Authentication

Admin approving self registrations?

 
 
Picture of Sam Norman
Admin approving self registrations?
 
Hi there,

I am in the process of setting up moodle for a youth organisation.

What I am wanting is to use the email based self registration for users outside the organisation (members have a username manually setup as we have other systems that use the same usernames) but have the administrators approve the account of the non-member.

We want this to avoid fake and nuisance accounts.

On further thought, is it possible to have the non-member confirm their email but not have access until an admin has approved their account?

Thanks in advance for any help,

Sam.


 
Average of ratings:Useful (1)
Picture of Sherry Brown
Re: Admin approving self registrations?
 
Sam --

This advice appears several times in similar requests but it only notifies the Admin about the account creation; the user still receives the confirmation e-mail and can access the site.
For me this was close but no cigar.

I needed *account approval* before the user gains access. Being adventurous, I created a dummy user with working e-mail address to test this out.

I changed this:
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);

To this:
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);

Checking the dummy's e-mail - none. Checking my support user's e-mail, I have the confirmation e-mail that the user would normally receive. Checking the list of user accounts (as Admin on the site), there is link to confirm the account (edit/delete/confirm). Once this is done the support user can forward the e-mail to the new user (but the account is already approved).

FYI, I am on 1.9.1+; the line is #4339. Your mileage (and mine) may vary. If there are issues with this, I hope the Moodle gurus will let us know!
 
Average of ratings:Useful (1)
Picture of Greg Wathke
Re: Admin approving self registrations?
 
I also wanted to setup a similar account creation method - in effect having the user "request" an account, but require the Admin to actually approve it. After much searching of the forums, I was not able to find a solution that accomplished what I wanted.

I wanted it to be clear to the user that they are requesting an account that will still need to be approved before they can access the system. Ultimately, I decided to write a script that uses the same form as e-mail self-registration (so I get the data validation, acceptance of site policy, etc.). Once the form is completed, and the Request Account button is clicked, an e-mail is sent to the site administrator notifying of the request. The Administrator is then responsible for confirming the account and notifying the user of the activation. (This script does not require any changes to the Moodle scripts.)

The end result is not significantly different than the solution that Sherry posted, but gave me the ability make the fact that this is an account "request" clear, as well as control the format of the e-mail that is sent to the Administrator. I have no doubt that this could be improved upon, but it is meeting my needs for now.

 
Average of ratings: -
Amanda Hefner
Re: Admin approving self registrations?
 
Hi Greg,
This sounds like a great solution. Do you intend to share it with the community?
I think there are several of us still looking for this.

Thanks!
~Amanda
 
Average of ratings: -
Picture of Greg Wathke
Re: Admin approving self registrations?
 
Amanda -
I am very much willing to share this with anyone who may be interested. Ultimately, I think what Anthony is proposing is a much better solution. But if you want an interim option, here are the files and some basic instructions.

INSTRUCTIONS

  1. Copy the files request.php and request_form.php to <moodle home>/login/ directory
  2. In Moodle, go to the Users-Authentication-Manage Authentication screen
  • Verify that 'Email-based self-registration' is enabled. (This is necessary so that any previously created self-registered users can still login)
  • Set 'Self registration' to 'Disable'
  • Add custom instructions to the Instruction box, making sure to include a link to the request.php file. For example:

Hi! For full access to courses you'll need to take a minute to request a new account for yourself on this web site. Each of the individual courses may also have a one-time "enrolment key", which you won't need until later. Here are the steps:
  1. Fill in the <a href="../login/request.php">Request Account</a> form with your details.
  2. The system administrator will be notified of your request.
  3. The administrator will notify you by email when your new account has been confirmed.
  4. Use the username and password you selected to log in to the system.
  5. Now, select the course you want to participate in.
  6. If you are prompted for an "enrolment key" - use the one that your teacher has given you. This will "enrol" you in the course.
  7. You can now access the full course. From now on you will only need to enter your personal username and password (in the form on this page) to log in and access any course you have enrolled in.

