Extension:ConfirmAccount

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Extension:ConfirmAccount and the translation is 28% complete.

Other languages:
Deutsch • ‎English • ‎català • ‎dansk • ‎español • ‎français • ‎italiano • ‎polski • ‎português • ‎português do Brasil • ‎sicilianu • ‎suomi • ‎中文 • ‎日本語
Manuel des extensions MediaWiki
Crystal Clear action run.svg
ConfirmAccount
État de la version : stable
ConfirmAccounts.png
Implémentation User identity, Database, Special page
Description Rend obligatoire la demande et l’approbation des comptes.
Auteur(s) Aaron Schulztalk
MediaWiki 1.23+
Changements
base de données
Oui
Tables account_requests
account_credentials
Licence GNU General Public License 2.0 or later
Téléchargement
README
Paramètres

  • $wgMakeUserPageFromBio
  • $wgAutoUserBioText
  • $wgAutoWelcomeNewUsers
  • $wgRejectedAccountMaxAge
  • $wgConfirmAccountRejectAge
  • $wgAccountRequestThrottle
  • $wgAccountRequestWhileBlocked
  • $wgConfirmAccountRequestFormItems
  • $wgAccountRequestExts
  • $wgAccountRequestTypes
  • $wgConfirmAccountSortkey
  • $wgConfirmAccountSaveInfo
  • $wgConfirmAccountContact
  • $wgConfirmAccountCaptchas
  • $wgConfirmAccountFSRepos
  • $wgConfirmAccountNotice
Droits ajoutés

  • confirmaccount
  • requestips
  • lookupcredentials
Accroches utilisées
LoadExtensionSchemaUpdates
PersonalUrls
UserCreateForm
UserLoginForm
BeforePageDisplay
AdminLinks
AuthChangeFormFields
Traduisez l’extension ConfirmAccount sur translatewiki.net
Vérifiez la matrice des utilisations et des versions.
Problèmes Tâches ouvertes · Signalez un bug

L’extension ConfirmAccount désactive la création directe des comptes utilisateur et rend obligatoire l’approbation des nouveaux comptes par un bureaucrate. La création directe de comptes peut toutefois être réactivée (si vous voulez que les sysops ou bureaucrates puissent les créer directement) en configurant les droits utilisateur.

L’extension ConfirmEdit peut être utilisée (en conjonction avec l’extension ConfirmAccount) afin d’utiliser des captchas pour arrêter les demandes en grand nombre faites à la chaîne (forme de spam).

Installation

  • Téléchargez et placez le(s) fichiers (s) dans un répertoire appelé ConfirmAccount dans votre dossier extensions/.
  • Ajoutez le code suivant à la fin de votre fichier LocalSettings.php :
    require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";
    
  • Lancez le script de mise à jour qui va créer automatiquement les tables de base de données dont cette extension a besoin.
  • Ensure the wiki has write permissions on $wgUploadDirectory, or manually set $wgFileStore ['accountreqs'] and $wgFileStore['accountcreds'] to a writable directory of your choice.
  • Yes Fait – Accédez à Special:Version sur votre wiki pour vérifier que l'extension a bien été installée.

Configuration optionnelle

There are several configuration variables that can be adjusted in LocalSettings.php (after the require_once line that includes ConfirmAccount.php). See ConfirmAccount.config.php for all the variables that can be set. (The default values are in ConfirmAccount.config.php, but you should not edit that file).

For example, to set the person's bio as their userpage, set $wgMakeUserPageFromBio = true.

By default, a 6 word biography is required for the new user to submit the request form. To adjust this requirement, edit $wgConfirmAccountRequestFormItems['Biography']['minWords'] in LocalSettings.php, e.g. for 10 words:
$wgConfirmAccountRequestFormItems['Biography']['minWords'] = 10;

To disable the biography, set $wgConfirmAccountRequestFormItems ['Biography']['enabled'] to false:

$wgConfirmAccountRequestFormItems['Biography']['enabled'] = false;
Sysops can still create accounts directly. To disable this, add to LocalSettings.php:
$wgGroupPermissions['sysop']['createaccount'] = false;
If only logged-in users are allowed to view pages, make sure you add the request account page to $wgWhitelistRead. For example:
$wgWhitelistRead = array( 'Special:RequestAccount', 'Main Page' );
Dans d’autres langues, vous devez remplacer "Main Page" et "Special:RequestAccount" par leurs noms locaux, par exemple "Hauptseite" et "Spezial:Benutzerkonto_beantragen" sur un wiki en allemand.

To further categorize users based on their interests, you can set up MediaWiki:Requestaccount-areas. This should be in a format like:

*Topic|Topic wiki page|text to append to all interested users' bios |text to append to all interested users' bios in group0|text to append to all interested users' bios group1|text to append to all interested users' bios in group2|...

These group numbers are based on $wgAccountRequestTypes. So if 0 is the index for 'authors', then 'authors' interested in a topic will have the group0 text appended to their biography. This can be useful, say, if users can be approved as either authors or editors. Authors can have "category:X authors" where X is a topic, like "mathematics", and editors can have "category:x editors". You can have as many groups as you want, but you need at least one.

Configuration minimale

To attempt to prevent spam, instead of captchas, blacklists and filters; manually moderate new user registrations, with a simpler Request account. Requesting only a username, email address and brief message. Add the following to LocalSettings.php after the line require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";.

