diff --git a/INSTALL.txt b/INSTALL.txt index a9d6474..f37aa35 100644 --- a/INSTALL.txt +++ b/INSTALL.txt @@ -27,7 +27,7 @@ as follows... Change title if required; using can make for a very neat login system, when combined with the javascript functionality: clicking upon "Login/register" reveals the login form in neat sliding fashion. To select this functionality, -select 'Collapsible form' under "Block type". Selecting 'Link' under "Block +select 'Collapsible form' under "Block type". Selecting 'Link' under "Block type" sends user to a login form, returning them to original page after successful login. @@ -49,7 +49,7 @@ CAVEATS: a. Be very careful when editing the 'Non-authenticated role' setting. If you set it to anything other than the 'authenticated user' role, LoginToboggan will happily start deleting any users you have in that - role that were created prior to the purge interval. If you want to + role that were created prior to the purge interval. If you want to avoid problems, it's best to never change that setting after you've initially set it up. diff --git a/README.txt b/README.txt index e8d4c9f..2e39ef7 100755 --- a/README.txt +++ b/README.txt @@ -19,6 +19,6 @@ The Login Toboggan module improves the Drupal login system in an external module (please read the CAVEATS section of INSTALL.txt for important information on configuring this feature!). -Users who choose their own password can be automatically assigned to a selected 'non-authenticated' role. This role could have more permissions than anonymous but less than authenticated - thus preventing spoof accounts and spammers. The user will only be removed from the non-authenticated role and granted authenticated permissions when they verify their account via a special email link, or when an administrator removes them from the non-authenticated role. +Users who choose their own password can be automatically assigned to a selected 'non-authenticated' role. This role could have more permissions than anonymous but less than authenticated - thus preventing spoof accounts and spammers. The user will only be removed from the non-authenticated role and granted authenticated permissions when they verify their account via a special email link, or when an administrator removes them from the non-authenticated role. The module does NOT require any patches to core or other special configurations. diff --git a/UPGRADING.txt b/UPGRADING.txt index 85cd508..f227ca1 100644 --- a/UPGRADING.txt +++ b/UPGRADING.txt @@ -17,5 +17,5 @@ Ex: to have the user visit their edit page, with a final destination of node/foo, you would use: user/%uid/edit?destination=node/foo -3. A new 'Delete unvalidated users after' feature has been added. This feature +3. A new 'Delete unvalidated users after' feature has been added. This feature is handy for automatically cleaning up spam registrations. \ No newline at end of file diff --git a/logintoboggan.install b/logintoboggan.install index b9d6556..c1e4351 100644 --- a/logintoboggan.install +++ b/logintoboggan.install @@ -1,7 +1,7 @@ Because of this change, all unvalidated users on your site now have authenticated user permissions! If you wish to retain the previous functionality, create a new user role with the same access permissions as the anonymous user, and set the logintoboggan pre-auth role to the newly created role. You will also need to manually add any previously unvalidated users to the newly created pre-auth role.'), 'error'); + drupal_set_message(t('Your previous setting for the logintoboggan pre-auth role was the anonymous user role, which is no longer allowed. The pre-auth role has now been set to the authenticated user role for your site. Because of this change, all unvalidated users on your site now have authenticated user permissions! If you wish to retain the previous functionality, create a new user role with the same access permissions as the anonymous user, and set the logintoboggan pre-auth role to the newly created role. You will also need to manually add any previously unvalidated users to the newly created pre-auth role.'), 'error'); } return array(); } @@ -125,7 +125,7 @@ function logintoboggan_update_6000() { 'toboggan_min_pass_length' => 0, ); - // Rename poorly named variables. Note that we're not renaming + // Rename poorly named variables. Note that we're not renaming // 'logintoboggan_immediate_login_on_register' here, as that variable // name is ok. $variables = array( diff --git a/logintoboggan.module b/logintoboggan.module index 3fa34c3..ec2a78b 100755 --- a/logintoboggan.module +++ b/logintoboggan.module @@ -490,7 +490,7 @@ function _logintoboggan_user_roles_alter(&$account) { if ($account->uid && $in_pre_auth_role) { if ($id != DRUPAL_AUTHENTICATED_RID) { unset($account->roles[DRUPAL_AUTHENTICATED_RID]); - // Reset the permissions cache. Since the only + // Reset the permissions cache. Since the only // goal here is to reset the cache, create a // temporary account object for uid 1 -- this // results in no hits on the database. @@ -702,10 +702,10 @@ function logintoboggan_main_settings(&$form_state) { '#type' => 'checkbox', '#title' => t('Set password'), '#default_value' => !variable_get('user_email_verification', TRUE) ? 1 : 0, - '#description' => t("This will allow users to choose their initial password when registering (note that this setting is merely a mirror of the Require e-mail verification when a visitor creates an account setting, and is merely here for convenience). If selected, users will be assigned to the role below. They will not be assigned to the 'authenticated user' role until they confirm their e-mail address by following the link in their registration e-mail. It is HIGHLY recommended that you set up a 'pre-authorized' role with limited permissions for this purpose.