Notes:
New account requests are sent to the email address that is defined for the admin account. When a user submits the Request Account form, the account is created in Moodle as a Manual Account. This account must then be confirmed by an administrator before the user can log in. Though certainly not necessary, it also may be helpful to add a "Reason for account" field to the form.
 
Average of ratings:Useful (4)
Picture of Michael Buchanan
Re: Admin approving self registrations?
 
Can you tell me (or point me in the right direction) how to add the "Reason for account" field?

Thanks!

Mike
 
Average of ratings: -
Picture of Greg Wathke
Re: Admin approving self registrations?
 
Mike,
You can add a "Reason for account" by adding a new user profile field. In the Site Administration block, click Users - Accounts - User profile fields. Click the drop-down for Create a new profile field and select Text Area. Here are some settings I used, but you can customize this to fit your needs.

Short name: accountreason
Name: Reason for Account
Description of field: Reason for Account
Field required: No
Field locked: No
Should data be unique: No
Display on signup page: Yes
Visible to: Visible to User
Category: Other fields

Click the Save Changes button, and you will have the field on your sign-up form.

Hope this helps,
Greg
 
Average of ratings: -
Picture of Michael Buchanan
Re: Admin approving self registrations?
 
Thanks Greg, that worked in creating the form but the data from the new fields I created do not get passed through to the email which gets sent to the administrator. I tried modifying the request.php to add the shortnames of the new fields so that they would get passed but that did not work.

Also before I received your answer, I had tried modifying the request.php and request_form.php to put in the additional fields and got it all to work correctly except that the new fields have 2 square brackets on each side.

Here is what I added to request_form.php

$mform->addElement('text', 'reason', get_string('Reason for Registering'), 'maxlength="100" size="40"');
$mform->setType('reason', PARAM_NOTAGS);
$mform->addRule('reason', get_string('missingreason'), 'Notrequired', null, 'server');

Is there a way to get rid of the brackets? Or going back to your solution, what do I need to do to get the new field's values passed on in the email?

Thanks again,

Mike


 
Average of ratings: -
Picture of Michael Buchanan
Re: Admin approving self registrations?
 
Our host provider placed the request.php and request_form.php into the public_html/login folder.

When I try to access request.php, I get the following message:

Call to undefined function: profile_signup_fields() in /home/distant/public_html/login/request_form.php on line 87

Should these files have been put into the moodle/login folder?
 
Average of ratings: -
Picture of Greg Wathke
Re: Admin approving self registrations?
 
Mike,
You are correct - they need to be in the moodle/login directory. There are a number of lines of code that assume this directory placement.

Hope this helps,
Greg
 
Average of ratings: -
Picture of Tamara McIntosh
Re: Admin approving self registrations?
 
Found it! /public_html/lang/en_utf8/moodle.php

Thanks again.
T
 
Average of ratings: -
Picture of shailesh jai
Re: Admin approving self registrations?
 

hi greg,

i got this error

Incorrect sesskey submitted, form not accepted!

now what should i do ?

thnx for your help in advance

 
Average of ratings: -
Picture of Rambabu Dola
Re: Admin approving self registrations?
 
Hi Greg,

I'm sure someone must have had this problem and tackled it - but I haven't been able to find a solution yet.

I have added one filed to user profile, but my requirement is i have to add one anchor link beside that newly added filed, can you pls tell me how to add anchor link.

Thanks
Rambabu
 
Average of ratings: -
Picture of Ihsan Raharjo
Re: Admin approving self registrations?
 

How can I add custom instructions to the Instruction box? and what is the content of request.php?

Thanks.

 
Average of ratings: -
Picture of Greg Wathke
Re: Admin approving self registrations?
 

Hi Ihsan,

You can add custom instructions by going to Site Administration-Users-Authentication-Manage Authentication.  On this page you will find an Instruction box where you can add the custom instructions.

As to the contents of the request.php file, you can take a look at it by opening it in a text editor.  It's been a while since I worked on that file, but if I am remembering correctly, I based it off the general logic of the signup.php file that is part of Moodle 1.9.

