A site visitor can register and create his own account by clicking on the Create an Account link on the Login Form.. Using the Login module The Login module contains several elements: Th
Trang 1Blocking users
The Super Administrator can block the access of any user If you have a problem user or you sim-ply need to shut down an account temporarily, blocking access is the only certain way of keeping the user out of the system
Note
Blocking a user only denies the user access to their account; it does not prevent them from visiting or viewing the site.
To block access, follow these steps:
1 Access the User Manager.
2 Click on the user’s name to open the Edit User dialogue.
3 Beside the field Block User, click the option Yes.
4 Click either the Save or the Apply icon.
Blocking a user does not delete the user’s account If the issue with the user is resolved, the Super Administrator need only change the option Block User back to No, and the user’s account becomes fully active
Caution
Blocking a user effectively can be difficult if your site allows user registration, because blocking one account does not prevent the user from obtaining a new account by re-registering under a new name or e-mail address.
Creating User Registration
By default, user registration is active in the Joomla! system A site visitor can register and create his own account by clicking on the Create an Account link on the Login Form You can use alterna-tives to the default approach, however The User Registration settings can be manipulated by the administrator via the Global Configuration Manager
Using the Login module
The Login module contains several elements: The login form itself, links to the Username
Reminder and Password Reset functions, and a link to the Create an Account function The latter is optional and can be de-activated, depending upon the settings in your Global Configuration Manager Note the links below the form in the image, shown in Figure 10.6
Trang 2FIGURE 10.6
The Default Login Form module
Configuring user registration
Although your Joomla! site has User Registration enabled by default, you can use several possible alternative settings The default setting allows casual visitors to register, but access to the site is not automatic After the user registers, the system sends a confirmation e-mail to the address entered during the registration process The new user must then click on a link in that confirmation e-mail
to validate and activate the account Only after successful validation will the username and pass-word grant access to the site
By coupling the self-registration process with a validation procedure, site security is enhanced The confirmation e-mail process helps protect you from automated registration routines, or from peo-ple who try to register without giving a valid e-mail address The default approach to user registra-tion is commonly used and for many sites it is sufficient However, if you are concerned about automated bots or spammers setting up accounts on your site, you should require a more rigorous registration process It is possible to configure the site to use either more secure or less secure approaches to the registration process
Trang 3To create a more secure registration process, you can remove the possibility that a user can create a new account without action on the part of the administrator You can do this by completely dis-abling the ability of users to register on the site Though more secure, this approach is also more inconvenient because you must rely solely upon a Super Administrator to create new accounts
To disable front-end user registration, follow these steps:
1 Log in to the back-end admin system.
2 Access the Global Configuration Manager by clicking the Global Configuration icon
on the Control Panel, or by clicking the option Global Configuration on the Site menu The Global Configuration Manager loads in your browser window.
3 On the Global Configuration Manager, click the System tab After you click, the tab
comes to the front
4 In the section labeled User Settings, change the setting labeled Allow User
Registration from Yes to No.
5 Click the Save icon on the toolbar when you are finished.
If, on the other hand, you feel that your site can operate safely with a less secure user registration process, you can allow user registration without the need for the user to first receive and click on
a link in a validation e-mail; this approach allows the user to access the site immediately after registration
To enable registration without confirmation, follow these steps:
1 Log in to the back-end admin system.
2 Access the Global Configuration Manager by clicking the Global Configuration icon
on the Control Panel, or by clicking the option Global Configuration on the Site menu After you click, the Global Configuration Manager loads in your browser window.
3 On the Global Configuration Manager, click the System tab.
After you click, the tab comes to the front
4 In the section labeled User Settings, change the control labeled New User Account
Activation from Yes to No.
5 Click the Save icon on the toolbar when you are finished.
The Username Reminder function
As a convenience to users, Joomla! comes with a built-in Username Reminder function If a user visits the site and has forgotten their username, they can click on the link Forgot Your Username? and then enter their registered e-mail address If they have entered the correct e-mail address, the system will send the user their username by e-mail The process is entirely automatic The
Username Reminder link is typically located underneath the form in the Login Form module Note that this function only works when the user has correctly entered the e-mail address that is
Trang 4regis-As an alternative you can create a direct link to the Username Reminder page by using the Menu Manager To link directly to the Username Reminder page, follow these steps:
1 Log in to the back-end admin system.
2 On the menu named Menus, select the menu where you want the link to the Login
page to appear The Menu Item Manager loads in your browser window.
3 On the Menu Item Manager, click the icon marked New on the toolbar The New
Menu Item dialogue opens in your browser
4 Click the option User The option expands to list several choices.
5 Select the option named Default Remind A new page loads in your browser.
6 Type a name for the link in the field marked Title.
7 Click the Save icon on the toolbar when you are finished.
Note that the Username Reminder link is hard-coded into the Login Form module If you display the Login Form module, you must also display the link The only way to remove this link is to edit the module code to remove or otherwise hide the link
Cross-Reference
Modifying the default modules is discussed in Chapter 24.