NOTE: If you enable this feature, you should edit the Welcome, no approval required text.", array('!settings' => url('admin/user/settings'))) . $help_text, + '#description' => t("This will allow users to choose their initial password when registering (note that this setting is merely a mirror of the Require e-mail verification when a visitor creates an account setting, and is merely here for convenience). If selected, users will be assigned to the role below. They will not be assigned to the 'authenticated user' role until they confirm their e-mail address by following the link in their registration e-mail. It is HIGHLY recommended that you set up a 'pre-authorized' role with limited permissions for this purpose.
NOTE: If you enable this feature, you should edit the Welcome, no approval required text.", array('!settings' => url('admin/user/settings'))) . $help_text, ); - // Grab the roles that can be used for pre-auth. Remove the anon role, as it's not a valid choice. + // Grab the roles that can be used for pre-auth. Remove the anon role, as it's not a valid choice. $roles = user_roles(1); $form ['registration']['logintoboggan_pre_auth_role'] = array( @@ -829,7 +829,7 @@ function logintoboggan_denied() { menu_set_active_item('user'); $return = menu_execute_active_handler(); drupal_set_title(t('Access Denied / User Login')); - drupal_set_message(t('Access denied. You may need to login below or register to access this page.'), 'error'); + drupal_set_message(t('Access denied. You may need to login below or register to access this page.'), 'error'); } else { drupal_set_title(t('Access Denied')); @@ -1133,7 +1133,7 @@ function logintoboggan_user($op, &$edit, &$user_edit, $category = NULL) { $pre_auth = !variable_get('user_email_verification', TRUE) && $validating_id != DRUPAL_AUTHENTICATED_RID; if ($pre_auth) { // Check to see if an admin has manually removed the pre-auth role from - // the user. If so, send the account activation email. + // the user. If so, send the account activation email. // The logic here is a bit funky, but necessary because we have no way // of knowing if a missing $edit['roles'][$validating_id] is because // the pre-auth role was disabled on this page save or a previous save. @@ -1219,7 +1219,7 @@ function logintoboggan_site_403_validate($form, &$form_state) { } /** - * Flips the value of the user_email_settings variable. This setting is less confusing when it works the opposite + * Flips the value of the user_email_settings variable. This setting is less confusing when it works the opposite * of it's current core behavior. */ function logintoboggan_flip_user_email_verification($form, &$form_state) { @@ -1236,7 +1236,7 @@ function logintoboggan_flip_user_email_verification($form, &$form_state) { * @see drupal_mail() * * @param $op - * The operation being performed on the account. Possible values: + * The operation being performed on the account. Possible values: * 'register_admin_created': Welcome message for user created by the admin * 'register_no_approval_required': Welcome message when user self-registers * 'register_pending_approval': Welcome message, user pending admin approval @@ -1246,7 +1246,7 @@ function logintoboggan_flip_user_email_verification($form, &$form_state) { * 'status_deleted': Account deleted * * @param $account - * The user object of the account being notified. Must contain at + * The user object of the account being notified. Must contain at * least the fields 'uid', 'name', and 'mail'. * @param $login_url * The custom !login_url setting. User default is used if none is provided. @@ -1296,7 +1296,7 @@ function logintoboggan_mail($key, &$message, $params) { $message['subject'] .= t("(!site) Account application for !username", $variables, $langcode); $reg_pass_set = !variable_get('user_email_verification', TRUE); if ($reg_pass_set) { - $message['body'][] = t("!username has applied for an account, and has automatically received the permissions of the LoginToboggan validating role. To give the user full site permissions, click the link below:\n\n!validating_url\n\nAlternatively, you may visit their user account listed below and remove them from the validating role.\n\n!edit_uri", $variables, $langcode); + $message['body'][] = t("!username has applied for an account, and has automatically received the permissions of the LoginToboggan validating role. To give the user full site permissions, click the link below:\n\n!validating_url\n\nAlternatively, you may visit their user account listed below and remove them from the validating role.\n\n!edit_uri", $variables, $langcode); } else { $message['body'][] = t("!username has applied for an account.\n\n!edit_uri", $variables, $langcode);