I hope this helps,
Greg

 
Average of ratings: -
Picture of Bonnie Thurber
Re: Admin approving self registrations?
 

Thank you very much! This is exactally what I have been looking for.

 

Bonnie Thurber

 
Average of ratings: -
Picture of Andreas Stangl
Re: Admin approving self registrations?
 

Hi, as your php scripts are no longer compatible with Moodle v2 I made some small changes to them.


Now the module can be used with Moodle 2.0.x

 
A photo of Elia Contini
Re: Admin approving self registrations?
 

Hi,

I'm using the version 2 of Request Form on moodle 2.0.2, but I have a problem: when the admin confirms the user, the user does not receive any confirmation email.

I'm sure that the email settings are correct because when the user asks for an account, the admin receives the notification email.

Any idea about a possible solution?

Thanks in advance

 
Average of ratings: -
Picture of L Robinson
Re: Admin approving self registrations?
 

I have been using teh code changes proposed in this exchange to the confirm.php to allow admin approval of self registrations.  Does this package provide that same functionality?  If so where do these 2 files need to be placed?  I couldn't find comparable in my Moodle 2.1 install.  Thanks for any assistance.

 
Average of ratings: -
Also me
Re: Admin approving self registrations?
 

Doh!

I was in the early stages of testing this and it worked great. We upgraded to 2.4 stable yesterday and all I get now is a blank page sad

I've had a look at the code but I'm not up to the job. Is there anyone out there can make the revisions necessary?

Cheers, Sam.

 
Average of ratings: -
Picture of Nyle Landas
Re: Admin approving self registrations?
 

Great script thanks for sharing it. I have it set up and it works fine in Internet Explorer but for some reason the captcha doesnt show up in Firefox 6. I've downloaded some older portable Firefox versions to try it in those. Any ideas?

I've been able to successfully send requests several times with IE and captcha but Firfox just says reCaptcha ? without showing the images and prompting for them. Any help is greatly appreciate - we have many users on Firefox.

 

Edit: It did not work in Firefox 3.6 either. I'm on 1.9.11 and have curl, etc. and all other required env items. As I mention it's working on IE. Cookies are allowed for my site and I don't see any images being blocked in Firefox. I am at a loss - help please friendly Moodle denizens.

Edit2: I read online that sometimes the recaptcha's code placement can affect Firefox. This code is inside the form. I've attached the code returned in the page source and it appears to have everything it needs but must be Firefox doesn't like the html layout.

Picture of Nyle Landas
Re: Admin approving self registrations?
 

Ok, this wouldn't just affect Firefox - though that is the behavior. The URL for secure captcha has changed to a google address. The old address doesn't work correctly for everyone now. This afects all versions of Moodle prior to a version of 2.0.

The fix is descviber in this post. You can fix it manually or there is a patch, which is also listed in the post.

I changed the file and my captcha is working fine now.

 
Average of ratings: -
Picture of Nick Tomlin
Re: Admin approving self registrations?
 

Great solution, Greg! Thanks for this! 

Unfortunately I'm running into an issue regarding the expiration of the user signups. I am the administrator of the site, but my director wants to approve everyone that registers first ( it's complicated, best not to ask : ). We were both away for the holidays, and had 10 registrations expire. Is there anyway to increase the time that Moodle will keep the registrations active?  

 
Average of ratings: -
Picture of Nigel Mitchell
Re: Admin approving self registrations?
 

Hi Nick,

If you go to ite Administration->Server->Cleanup-> you can change the setting for automatic deletion of incomplete (ie unconfirmed) accounts. There are various options from 1 hour up to seven days, and the next one after that is "Never".

cheers

Nigel

 
Average of ratings: -
Picture of Tamara McIntosh
Re: Admin approving self registrations?
 
Thank you Greg for this it is exactly what I was looking for.

I fear this forum may be in active but I need your help.

I have uploaded the PHP files and everything is running smoothly. However, I would like to change the message that a user receives when they try to log in before they are approved. I have looked through dozens of PHP files and cannot find where I change it.

