Hi there,
I am in the process of setting up moodle for a youth organisation.
What I am wanting is to use the email based self registration for users outside the organisation (members have a username manually setup as we have other systems that use the same usernames) but have the administrators approve the account of the non-member.
We want this to avoid fake and nuisance accounts.
On further thought, is it possible to have the non-member confirm their email but not have access until an admin has approved their account?
Thanks in advance for any help,
Sam.
Sam --
This advice appears several times in similar requests but it only notifies the Admin about the account creation; the user still receives the confirmation e-mail and can access the site.
For me this was close but no cigar.
I needed *account approval* before the user gains access. Being adventurous, I created a dummy user with working e-mail address to test this out.
I changed this:
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);
To this:
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
Checking the dummy's e-mail - none. Checking my support user's e-mail, I have the confirmation e-mail that the user would normally receive. Checking the list of user accounts (as Admin on the site), there is link to confirm the account (edit/delete/confirm). Once this is done the support user can forward the e-mail to the new user (but the account is already approved).
FYI, I am on 1.9.1+; the line is #4339. Your mileage (and mine) may vary. If there are issues with this, I hope the Moodle gurus will let us know!
This advice appears several times in similar requests but it only notifies the Admin about the account creation; the user still receives the confirmation e-mail and can access the site.
For me this was close but no cigar.
I needed *account approval* before the user gains access. Being adventurous, I created a dummy user with working e-mail address to test this out.
I changed this:
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);
To this:
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
Checking the dummy's e-mail - none. Checking my support user's e-mail, I have the confirmation e-mail that the user would normally receive. Checking the list of user accounts (as Admin on the site), there is link to confirm the account (edit/delete/confirm). Once this is done the support user can forward the e-mail to the new user (but the account is already approved).
FYI, I am on 1.9.1+; the line is #4339. Your mileage (and mine) may vary. If there are issues with this, I hope the Moodle gurus will let us know!
I also wanted to setup a similar account creation method - in effect having the user "request" an account, but require the Admin to actually approve it. After much searching of the forums, I was not able to find a solution that accomplished what I wanted.
I wanted it to be clear to the user that they are requesting an account that will still need to be approved before they can access the system. Ultimately, I decided to write a script that uses the same form as e-mail self-registration (so I get the data validation, acceptance of site policy, etc.). Once the form is completed, and the Request Account button is clicked, an e-mail is sent to the site administrator notifying of the request. The Administrator is then responsible for confirming the account and notifying the user of the activation. (This script does not require any changes to the Moodle scripts.)
The end result is not significantly different than the solution that Sherry posted, but gave me the ability make the fact that this is an account "request" clear, as well as control the format of the e-mail that is sent to the Administrator. I have no doubt that this could be improved upon, but it is meeting my needs for now.
I wanted it to be clear to the user that they are requesting an account that will still need to be approved before they can access the system. Ultimately, I decided to write a script that uses the same form as e-mail self-registration (so I get the data validation, acceptance of site policy, etc.). Once the form is completed, and the Request Account button is clicked, an e-mail is sent to the site administrator notifying of the request. The Administrator is then responsible for confirming the account and notifying the user of the activation. (This script does not require any changes to the Moodle scripts.)
The end result is not significantly different than the solution that Sherry posted, but gave me the ability make the fact that this is an account "request" clear, as well as control the format of the e-mail that is sent to the Administrator. I have no doubt that this could be improved upon, but it is meeting my needs for now.
Hi Greg,
This sounds like a great solution. Do you intend to share it with the community?
I think there are several of us still looking for this.
Thanks!
~Amanda
This sounds like a great solution. Do you intend to share it with the community?
I think there are several of us still looking for this.
Thanks!
~Amanda
Amanda -
I am very much willing to share this with anyone who may be interested. Ultimately, I think what Anthony is proposing is a much better solution. But if you want an interim option, here are the files and some basic instructions.
