Posted by ilo on June 18, 2009 at 11:42pm
Hi..
Voidberg and I are giving a second chance to the lazyreg module. Currently there's no such functionality in drupal, and it would be great. For now we have in plan allow the creation of a 'temporary account' to test the site features, and give the user chance to keep it, filling the missing account information, or forget it, just login out the site.
Is there something we are missing or we should consider? do you know of something being implemented about this?
Thanks in advance.
ilo
Comments
An interesting concept, but
An interesting concept, but I'm not sure how it would work. Could you give a usage example you have in mind?
The Boise Drupal Guy!
Actually, you will find
Actually, you will find several use cases just googling. Yesterday we discussed one of the three we are evaluating to be included in the lazyreg module.
The first one: "The test account" approach is current "lazy registration" main feature: the hability to create an account automatically just following a link or a click on certain situations, to be able to continue using the site and see more features (including performing some actions in the site). This 'account' is just a 'test account', user is logged in with this account and he can now create posts, comments, or view/do any other action available to his 'test role'. contant may or not be published, but to keep content user is encouraged to finish the registration process. Still needs some work to able to don't leave site unstable, and some documentation about what/when and how to enable and configure it.
The second one: "The authoring" problem, my favourite, is about 'authoring' the content. 'content' could be 'authored' on submission time, introducing an email or some 'personalized' token. The email was choossen because this allow the site to keep track of the current 'user'. Using this token the content authorship is kept withouth log in or log out the 'current site user'. The way content is authored is similar to comment submission in "blogger", with some options to be selected depending on the context. I'm working on this right now, so we could test and analyze having something to touch soon. This is handled as a submodule of the lazyreg module only available for D6 for now, and not in cvs yet.
The third one, creating a gosth account for every NEW visitor, setting a never expiring cookie, could improve "anonymous" user tracking, for a more conducted adversiting or navigation guidance, but this has to be seriously studied, because of performance and security implications.
Second case
I like the second use case. I allow anonymous posting on my site and some users then choose to become members. It would be nice to have a way to easiliy associate their content with them when they sign up.
Michelle
See my Drupal articles and tutorials or come check out the Coulee Region
3rd chance?
I'd love it if an anonymous visitor could do all the things an authenticated user can, until the point their data is going to be saved to the database. Then a dialog should have to popup/overlay giving them the choice to either login or register. If they cancel or don't succeed, nothing happens. If they do succeed, the piece of content gets saved and they are logged in.
This will obviously only work if users can register without administrator approval, unless you'd extend it with.. but that's beyond my use case.
Technically; I'm not thinking about ghost accounts getting created automatically whenever a new anonymous user visits the site. Because they spoil your database, unless you've got something really good that automatically purges those.. I don't know. Looks like you're gonna be vulnerable to DOS attacks if you're doing this. The exact reason why Drupal doesn't generate session id's for every anonymous user - if I'm not mistaken.
If not logged in and a page/form requires you to be (logged in), that page should be shown instead of an 'Access denied' message.
Not creating any real or fake user account.
But when submitting the form (pressing the form submit button), and before validating the form, the user should be able to login or register. Once that succeeded, form validation happens...
IMO it's much simpler to just
IMO it's much simpler to just form_alter forms for anonymous users, make them multistep, and add in registration as the second page.
Or, if you really require multiple forms, look at the devel_macro() module for serializing form submission data. However, I think the use case is limited as subsequent forms may be invalidated by the original submission.
Kinda
Yes, something like that.
I can guess how one would program that with a custom module, for a very specific use case, tailored for his/her site.
But how would you automate it?
How to automatically form_alter forms into multistep forms for anonymous users that normally/traditionally require a user id?
I hope there's a way of doing that.
As far as I know, Drupal checks access rights at path level, not at form level.
So, hook_menu implementations define which right/permission is needed to access a certain path, but the subsequent form build or validate calls don't have that information...
If only, we could write a module that can retrieve all paths which are accessible to authenticated users, but not to anonymous users.
And get the form id's of the forms belonging to those paths, which we than use in our form_alter function.
Or we hack user_access() to let it set a global var which indicates content/forms are being shown which normally require an authenticated user. If that's set to true and global $user->uid is 0, our form_alter alters..
But maybe I'm missing something?
Anonymous Visitor Tracking
Comment on "Third use case":
There could be applications that would get real benefit from tracking Anonymous Visitors with a non-expire cookie, then when/if the Visitor converts to a User, the "old" history would be connected to the New User's history.
I can see where it would be a great benefit to a webmaster to see the page view pattern of "lurkers" and what they look at before they decide to register vs. what others look at and decide not to register.
I can see where it would be a
Indeed it would be, but due to the prevalence of automated spiders of various levels of malevolence (in other words, not all will self-identify as a spider), I think it would be difficult to get any meaningful data from that, or, more precisely, to determine what data is meaningful and what is just the flailing about of a robot.
That being said, assuming the registration process were sufficiently captcha-ed, the breadcrumb data of a human user that did register could be both easy to determine and usefully meaningful, so I don't think the idea is entirely without merit.
The Boise Drupal Guy!