Currently the message is displayed as:

You need to confirm your login

An email should have been sent to your address at usersemail@someaddress

It contains easy instructions to complete your registration.

If you continue to have difficulty, contact the site administrator.

http://xxx/login/index.php


If anyone can assist me I will be forever grateful

T



 
Average of ratings: -
Anthony Borrow
Re: Admin approving self registrations?
Group DevelopersGroup Moodle HQGroup Plugins guardiansGroup Testers
Sherry - This seems like an interesting and simple option for self-registration. The problem I see with your solution is that the email does not in fact actually get confirmed. Instead it relies on the admin recognizing the email address. What I would advocate for is for an option to have a double-confirmation. First the user has to confirm the email address and then they are notified that the system administrator will have to confirm their registration. Upon confirmation the user receives a notice that the account is confirmed and ready to use. I think it would be helpful also to specify the email address that the admin wants to use. I have added MDL-15636 to the tracker. If you are interested in this feature you can watch and/or vote for the issue there. I do think this option would represent a convenient combination of allowing users to create their accounts but allowing the site administrator to control who ultimately is allowed on the site. Peace - Anthony

 
Average of ratings:Useful (2)
Picture of Jonathan Moore
Re: Admin approving self registrations?
Group Developers
Anthony, thanks for setting this up in the tracker. I get asked about this fairly often, so I went over to the tracker and added my vote smile.

 
Average of ratings: -
Picture of Marcus Schürstedt
Re: Admin approving self registrations?
 
Here is another quick and dirty solution:

I renamed the confirm.php in the login directory to confirm_org.php

and replaced it with a custom confirm.php to re-send the confirmation link to the admin. The admin gets a modified message with the user e-mail address, so it is easy to acitivate the account via the link and forward the user an email, that the account is activated now.

The result is:
  • User self registers as usual
  • User receives his/her confirmation e-mail and clicks on the link
  • User receives a message, that the confirmation is routed to the admin
  • and admin receives an email with the original activation link of the user
  • admin uses above link to activate user
  • admin sends email to user, that he/she is activated now
Attached is my confirm.php script (you can find the text changes very easily in the code - they are marked as you might change the text here: - I do not use Moodles string library, so no translations etc. for the messages - just change them in the code wink.

Rename the original confirm.php to confirm_org.php (or even use another name and change this in the changed script).

Hope this helps someone until an official solution is available.



 
Average of ratings: -
Picture of Christina Hum
Re: Admin approving self registrations?
 
Thanks for posting a solution here. This is a great and simple solution I could implement.
 
Average of ratings: -
Picture of ArVee Gee
Re: Admin approving self registrations?
 
Thanks ... this worked. smile
 
Average of ratings: -
Martin in black and white
Re: Admin approving self registrations?
Group DevelopersGroup Documentation writersGroup Moodle HQGroup Particularly helpful MoodlersGroup Testers
Marcus, how has this worked in practice? Is the admin able to identify real users vs spammers?
 
Average of ratings: -
Picture of jeff sherk
Re: Admin approving self registrations?
 
Just as another possible solution to preventing spam users, there is a script called Bad Behaviour which is a PHP-based solution for blocking link spam and the robots which deliver it.

It is highly effective in preventing these robots from ever even getting to your form... I am not aware of anybody that has implemented this in Moodle yet, but it is in use with programs like Wordpress and phpList, and for some people it is blocking hundreds and hundreds of spam robots a day... they never make it to the form, so they can't signup!!

Here's the link:
http://www.bad-behavior.ioerror.us/

Here's the Issue Tracker link if you want to vote for it:
http://tracker.moodle.org/browse/MDL-17162


 
Average of ratings:Useful (1)
Picture of Markus www
Re: Admin approving self registrations?
 
I agree bad_behavior is phantastic and one can use it as plugin in Wordpress, Geeklog etc. I use it on all my Geeklog sites and I don`t need captchas at all. It doesn`t phone home and has hardly any false positives. No problem with spam bots.
 
Average of ratings: -
Picture of Igor Mitev
Re: Admin approving self registrations?
 