INSTRUCTIONS
Notes:
New account requests are sent to the email address that is defined for the admin account. When a user submits the Request Account form, the account is created in Moodle as a Manual Account. This account must then be confirmed by an administrator before the user can log in. Though certainly not necessary, it also may be helpful to add a "Reason for account" field to the form.
I am very much willing to share this with anyone who may be interested. Ultimately, I think what Anthony is proposing is a much better solution. But if you want an interim option, here are the files and some basic instructions.
INSTRUCTIONS
- Copy the files request.php and request_form.php to <moodle home>/login/ directory
- In Moodle, go to the Users-Authentication-Manage Authentication screen
- Verify that 'Email-based self-registration' is enabled. (This is necessary so that any previously created self-registered users can still login)
- Set 'Self registration' to 'Disable'
- Add custom instructions to the Instruction box, making sure to include a link to the request.php file. For example:
Hi! For full access to courses you'll need to take a minute to request a new account for yourself on this web site. Each of the individual courses may also have a one-time "enrolment key", which you won't need until later. Here are the steps:
- Fill in the <a href="../login/request.php">Request Account</a> form with your details.
- The system administrator will be notified of your request.
- The administrator will notify you by email when your new account has been confirmed.
- Use the username and password you selected to log in to the system.
- Now, select the course you want to participate in.
- If you are prompted for an "enrolment key" - use the one that your teacher has given you. This will "enrol" you in the course.
- You can now access the full course. From now on you will only need to enter your personal username and password (in the form on this page) to log in and access any course you have enrolled in.
Notes:
New account requests are sent to the email address that is defined for the admin account. When a user submits the Request Account form, the account is created in Moodle as a Manual Account. This account must then be confirmed by an administrator before the user can log in. Though certainly not necessary, it also may be helpful to add a "Reason for account" field to the form.
Can you tell me (or point me in the right direction) how to add the "Reason for account" field?
Thanks!
Mike
Thanks!
Mike
Mike,
You can add a "Reason for account" by adding a new user profile field. In the Site Administration block, click Users - Accounts - User profile fields. Click the drop-down for Create a new profile field and select Text Area. Here are some settings I used, but you can customize this to fit your needs.
Short name: accountreason
Name: Reason for Account
Description of field: Reason for Account
Field required: No
Field locked: No
Should data be unique: No
Display on signup page: Yes
Visible to: Visible to User
Category: Other fields
Click the Save Changes button, and you will have the field on your sign-up form.
Hope this helps,
Greg
You can add a "Reason for account" by adding a new user profile field. In the Site Administration block, click Users - Accounts - User profile fields. Click the drop-down for Create a new profile field and select Text Area. Here are some settings I used, but you can customize this to fit your needs.
Short name: accountreason
Name: Reason for Account
Description of field: Reason for Account
Field required: No
Field locked: No
Should data be unique: No
Display on signup page: Yes
Visible to: Visible to User
Category: Other fields
Click the Save Changes button, and you will have the field on your sign-up form.
Hope this helps,
Greg
Thanks Greg, that worked in creating the form but the data from the new fields I created do not get passed through to the email which gets sent to the administrator. I tried modifying the request.php to add the shortnames of the new fields so that they would get passed but that did not work.
Also before I received your answer, I had tried modifying the request.php and request_form.php to put in the additional fields and got it all to work correctly except that the new fields have 2 square brackets on each side.
Here is what I added to request_form.php
$mform->addElement('text', 'reason', get_string('Reason for Registering'), 'maxlength="100" size="40"');
$mform->setType('reason', PARAM_NOTAGS);
$mform->addRule('reason', get_string('missingreason'), 'Notrequired', null, 'server');
Is there a way to get rid of the brackets? Or going back to your solution, what do I need to do to get the new field's values passed on in the email?
Thanks again,
Mike
Also before I received your answer, I had tried modifying the request.php and request_form.php to put in the additional fields and got it all to work correctly except that the new fields have 2 square brackets on each side.
