Hi everyone!

I wonder nobody was asking before. I need a double-opt-in registration process including the email-activation-link within the confirmation email. So the registration proccess will be only completed after clicking that link.

So is there solution out yet or a module or a tutorial? Till now I found nothing about that.

Don't ask why I need especally that thing. It's allabout justice.




federico’s picture


Tshering’s picture


player_’s picture


rubstar’s picture

I don't have a module or a tutorial but i made something like this for a non-drupal site before. What i did [very short version]:

- I made a members database with a row called activated, and a row called activation key
- Newly registered people will be placed in the members database but with activated = 0, and a activation key
- Send a mail to the newly registered user with their activation key as a link http://www.example.com/register/add/unique_key
- Once they visit the link the members database gets updated with activated = 1 and the activation key would be removed.
- Users without activated = 0 have no permissions, and would be removed within 24 hours.

I am new to Drupal so i have no idea how to implement this in Drupal.

lyricnz’s picture

Um, what am I missing here? Drupal will use the activation-link method by default. See the settings at admin/user/settings

"Require e-mail verification when a visitor creates an account"

You can also remove the password from their email, if that's what bugs you. What is it not doing, that you require?

tomotomo’s picture

The problem is the account is active without requiring the user click on a special link in the email.

My blog on Drupal/Vietnam: Saigonist
Twitter: @tomosaigon / @tomodrupal

federico’s picture

Yes, I think 99% of my "users" never validate their accounts, nor do anything else on my site than "registering". This causes my users table to go big.

white_pawn’s picture

Any news on this?

fonant’s picture

The LoginToboggan module can do this. It makes use of an additional role for "Non-authenticated" users, and modifies the Content Access workings so this new role doesn't inherit any permissions from the anonymous or authenticated user roles. Typically you'd grant the same permissions to the anonymous and "non-authenticated" roles.

http://www.fonant.com - Fonant Ltd - Quality websites