Hi Marcus,

Great job with the script. Is there a way to make the confirmation mail that is sent to the Admin contains all the fields + custom added fields from the registration form?

Regards,
Igor
 
Average of ratings: -
Picture of shailesh jai
Re: Admin approving self registrations?
 

hi marcus

i still not getting any confirmation mail in my admin's inbox ....

what should i do ?

thanks in advance

my email id is

fischer.shail@gmail.com

 
Average of ratings: -
Picture of sri kanth
Re: Admin approving self registrations?
 
Is there any way to redirect the user confirmation mail to teacher of that particular course rather than admin?


Thanks in Advance,
Srikanth
 
Average of ratings: -
Picture of Ravishankar Somasundaram
Re: Admin approving self registrations?
 
Dear srikanth,

as prev said use this small hack in lib/moodlelib.php.

existing :
return email_to_user($user, $supportuser, $subject, $message, $messagehtml);

modified :
return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);


if you want to send that to teacher instead of admin,

1. find out the teacher for current course.

by executing this query you can get the email id of the teacher(s).

SELECT u.email
FROM mdl_user u, mdl_role_assignments r, mdl_context cx, mdl_course c
WHERE u.id = $user->id
AND r.contextid = cx.id
AND cx.instanceid = $course->id
AND r.roleid =3
AND cx.contextlevel =50

// whereas
$user and $course are global objects and 3 is the teacher's role id which you can confirm by seeing the role table.
(I am away from my laptop, and as i have all my moodle stuff only in it am not very sure about the above query mappings, let me know if you face problems with the above in getting the teachers email id for current course. )

2. run a for loop for the above number of results and call this with appropriate parameters

return email_to_user($supportuser, $supportuser, $subject, $message, $messagehtml);



 
Average of ratings:Useful (1)
Picture of sri kanth
Re: Admin approving self registrations?
 
I'm not into coding as much !! Could you please help me doing all these things by coding a file and attaching here !!

Happy Independence day !!


Thanks in Advance,
Srikanth
 
Average of ratings: -
Picture of Aleksi Kallio
Re: Admin approving self registrations?
 
Hi,

I've applied this script to my site, but I don't receive any emails to my admin email from the script, the users are just added as unconfirmed to the system. Any idea?
 
Average of ratings: -
Picture of Doug McGlathery
Re: Admin approving self registrations?
 
I run a Moodle site for a high school and we use email self-registration for creating some of our accounts. We have had our share of spam accounts show up, but recently I started using the reCAPTCHA feature to help manage account creation. I'm a little puzzled not to see it mentioned in this discussion. So far it seems to have eliminated bogus accounts for us. Is there some weakness in this method that I just haven't seen yet? I know it doesn't address personal oversight of account creation by an admin, but it does seem to provide a fine enough filter to keep out the bad activity, at least so far.
 
Average of ratings: -
Picture of Tim Bristol
reCAPTCHA feature
 

I have this checked in my email self reg but it is not showing up in the window when people register.

Also, I can't tell in my user list who needs to be confirmed.

Thanks Tim B.

 
Average of ratings: -
Picture of Felipe Carasso
Hack as a plug-in
 

Hello,

I recently put most of the requests into a plugin. It has not been approved yet, but the source can be found here:

https://github.com/hrimhari/moodle-auth_emailadmin

I prefered to do it as a plug-in instead of a hack because I wanted it to be easily ported to new versions and allow people to use it and contribute to it.

It does the following:

- Tells the user (on Moodle) that his accound is pending confirmation by the admin.

- Sends a customizable confirmation message to the admin with the user's details so that the admin can verify it and confirm it without having to browse through Moodle.

- When the admin confirms the user, a customizable welcome message is sent to the user.

Hope that helps.

Felipe

 
Average of ratings: -
Just wondering . . .
Re: Hack as a plug-in
Group Particularly helpful Moodlers

Felipe, this is really cool.  I've posted a comment here: http://tracker.moodle.org/browse/CONTRIB-1444

Personally, I'd like the confirmation need to be optional, and able ot be switched on and off.  ie in some cases, all I want to know is that people have self registered in two ways: e-mail, and in some sort of dashboard.