Here is what I added to request_form.php
$mform->addElement('text', 'reason', get_string('Reason for Registering'), 'maxlength="100" size="40"');
$mform->setType('reason', PARAM_NOTAGS);
$mform->addRule('reason', get_string('missingreason'), 'Notrequired', null, 'server');
Is there a way to get rid of the brackets? Or going back to your solution, what do I need to do to get the new field's values passed on in the email?
Thanks again,
Mike
Our host provider placed the request.php and request_form.php into the public_html/login folder.
When I try to access request.php, I get the following message:
Call to undefined function: profile_signup_fields() in /home/distant/public_html/login/request_form.php on line 87
Should these files have been put into the moodle/login folder?
When I try to access request.php, I get the following message:
Call to undefined function: profile_signup_fields() in /home/distant/public_html/login/request_form.php on line 87
Should these files have been put into the moodle/login folder?
Mike,
You are correct - they need to be in the moodle/login directory. There are a number of lines of code that assume this directory placement.
Hope this helps,
Greg
You are correct - they need to be in the moodle/login directory. There are a number of lines of code that assume this directory placement.
Hope this helps,
Greg
Found it! /public_html/lang/en_utf8/moodle.php
Thanks again.
T
Thanks again.
T
Hello Greg,
Can you tell me how we can add role button on Login page/registration form.
hi greg,
i got this error
Incorrect sesskey submitted, form not accepted!
now what should i do ?
thnx for your help in advance
Hi Greg,
I'm sure someone must have had this problem and tackled it - but I haven't been able to find a solution yet.
I have added one filed to user profile, but my requirement is i have to add one anchor link beside that newly added filed, can you pls tell me how to add anchor link.
Thanks
Rambabu
I'm sure someone must have had this problem and tackled it - but I haven't been able to find a solution yet.
I have added one filed to user profile, but my requirement is i have to add one anchor link beside that newly added filed, can you pls tell me how to add anchor link.
Thanks
Rambabu
How can I add custom instructions to the Instruction box? and what is the content of request.php?
Thanks.
Hi Ihsan,
You can add custom instructions by going to Site Administration-Users-Authentication-Manage Authentication. On this page you will find an Instruction box where you can add the custom instructions.
As to the contents of the request.php file, you can take a look at it by opening it in a text editor. It's been a while since I worked on that file, but if I am remembering correctly, I based it off the general logic of the signup.php file that is part of Moodle 1.9.
I hope this helps,
Greg
Thank you very much! This is exactally what I have been looking for.
Bonnie Thurber
Hi, as your php scripts are no longer compatible with Moodle v2 I made some small changes to them.
Now the module can be used with Moodle 2.0.x
Hi,
I'm using the version 2 of Request Form on moodle 2.0.2, but I have a problem: when the admin confirms the user, the user does not receive any confirmation email.
I'm sure that the email settings are correct because when the user asks for an account, the admin receives the notification email.
Any idea about a possible solution?
Thanks in advance
I have been using teh code changes proposed in this exchange to the confirm.php to allow admin approval of self registrations. Does this package provide that same functionality? If so where do these 2 files need to be placed? I couldn't find comparable in my Moodle 2.1 install. Thanks for any assistance.
Doh!
I was in the early stages of testing this and it worked great. We upgraded to 2.4 stable yesterday and all I get now is a blank page
I've had a look at the code but I'm not up to the job. Is there anyone out there can make the revisions necessary?
Cheers, Sam.
Great script thanks for sharing it. I have it set up and it works fine in Internet Explorer but for some reason the captcha doesnt show up in Firefox 6. I've downloaded some older portable Firefox versions to try it in those. Any ideas?
I've been able to successfully send requests several times with IE and captcha but Firfox just says reCaptcha ? without showing the images and prompting for them. Any help is greatly appreciate - we have many users on Firefox.
Edit: It did not work in Firefox 3.6 either. I'm on 1.9.11 and have curl, etc. and all other required env items. As I mention it's working on IE. Cookies are allowed for my site and I don't see any images being blocked in Firefox. I am at a loss - help please friendly Moodle denizens.
