']['ValidationRegex'] = '\\d\\w_ äöüß'; $Configuration['Garden']['User']['ValidationLength'] = '{3,20}'; $Configuration['Garden']['ShareImage'] = '07NC137TE7ZM.png'; $Configuration['Garden']['FavIcon'] = 'favicon_bb9fd0d65c7765e2.ico'; $Configuration['Garden']['Logo'] = 'J6ZOD03U2SO2.jpg'; $Configuration['Garden']['MobileInputFormatter'] = 'Html'; $Configuration['Garden']['AllowFileUploads'] = true;I notice
$Configuration['Garden']['Version'] = '2.1.13p1';I am suprised because I have updated to vanilla version 2.2, so why is the config.php stated version 2.1.13p1?Your questions/answers
ok that should be.
$Configuration['Garden']['Registration']['ConfirmEmailRole'] = '3';
manually update it. vanilla doesn't.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
Is the screenshot the correct method to identify role number?
you can either look in role table
go to this screen...
/dashboard/role
if you click on a role you will see a number in the url - that is the id of that role.
/role/edit/8
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
@peregrine Thanks. Then the "confirm email" role is /role/edit/3.
I will change to $Configuration['Garden']['Registration']['ConfirmEmailRole'] = '3'; and run demo registration test without confirming email to see if demo-user gets added to "Confirm Email" role.
@peregrine
The demo-user got added to "Member" role even without confirming email. However, the demo-user permission is that of "Confirm Email" role.
Is this the normal way vanilla version 2.2 works?
@Prosper
you know I am not sure. how it did work or how it is supposed to work.
And I am too tired to set up a mail server and test.
I always figured confirm e-mail was a waste of time.
I don't know if it is your method of registration or what.
sorry I can't help.
edited. see prospers results.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
Thank you so much @peregrine. The problem is now solved.
The config.php was like this
$Configuration['Garden']['Registration']['DefaultRoles'] = array('8');which assigns users that have not confirmed email to role "Member" while giving them permission for "Confirm Email"Now from your reply, I changed to
$Configuration['Garden']['Registration']['DefaultRoles'] = array('3');. Now users that have not confirmed email gets assigned to both "Confirm Email and Member" role while giving users permission for "Confirm Email". After email is confirmed, user gets assigned only to role "Member" with full permission of member role.Once again, thank you @peregrine.
actually no. the permissions are additive. unconfirmed users should NOT get member role in my frame of thinking.
since that means they get all the privs of a member.
but if that is the way it is supposed to work you like it, then so be it.
I'll test in vanilla 2.1 to see if it worked the same way, I think not.
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
No, the double roles (Confirm Email and Member) given to user that has not confirmed email does not give user Member role permission at all. User only gets Confirm Email role permission until after email is confirmed. After email is confirmed user now gets only Member role and member full permission.
With your -@peregrine help, user that has not confirmed email gets assigned to Confirm Email role although Member role is also assigned but no member permission.
you're brilliant prosper.
I didn't even begin to think the roles were not additive.
thanks for the clarification. seems a bit different than 2.1
I may not provide the completed solution you might desire, but I do try to provide honest suggestions to help you solve your issue.
I get the same