 $wgMakeUserPageFromBio = false;
 $wgAutoWelcomeNewUsers = false;
 $wgConfirmAccountRequestFormItems = array(
 	'UserName'        => array( 'enabled' => true ),
 	'RealName'        => array( 'enabled' => false ),
 	'Biography'       => array( 'enabled' => false, 'minWords' => 50 ),
 	'AreasOfInterest' => array( 'enabled' => false ),
 	'CV'              => array( 'enabled' => false ),
 	'Notes'           => array( 'enabled' => true ),
 	'Links'           => array( 'enabled' => false ),
 	'TermsOfService'  => array( 'enabled' => false ),
 );

Optionally tweak system messages: requestaccount-text, requestaccount-notes, requestaccount-ext-text, requestaccount-acc-text.

Utilisation

Confirming account requests on Special:ConfirmAccounts (beta form)
  1. As a bureaucrat (or other user with the confirmaccount permission), browse to Special:ConfirmAccounts
  2. Click Review
  3. You will see the whole form with the users' data. Carefully review the form, and proceed to creating the account or rejecting the request.
  4. If you chose to create the account, the user's biography will become their userpage and the userpage will be automatically created with the default summary of Creating user page with biography of new user.
  5. After an account is created, the data input by the user at the time of the request can be referred to by typing the username at Special:UserCredentials

Note: In order for bureaucrats to get notified of pending requests you need to set an email / mailing list in LocalSettings.php:

$wgConfirmAccountContact = 'Bureaucrat@domain.com';

Sending notification email to multiple users

This extension allows sending emails to multiple approvers to confirm the account if these users have the confirmaccount-notify permission. This is in addition/alternative to the $wgConfirmAccountContact setting.

This can be achieved (for instance for bureaucrats) by providing them this permission by adding the following to LocalSettings.php:

$wgGroupPermissions['bureaucrat']['confirmaccount-notify'] = true;

Enhancements

Pruning Frequency

To combat robot-requests, default settings prevent rejected email accounts from re-requesting an account for a random period of time after rejection. If you want rejected emails to be able to re-request accounts immediately after rejection, or after a fixed wait-time (days, weeks, months, or even years after rejection), apply the following 2 steps:

1) In LocalSettings.php, after required declaration, set Rejected-Age to 0 (for immediate expiration on rejection), or to your desired wait-time, in seconds:

require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";
$wgRejectedAccountMaxAge = 0;

2) Add one line to the file /frontend/specialpages/actions/RequestAccount_body.php at the very end of the function showForm() which shows the Request form, to force pruning right before any new request:

original code:

$out->addWikiMsg( 'requestaccount-footer' );
}

new code:

$out->addWikiMsg( 'requestaccount-footer' );		
# PRUNE
ConfirmAccount::runAutoMaintenance();
}

"Request account" Link

If you would like to add a "Request account" login link add the following to the "LocalSettings.php" file:

$wgHooks['PersonalUrls'][] = 'onPersonalUrls';

function onPersonalUrls( array &$personal_urls, Title $title, SkinTemplate $skin  ) {
    // Add a link to Special:RequestAccount if a link exists for login
    if ( isset( $personal_urls['login'] ) || isset( $personal_urls['anonlogin'] ) ) {
            $personal_urls['createaccount'] = array(
                'text' => wfMessage( 'requestaccount' )->text(),
                'href' => SpecialPage::getTitleFor( 'RequestAccount' )->getFullURL()
            );
    }
    return true;
}

as well as the text "Request account" to page "MediaWiki:Requestaccount".

Problèmes connus

  • Do not set $wgGroupPermissions['*']['createaccount'] to true in LocalSettings, it will override the request login and allow users to sign up without confirmation.
  • Do not set/create MediaWiki:Requestaccount-areas/xx where xx is a language code, the first part of each line is used as the keys to store in the DB for the items account requesters check.
  • Older versions of MediaWiki may not show the link to Special:RequestAccount at the user login form. You can edit MediaWiki:loginprompt to remedy this.
  • If your email client loses its mail data before sending it out, users will not get their passwords but may have an account. Since no one knows the passwords, you may want to use Extension:Password Reset or Special:ResetPassword to send them new ones.
  • If only a few people view the confirm accounts page, the randomly triggered pruning of old requests will not trigger often, so old rejected requests may persist. This prevents email addresses from re-requesting accounts for an unknown time period. You can override this behavior, and allow immediate re-requests, by forcing prune right before any new Request is submitted. Instructions here.
  • Integration with LDAP Authentication extension
  • For MW 1.26, this extension is partially incompatible with the ConfirmEdit extension - it only works for logged on users (obviously, this is not necessary), but for anonymous users it displays an empty screen, but works fine when ConfirmEdit is not used.

Dysfonctionnements

Notification emails do not get sent

If you are testing, note that a user must first confirm their email address through the link emailed to them, and then the email will be sent to the bureaucrat to confirm the account.

Make sure that setting(s) related to extension are introduced after the require_once line. Not before, otherwise extension doesn't see these settings and they fail silently. e.g.

require_once "$IP/extensions/ConfirmAccount/ConfirmAccount.php";
$wgConfirmAccountContact = "admin@example.com";

Also note that when using the 'confirmaccount-notify' setting, that each user in the group (e.g. sysop) will not receive notices unless their Options des courriels in Special:Preferences allow "Autoriser les autres utilisateurs à m'envoyer des courriels" and that they have confirmed their email address within the same form.

Voir aussi

References