Ajakk
If you don't like this way, just edit the scripts and program your own. It's open source. We're doing what we like, you're doing what you like.

I don't clear conceptsminiBB uses the easiest.

Ajakk
Of course, it's the easiest way! I think I proved that you need to complete 5 steps instead of 6 that way. What is your prove? Users don't like it? It's not a prove.

I, for example, like much the random passwords :) They economize me the effort to create them myself :)

The randomly created passwords are random :) If you don't like the result, you can tell the script to send to all new users the password "mayflower" - it's beautiful :)

you can tell the script to send to all new users the password "mayflower"
there is also a way to read randomly from English words database and generate "human" password :-)

I think, in general, the worst part of all common technologies is that they force users to think, that the suggested solution is the best one... or maybe even is the only one. At the time it's only the most well known, but not the best, and of course not the only one. That's the talking is about here. Many people are trying to force miniBB being like the other boards around, applying the most well-known technologies to it... but that's the wrong way for ourselves. We're trying to be different in that software, that's all.

there is also a way to read randomly from English words database and generate "human" password :-)
I missed that, sorry :)

miniBB is simply more reasonably and usefully constructed. And that's my real opinion.

I still cannot see why is it bad to receive a registration pass like "Ps278F4m" and after 5 minutes to change it with whatever you like.

and after 5 minutes to change it with whatever you like -
but only if you really need it... I often meet examples of myself, when I register just because to post 1-2 messages... I don't think I ever change the password afterall...

Keeping straight registrations in the database is much better else generating the keys. If you provide user a key, you should have a temporary keys table, or additional fields in users database. That way minibb saves up resources a bit.

Additionally, you avoid double registrations on the same invalid email. If user was unable/confirm this email, it should be saved in database for further validating. Sign up page will give an error to the user, which may try to register an account on his email, again. The script which validates the key, should have more difficult comparision in what is kept in DB.

Hi . I have problem width this option "$closeRegister=1". Of course all is done same as in manual . But

1. User received email without password (I thing password is not generated )
2. User received email width link conformation , but if he click on this link he get " you heve not permition to do this operation"
3. User appear on user list in forum side , so every one can tray register . I have few thousand users in database :)

sjach
I am not sure if you speak about miniBB, in general? Default version?

We never had any kind of "confirmation links" in emails.

I am bit away from my working station now, but should come back this week. Then I will try to check this issue.

Yes I`m speaking about miniBB , and ver. 3.0.3 ( upgrade from 3.0.0) . After registration user received email including link confirmation.

Second thing is that , even if user write wrong information in registration form and is not permitted to made any post his data (including email) is registered in database . So the result is few thousand users registered ( spam robots)

I've just tried the most recent release, i.e. 3.0.3. setting up $closeRegister=1; and I am 100% sure there no confirmation or stuff like this being sent. When this option is set, on the registration form, the "Password" field should not be visible to fill in at all. The password is generated properly, using the random characters, and then it's being sent to the new member's email address; at this time, email_user_register_eng.txt template is used, which by default doesn't contain any password and should not contain. Receiving confirmation email, and that way also receiving the password, the member could then use this data to log in; optionally change the password later.

I am not sure where and how you're getting the "confirmation link" and what files did you modify for this. Default version does not have this option.

Sure, even if you set $closeRegister=1; all accounts will be still registered in database (else how to validate them and what to validate? If you have some other ideas regarding the default approach, you are welcome to spread them up). Specially, if you don't have the Captcha module, it's quite risky to open them that way.

It is very up to you what you do with un-validated accounts, each forum may have its own terms regarding this. The most popular way is to set a crontab script, which will remove an account if it was not used for some time; but this also depends on your server's configuration, the possibilities you could set up and we don't provide such script by default, of course - either you need to order it, either program on your own. Actually it's very simple in terms of coding, but as I wrote, it very depends on the server you run this all on, and on your customer's requirement.

I think sjach is referring to the hyperlink in the email containing the system-generated password, which the user receives after registering. The hyperlink points the user to the forum. Logging into the forum for the first time serves to validate the user's account.

Yes marsbar that is correct . I`m worry only why user does not obtain password in this email and clicking hyperlink getting "you don`t have permission to do this action" (I`m translate from Polish)

ps. Paul I`m using from few days Captcha :)

If you mean the hyperlink provided at the very bottom of this email, it's a static URL to your forum, there is nothing specific. I can't be sure why users can not access your forum as guests. May be it's set up that way? Who knows, you didn't even provide a link to it, and I'm not a wizard to determine something from the air, sorry.