Edit2: I read online that sometimes the recaptcha's code placement can affect Firefox. This code is inside the form. I've attached the code returned in the page source and it appears to have everything it needs but must be Firefox doesn't like the html layout.
Ok, this wouldn't just affect Firefox - though that is the behavior. The URL for secure captcha has changed to a google address. The old address doesn't work correctly for everyone now. This afects all versions of Moodle prior to a version of 2.0.
The fix is descviber in this post. You can fix it manually or there is a patch, which is also listed in the post.
I changed the file and my captcha is working fine now.
Great solution, Greg! Thanks for this!
Unfortunately I'm running into an issue regarding the expiration of the user signups. I am the administrator of the site, but my director wants to approve everyone that registers first ( it's complicated, best not to ask : ). We were both away for the holidays, and had 10 registrations expire. Is there anyway to increase the time that Moodle will keep the registrations active?
Hi Nick,
If you go to ite Administration->Server->Cleanup-> you can change the setting for automatic deletion of incomplete (ie unconfirmed) accounts. There are various options from 1 hour up to seven days, and the next one after that is "Never".
cheers
Nigel
Thank you Greg for this it is exactly what I was looking for.
I fear this forum may be in active but I need your help.
I have uploaded the PHP files and everything is running smoothly. However, I would like to change the message that a user receives when they try to log in before they are approved. I have looked through dozens of PHP files and cannot find where I change it.
Currently the message is displayed as:
I fear this forum may be in active but I need your help.
I have uploaded the PHP files and everything is running smoothly. However, I would like to change the message that a user receives when they try to log in before they are approved. I have looked through dozens of PHP files and cannot find where I change it.
Currently the message is displayed as:
You need to confirm your login
An email should have been sent to your address at usersemail@someaddress
It contains easy instructions to complete your registration.
If you continue to have difficulty, contact the site administrator.
http://xxx/login/index.php
If anyone can assist me I will be forever grateful
T
Sherry - This seems like an interesting and simple option for self-registration. The problem I see with your solution is that the email does not in fact actually get confirmed. Instead it relies on the admin recognizing the email address. What I would advocate for is for an option to have a double-confirmation. First the user has to confirm the email address and then they are notified that the system administrator will have to confirm their registration. Upon confirmation the user receives a notice that the account is confirmed and ready to use. I think it would be helpful also to specify the email address that the admin wants to use. I have added MDL-15636 to the tracker. If you are interested in this feature you can watch and/or vote for the issue there. I do think this option would represent a convenient combination of allowing users to create their accounts but allowing the site administrator to control who ultimately is allowed on the site. Peace - Anthony
Anthony, thanks for setting this up in the tracker. I get asked about this fairly often, so I went over to the tracker and added my vote 
.
Here is another quick and dirty solution:
I renamed the confirm.php in the login directory to confirm_org.php
and replaced it with a custom confirm.php to re-send the confirmation link to the admin. The admin gets a modified message with the user e-mail address, so it is easy to acitivate the account via the link and forward the user an email, that the account is activated now.
The result is:
.
Rename the original confirm.php to confirm_org.php (or even use another name and change this in the changed script).
Hope this helps someone until an official solution is available.
I renamed the confirm.php in the login directory to confirm_org.php
and replaced it with a custom confirm.php to re-send the confirmation link to the admin. The admin gets a modified message with the user e-mail address, so it is easy to acitivate the account via the link and forward the user an email, that the account is activated now.
The result is:
- User self registers as usual
- User receives his/her confirmation e-mail and clicks on the link
- User receives a message, that the confirmation is routed to the admin
- and admin receives an email with the original activation link of the user
- admin uses above link to activate user
- admin sends email to user, that he/she is activated now
Rename the original confirm.php to confirm_org.php (or even use another name and change this in the changed script).
Hope this helps someone until an official solution is available.
Thanks for posting a solution here. This is a great and simple solution I could implement.
Thanks ... this worked.
Marcus, how has this worked in practice? Is the admin able to identify real users vs spammers?
