29 July 2009, 16:24

Hello,

I'm trying to make a user's email be a valid input upon logging in.  Right now it only accepts the username they provided upon registration.  I've been looking through the auth/lib and determining how the function "authenticate_user_account" works.  However, I have not had luck in determining where it looks in the database to check the username.....i would like to it to also allow login if that person uses their email they provided upon registration.

Thankyou for your input.

Mike

29 July 2009, 19:07

Hi - you might need to change the 'login' method on the user class - see auth/user.php. You may need to make other changes based on that, but it should give you a starting point. You probably want to change the query to look for LOWER(email) as well as/instead of LOWER(username).

18 August 2009, 3:09

I was able to make the email and password combination work for logging in. I'll have to get back to you on exactly what changes I made, though, if you still need the info. I know it was really easy. 

I've pretty much eliminated the username field almost completely, because it is just another bit of somewhat useless information that users need to remember.  I only use the username field if the user wants a public profile with a username as the address (http://profiles.maharasite.com/username). Situations where Mahara is used with another package that relies on usernames is pretty much the only reason why to keep them as a required field, in my opinion.

18 August 2009, 18:55

Yeah, your thinking is in alignment with ours on this, actually. If you have any patches you could send in regarding this, we'd be most grateful .

One day we're going to do a proper dispatcher too, so example.org/username will work. That's a bit more work though, if we want the URLs to show up nicely everywhere. 

19 August 2009, 0:36

I just modified the htaccess file and added:

RewriteEngine On
RewriteRule ^/?([a-zA-Z0-9_-]+)$ http://www.mydomain.com/user/view.php?username=$1 [P=301,L] 

Any characters A-Z, a-z, 0-9, dash, and underscore with no file extension are considered the username.  I was doing this on my profiles subdomain, but I just changed my htaccess on the primary domain and it seems to work fine provided that a trailing slash is always added when navigating to a directory (like admin for example). The P in [P=301,L] specifies that it's a proxy and doesn't change the address bar in the browser.

Then in user/view.php I just had it look for the username variable from the url and if found, query the database for the userid and continue on from there. 

In total, it was probably only 8 lines of code including the two lines in the htaccess file.

19 August 2009, 2:51

Thanks for this. Two lines to .htaccess and now users have a 'pretty permalink' to their portfolio profile. We're evaluating Mahara (I like it!) right now and it was first on my list of things to ask about.

http://portfolios.lincoln.ac.uk/josswinn

From what I understand, the nice thing about this quick fix, is that if changes are made in core to perform the same function, I can just remove the two lines from .htaccess and it's business as usual.

19 August 2009, 5:33

You still have to modify your user/view.php file. Otherwise, it won't work.

Here are the changes I made...

Open user/view.php and change:

$loggedinid = $USER->get('id');
if (!empty($loggedinid)) {
    $userid = param_integer('id', $loggedinid);
}
else {
    $userid = param_integer('id');
}
if ($userid == 0) {
    redirect();
}

to:

$userid = NULL;
$loggedinid = $USER->get('id');
$username = param_variable('username', NULL);

// If the profile view is called by the username, rather than id, look up the id
if (!empty($username)){
 $userid = get_field('usr', 'id', 'username', strtolower($username));
} else {
 if (!empty($loggedinid)) {
  $userid = param_integer('id', $loggedinid);
 }
 else {
  $userid = param_integer('id', 0);
 }
}
if ($userid == 0 || empty($userid)) {
 redirect(get_config('wwwroot') . 'user/find.php');
}

This accomplishes several things. First, it will accept either the username or the user's id when trying to view their profile.  Second, the "Mahara: Invalid Parameter" error message is gone if the id isn't supplied. Third, if the username or id is incorrect, it redirects you to the user/find.php page.

That should be it. I don't think I had to modify anything else to get it work.

19 August 2009, 5:45

Also, while I haven't tried it yet, this would also be a good feature to implement for blogs, making their addresses search engine friendly.  I haven't gotten to the point of working on the blogs yet. It's on my list of things to do.

19 August 2009, 20:02

Hi - there isn't much point in doing it for blogs, as they're private to the user and can't be indexed by search engines. User pages make sense though.

Of course, if you're hacking Mahara to make them visible, then that point doesn't apply  

19 August 2009, 21:10

Like I said, I haven't messed with the blogs, yet.  But, since you have informed me that Mahara blogs are private, then yes, I will have to hack the code to make the optionally visible. Blogs are a great way to drive traffic. People using Mahara in an educational setting probably wouldn't care about that. Since I'm using it for a public social network, that's another story. :)