Extension:ConfirmAccount/en

The ConfirmAccount extension disables direct account creation and requires the approval of new accounts by a bureaucrat. Direct account creation can still be enabled (if you want Sysops/Bureaucrats to be able to directly make them) by configuring user rights.

The ConfirmEdit extension can be used (in conjunction with the ConfirmAccount extension) in order to use captchas to stop flood requests.

Optional configuration
There are several configuration variables that can be adjusted in LocalSettings.php (after the require_once line that includes ConfirmAccount.php). See ConfirmAccount.config.php for all the variables that can be set. (The default values are in ConfirmAccount.config.php, but you should not edit that file).


 * By default, a 50 word biography is required for the new user to submit the request form. To adjust this requirement, edit, e.g. for 10 words:

Setting  to   will disable it entirely.


 * By default, a 50 word biography is required for the new user to submit the request form. To adjust this requirement, edit  in LocalSettings.php, e.g. for 10 words:

To disable the biography, set  to  :


 * Sysops can still create accounts directly. To disable this, add to LocalSettings.php:


 * If only logged-in users are allowed to view pages, make sure you add the request account page to $wgWhitelistRead. For example:


 *  In other languages you have to replace "Main Page" with its local name, for instance "Hauptseite" in a German wiki.

To further categorize users based on their interests, you can set up MediaWiki:Requestaccount-areas. This should be in a format like:
 * *Topic|Topic wiki page|text to append to all interested users' bios |text to append to all interested users' bios in group0|text to append to all interested users' bios group1|text to append to all interested users' bios in group2|...

These group numbers are based on. So if 0 is the index for 'authors', then 'authors' interested in a topic will have the group0 text appended to their biography. This can be useful, say, if users can be approved as either authors or editors. Authors can have "category:X authors" where X is a topic, like "mathematics", and editors can have "category:x editors". You can have as many groups as you want, but you need at least one.

Minimal settings
To attempt to prevent spam, instead of captchas, blacklists and filters; manually moderate new user registrations, with a simpler Request account. Requesting only a username, email address and brief message. Add the following to LocalSettings.php after the line require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";.

Optionally tweak system messages: requestaccount-text, requestaccount-notes, requestaccount-ext-text, requestaccount-acc-text.

Preventing empty userpage from being created
The above still creates a userpage, to prevent this: Edit the function createUserpage in extensions/ConfirmAccount/business/AccountConfirmSubmission.php, the last part to look like this:

Usage

 * 1) As a bureaucrat (or other user with the confirmaccount permission), browse to Special:ConfirmAccounts
 * 2) Click Review
 * 3) You will see the whole form with the users' data. Carefully review the form, and proceed to creating the account or rejecting the request.
 * 4) If you chose to create the account, the user's biography will become their userpage and the userpage will be automatically created with the default summary of Creating user page with biography of new user.

Note: In order for bureaucrats to get notified of pending requests you need to set an email / mailing list in LocalSettings.php:

Enhancements
If you would like to add a "Request account" login link add the following to the "LocalSettings.php" file:

as well as the text "Request account" to page "MediaWiki:Requestaccount".

Known issues

 * Do not set  to true in LocalSettings, it will override the request login and allow users to sign up without confirmation.
 * Do not set/create MediaWiki:Requestaccount-areas/xx where xx is a language code, the first part of each line is used as the keys to store in the DB for the items account requesters check.
 * Older versions of MediaWiki may not show the link to Special:RequestAccount at the user login form. You can edit MediaWiki:loginprompt to remedy this.
 * If your email client loses its mail data before sending it out, users will not get their passwords but may have an account. Since no one knows the passwords, you may want to use Extension:Password Reset to send them new ones.
 * If only a few people view the confirm accounts page, the randomly triggered pruning of old requests will not trigger often, so old rejected requests may persist.
 * Integration with LDAP Authentication extension

Troubleshooting
→ Add  to line 41 in the "ConfirmAccount.php" file.
 * Updating fails with

See also bug 55470 for detailed information on this.

Notification emails do not get sent
Make sure that setting(s) related to extension are introduced after the require_once line. Not before, otherwise extension doesn't see these settings and they fail silently. e.g.