Just as another possible solution to preventing spam users, there is a script called Bad Behaviour which is a PHP-based solution for blocking link spam and the robots which deliver it.
It is highly effective in preventing these robots from ever even getting to your form... I am not aware of anybody that has implemented this in Moodle yet, but it is in use with programs like Wordpress and phpList, and for some people it is blocking hundreds and hundreds of spam robots a day... they never make it to the form, so they can't signup!!
Here's the link:
http://www.bad-behavior.ioerror.us/
Here's the Issue Tracker link if you want to vote for it:
http://tracker.moodle.org/browse/MDL-17162
It is highly effective in preventing these robots from ever even getting to your form... I am not aware of anybody that has implemented this in Moodle yet, but it is in use with programs like Wordpress and phpList, and for some people it is blocking hundreds and hundreds of spam robots a day... they never make it to the form, so they can't signup!!
Here's the link:
http://www.bad-behavior.ioerror.us/
Here's the Issue Tracker link if you want to vote for it:
http://tracker.moodle.org/browse/MDL-17162
I agree bad_behavior is phantastic and one can use it as plugin in Wordpress, Geeklog etc. I use it on all my Geeklog sites and I don`t need captchas at all. It doesn`t phone home and has hardly any false positives. No problem with spam bots.
Hi Marcus,
Great job with the script. Is there a way to make the confirmation mail that is sent to the Admin contains all the fields + custom added fields from the registration form?
Regards,
Igor
Great job with the script. Is there a way to make the confirmation mail that is sent to the Admin contains all the fields + custom added fields from the registration form?
Regards,
Igor
hi marcus
i still not getting any confirmation mail in my admin's inbox ....
what should i do ?
thanks in advance
my email id is
fischer.shail@gmail.com
Is there any way to redirect the user confirmation mail to teacher of that particular course rather than admin?
Thanks in Advance,
Srikanth
Thanks in Advance,
Srikanth
Dear srikanth,
as prev said use this small hack in lib/moodlelib.php.
existing :
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);
modified :
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
if you want to send that to teacher instead of admin,
1. find out the teacher for current course.
by executing this query you can get the email id of the teacher(s).
SELECT u.email
FROM mdl_user u, mdl_role_assignments r, mdl_context cx, mdl_course c
WHERE u.id = $user->id
AND r.contextid = cx.id
AND cx.instanceid = $course->id
AND r.roleid =3
AND cx.contextlevel =50
// whereas
$user and $course are global objects and 3 is the teacher's role id which you can confirm by seeing the role table.
(I am away from my laptop, and as i have all my moodle stuff only in it am not very sure about the above query mappings, let me know if you face problems with the above in getting the teachers email id for current course. )
2. run a for loop for the above number of results and call this with appropriate parameters
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
as prev said use this small hack in lib/moodlelib.php.
existing :
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);
modified :
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
if you want to send that to teacher instead of admin,
1. find out the teacher for current course.
by executing this query you can get the email id of the teacher(s).
SELECT u.email
FROM mdl_user u, mdl_role_assignments r, mdl_context cx, mdl_course c
WHERE u.id = $user->id
AND r.contextid = cx.id
AND cx.instanceid = $course->id
AND r.roleid =3
AND cx.contextlevel =50
// whereas
$user and $course are global objects and 3 is the teacher's role id which you can confirm by seeing the role table.
(I am away from my laptop, and as i have all my moodle stuff only in it am not very sure about the above query mappings, let me know if you face problems with the above in getting the teachers email id for current course. )
2. run a for loop for the above number of results and call this with appropriate parameters
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);
I'm not into coding as much !! Could you please help me doing all these things by coding a file and attaching here !!
Happy Independence day !!
Thanks in Advance,
Srikanth
Happy Independence day !!
Thanks in Advance,
Srikanth
Hi,
I've applied this script to my site, but I don't receive any emails to my admin email from the script, the users are just added as unconfirmed to the system. Any idea?