And, wll done for not doing this as a hack.  smile

-Derek

 
Average of ratings: -
Ray Lawrence
Re: Hack as a plug-in
 

Looks promising. smile

Who gets the intial email? Is it admins? If so, it would be great if this could be more specific, similar to the Request course configuration.

 
Average of ratings: -
Picture of Felipe Carasso
Re: Hack as a plug-in
 

Hi Ray,

Yes, the purpose of this plugin is to have the admin confirm the account instead of the user, so it's the admin who receives the initial email.

What do you mean by being more specific?

Best regards,

Felipe

 
Average of ratings: -
Ray Lawrence
Re: Hack as a plug-in
 

Hi,

As specific user or users assigned to another role (often there is a specific role for this type of user management task).

The Request course interface is a good example of this /admin/settings.php?section=courserequest

 
Average of ratings: -
Picture of Felipe Carasso
Re: Hack as a plug-in
 

Hey Derek,

If all you want is to be notified of the account creation, you should take a look at Itamar's plug-in here:

https://moodle.org/plugins/view.php?plugin=local_messageprovider

I believe you can use it along with the default email-based self-registration so the user will confirm his own account and you (as admin) will be notified of it.

Best regards,

Felipe

 
Average of ratings: -
Picture of Patrick Milne
Re: Hack as a plug-in
 

Hello Felipe,

Thank you for this...it is great. It is working for me except that the user doesn't get an email when I confirm from the user admin area. Only when I click on the link in the email.

Is this a limitation of the plugin or is there some configuration needed on my end.

Thanks very much!

 
Average of ratings: -
Picture of Felipe Carasso
Re: Hack as a plug-in
 

Hi Patrick,

It's kind of a limitation. The link goes through the plug-in, while the user admin just changes the account status in the database.

I'll add this info to the download page.

Best regards,

Felipe

 
Average of ratings: -
Picture of Marcin Stanowski
Odp: Hack as a plug-in
 

That's what I was waiting for so long. Well, I installed it and tested and it works as it should, no errors. But now, something bugs me, why nobody is mentioning it. I really thought it is a uniquely important feature and now nobody cares about it and it is not even in the official plugin database. Is there something wrong with that?

 
Average of ratings: -
Just wondering . . .
Re: Odp: Hack as a plug-in
Group Particularly helpful Moodlers

@Felipe: Have you submitted this for consideration in the official plugin database?  You post above hints that you may have.

See today's comment by Anthony.

-Derek

 
Average of ratings: -
Anthony Borrow
Re: Odp: Hack as a plug-in
Group DevelopersGroup Moodle HQGroup Plugins guardiansGroup Testers

Derek - Just an update that I did find the plugin that was submitted - https://moodle.org/plugins/view.php?plugin=auth_emailadmin - and there are a few minor issues that I would like to see cleaned up before we make it available to the larger Moodle community via Moodle plugins. So currently it is sitting with the plugins that need some more work prior to approval. Hopefully Felipe will be willing/able to make the fixes and upload a new version for review. Peace - Anthony

 
Average of ratings: -
Picture of Eliyahu Mitterhoff
Re: Odp: Hack as a plug-in
 

Hi, the url you gave does not allow axcces. Do you have a plugin for "approving self registrations"? I really need this feature.

 
Average of ratings: -
Picture of Felipe Carasso
Re: Odp: Hack as a plug-in
 

Hi all,

I thought you might like to know that the plug-in is now available:

https://moodle.org/plugins/view.php?plugin=auth_emailadmin

Best regards,

Felipe

 
Average of ratings: -
Picture of John Smith
Re: Odp: Hack as a plug-in
 

Will this plugin work in version 2.5?

 
Average of ratings: -
Picture of John Smith
Re: Odp: Hack as a plug-in
 

Is there a way of creating multi-language email responses based on the users's language interface selection?

 
Average of ratings: -