The Password Reset function
Similar to the Username Reminder function is Joomla’s Password Reset tool An existing user who has forgotten her password can request the system to assist her with regaining access Unlike the Username Reminder, which simply sends the data to the user, the Password Reset process requires additional steps When a user clicks on the link Forgot your Password? a new page opens and prompts the user to input their registered e-mail address If the address is input correctly, the sys-tem sends a verification e-mail to the user The e-mail contains a token and a link to a page on the web site The user must copy the token, and then visit the web page On the web page, the user pastes the token into the space provided and clicks the Submit button The system opens yet another page where the user enters a new password which can then be used to access the site
To create an alternative to the Password Reset function in the Login module, you can create a direct link to the Password Reset page with the Menu Manager To create a direct link to the Password Reset page, follow these steps:
1 Log in to the back-end admin system.
2 On the menu named Menus, select the menu where you wish the link to the Login
page to appear After you click, the Menu Item Manager loads in your browser window.
Trang 53 On the Menu Item Manager, click the icon marked New on the toolbar The New
Menu Item dialogue opens in your browser
4 Click the option User The option expands to list several choices.
5 Select the option named Default Reset Layout A new page loads in your browser.
6 Type a name for the link in the field marked Title.
7 Click the Save icon on the toolbar when you are finished.
Note
The Password Reset link is hard-coded into the Login Form module If you display the Login Form module, you will also display the link The only way to remove this link is to edit the module code to remove or otherwise hide the link.
Cross-Reference
See Chapter 21 for more information on modifying the default modules.
Creating a Login page
The Login Form module is the most commonly used method for providing a login functionality for Joomla! sites, but it is not the only way; the Login Form can also be displayed as a page, where the form will be located in the main content area To create a Login page, you can use the Menu Manager to create a link to log in by following these steps:
1 Log in to the back-end admin system.
2 On the menu named Menus, select the menu where you wish the link to the
Login page to appear After you click, the Menu Item manager loads in your browser
window
3 On the Menu Item manager, click the icon marked New on the toolbar The New
Menu Item dialogue opens in your browser
4 Click the option User The option expands to list several choices.
5 Select the option named Default Login Layout A new page loads in your browser.
6 Type a name for the link in the field marked Title.
7 Click the Save icon on the toolbar when you are finished.
Cross-Reference
See Chapter 8 for a detailed discussion of the Parameters and other options available for Menu Items.
Trang 6Redirecting users after login or logout
It is possible to automatically redirect users to particular pages upon login or logout This is a useful feature of the system that helps you channel users into particular content, or allows you the option to set up landing pages with content tailored to a user who is entering or exiting the restricted areas of your site One of the most effective uses of this feature is to create a landing page that greets members upon login The page usually carries a welcome message to site members and highlights what is new
or being featured on the site
If you are using the Login Form module, the Login and Logout Redirection Page options are con-tained in the Parameters section of the Login Form Module Editing dialogue In Figure 10.7 you can see both controls
To set the Login Redirection Page from the Login module, follow these steps:
1 Log in to the back-end admin system.
2 On the menu named Extensions, click the option Module manager The Module
manager will load in your browser window
3 In the Module manager, click on Login Form The Login Form editing dialogue opens
in your browser
4 Click the combo box control next to the label Login Redirection Page Select from
the list the page that you want the users too see
5 Click the Save icon on the toolbar.
If, on the other hand, you are using the Login page rather than the Login module, you must set this up in a different fashion:
1 Log in to the back-end admin system.
2 On the menu named Menus, click on the name of the menu that contains the link to your
Login page The Menu Item Editing dialogue loads in your browser window In the right-hand column you can see the Parameters section The Parameters (Basic) tab contains the redirection options
3 Type the URL of the page you want the users to see in the field labeled Login Redirection URL.
4 Click the Save icon on the toolbar.
Note
The Login page option contains more flexibility than the Login Form module Although the module restricts your redirection options to only the site’s sections, categories, and menu items, the Login page carries no such restriction — you can literally enter any URL you like, even that of another site or a page outside of the Joomla! system.
Trang 7FIGURE 10.7
The Login Form Redirection Parameters
Controlling Access to Content and
Functionalities
The essential reason for creating user groups is to control access to content and functionalities As discussed at the outset of this chapter, the Joomla! system’s seven user classes are designed to give you varying levels of privileges; however, those user Groups do not dictate access to content or functionality Controlling access requires an understanding of the Access Level parameters in Joomla! and how those relate to the user Groups
Default access levels
Items can be assigned to any one of three access levels: Public, Registered, or Special Table 10.1 shows how the access levels impact the users’ ability to view content and functionality