I've applied this script to my site, but I don't receive any emails to my admin email from the script, the users are just added as unconfirmed to the system. Any idea?
I run a Moodle site for a high school and we use email self-registration for creating some of our accounts. We have had our share of spam accounts show up, but recently I started using the reCAPTCHA feature to help manage account creation. I'm a little puzzled not to see it mentioned in this discussion. So far it seems to have eliminated bogus accounts for us. Is there some weakness in this method that I just haven't seen yet? I know it doesn't address personal oversight of account creation by an admin, but it does seem to provide a fine enough filter to keep out the bad activity, at least so far.
I have this checked in my email self reg but it is not showing up in the window when people register.
Also, I can't tell in my user list who needs to be confirmed.
Thanks Tim B.
Hello,
I recently put most of the requests into a plugin. It has not been approved yet, but the source can be found here:
https://github.com/hrimhari/moodle-auth_emailadmin
I prefered to do it as a plug-in instead of a hack because I wanted it to be easily ported to new versions and allow people to use it and contribute to it.
It does the following:
- Tells the user (on Moodle) that his accound is pending confirmation by the admin.
- Sends a customizable confirmation message to the admin with the user's details so that the admin can verify it and confirm it without having to browse through Moodle.
- When the admin confirms the user, a customizable welcome message is sent to the user.
Hope that helps.
Felipe
Felipe, this is really cool. I've posted a comment here: http://tracker.moodle.org/browse/CONTRIB-1444
Personally, I'd like the confirmation need to be optional, and able ot be switched on and off. ie in some cases, all I want to know is that people have self registered in two ways: e-mail, and in some sort of dashboard.
And, wll done for not doing this as a hack.
-Derek
Looks promising.
Who gets the intial email? Is it admins? If so, it would be great if this could be more specific, similar to the Request course configuration.
Hi Ray,
Yes, the purpose of this plugin is to have the admin confirm the account instead of the user, so it's the admin who receives the initial email.
What do you mean by being more specific?
Best regards,
Felipe
Hi,
As specific user or users assigned to another role (often there is a specific role for this type of user management task).
The Request course interface is a good example of this /admin/settings.php?section=courserequest
Hey Derek,
If all you want is to be notified of the account creation, you should take a look at Itamar's plug-in here:
https://moodle.org/plugins/view.php?plugin=local_messageprovider
I believe you can use it along with the default email-based self-registration so the user will confirm his own account and you (as admin) will be notified of it.
Best regards,
Felipe
Hello Felipe,
Thank you for this...it is great. It is working for me except that the user doesn't get an email when I confirm from the user admin area. Only when I click on the link in the email.
Is this a limitation of the plugin or is there some configuration needed on my end.
Thanks very much!
Hi Patrick,
It's kind of a limitation. The link goes through the plug-in, while the user admin just changes the account status in the database.
I'll add this info to the download page.
Best regards,
Felipe
That's what I was waiting for so long. Well, I installed it and tested and it works as it should, no errors. But now, something bugs me, why nobody is mentioning it. I really thought it is a uniquely important feature and now nobody cares about it and it is not even in the official plugin database. Is there something wrong with that?
@Felipe: Have you submitted this for consideration in the official plugin database? You post above hints that you may have.
See today's comment by Anthony.
-Derek
Derek - Just an update that I did find the plugin that was submitted - https://moodle.org/plugins/view.php?plugin=auth_emailadmin - and there are a few minor issues that I would like to see cleaned up before we make it available to the larger Moodle community via Moodle plugins. So currently it is sitting with the plugins that need some more work prior to approval. Hopefully Felipe will be willing/able to make the fixes and upload a new version for review. Peace - Anthony
Hi, the url you gave does not allow axcces. Do you have a plugin for "approving self registrations"? I really need this feature.
Hi all,
I thought you might like to know that the plug-in is now available:
https://moodle.org/plugins/view.php?plugin=auth_emailadmin
Best regards,
Felipe
Will this plugin work in version 2.5?
Is there a way of creating multi-language email responses based on the users's language interface selection?