Email Address as Username

Discussion in 'Customization & add-ons' started by bigstrategies, Mar 20, 2008.

  1. skippybosco

    skippybosco CGI-Central Partner Staff Member

    Joined:
    Aug 22, 2006
    Messages:
    2,526
    speeke,

    Yes aMember allows an email address formatted name to be a username (ie. user@email.com).

    Whether it is compatible with forum plugins is dependent on the forum script itself. vBulletin and PHPBB do support this.
  2. thejoeshmoe

    thejoeshmoe New Member

    Joined:
    Mar 13, 2009
    Messages:
    4
    Can anyone advise if TOPH's method in anyway would reintroduce the security issues fixed by 3.1.8?

    I just want to verify for example that the e-mail is still checked for non-allowed expressions so that no one can inject any javascript or anything..
  3. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    No this will not affect fixes from 3.1.8
    In 3.1.8 all admin templates were fixed so everything that display user's input is escaped.
  4. sharris203

    sharris203 New Member

    Joined:
    Feb 27, 2009
    Messages:
    45
    Also, if amember generates the name, does it also generate the password?
  5. skippybosco

    skippybosco CGI-Central Partner Staff Member

    Joined:
    Aug 22, 2006
    Messages:
    2,526
    This is an available option:

    [​IMG]
  6. xillo

    xillo New Member

    Joined:
    Dec 29, 2008
    Messages:
    4
    Unique email

    I am trying to prevent people from signing up using the same email. I have used the above method to use email as the login, but it allows me to signup again using the same email. Actually it udates the information in the db when I use the same email. I would like for an error to be thrown when someone tries this. I thought this function in mysql.inc.php

    function check_uniq_login($login, $email='', $pass='', $check_type=0)

    called in signup.php would keep someone from using the same email. But again it just overwrites the info in the db. Does anyone have an idea about how to test for unique emails in amember?
  7. miso

    miso aMember Pro Customer

    Joined:
    Aug 22, 2006
    Messages:
    542
    I'd replace it with this one, as it doesn't choke on emails like peter_griffin.junior@some.random_url.com or whatever the "offending" emails were that prompted me to improve that regex.

    Code:
    /^(([A-Za-z0-9]+_+)|([A-Za-z0-9]+\-+)|([A-Za-z0-9]+\.+)|([A-Za-z0-9]+\++))*[A-Za-z0-9]+@((\w+\-+)|(\w+\.))*\w{1,63}\.[a-zA-Z]{2,6}$/
  8. kengary

    kengary aMember Pro Customer

    Joined:
    Nov 13, 2008
    Messages:
    231
  9. distressedpro

    distressedpro New Member

    Joined:
    Aug 24, 2009
    Messages:
    27
    Sign up with an email

    I saw a while back in this thread that perhaps signing up with just an email would work.


    I use wordpress and I have a php based research app on the same site and amember protects both

    what I'd like to do is when someone clicks on any member only area the resulting page:

    /amember/plugins/protect/new_rewrite/login.php?v=-any&url=/PROTECTED_FOLDER/

    Has the existing members login on one side and a quick first name and email only signup for a free basic account on the other side, like this site:
    https://ma.secure.foreclosuresmass.com/account/

    Any help appreciated
  10. thejoeshmoe

    thejoeshmoe New Member

    Joined:
    Mar 13, 2009
    Messages:
    4
    - post deleted
  11. bfritton

    bfritton Certified aMember Developer

    Joined:
    Oct 26, 2009
    Messages:
    54
    Hi all,
    I used Miso's modifications and they're working wonderfully (thank you). The only issue is that the user is logged out of their session (since their login was changed). For usability's sake, does anyone know how to restart the session after their username (email) was changed? Thanks much - I can contribute if someone can get me started.
  12. bitlost

    bitlost New Member

    Joined:
    Jan 19, 2011
    Messages:
    1
    Another Possible Solution

    I went with this solution. I found it to work well without having to worry about issues with using the email as their login. I left the system alone but added this code.

    plugins/db/mysql/mysql.inc.php
    PHP:
    //new function to lookup their login name
    //this way if they login with email or login it will return the login name
    //so we can leave auth alone
    function get_login_from_email($email) {
            
    $q $this->query($s "SELECT login
                FROM 
    {$this->config['prefix']}members
                WHERE login='
    $email' or email='$email'
            "
    );
            list(
    $login) = mysql_fetch_row($q);
            return 
    $login;
        }
    plugins/protect/php_include/check.inc.php
    PHP:
    //in the function _amember_check_access()
    //change $l = $_POST['amember_login'] to...
    $l $db->get_login_from_email($_POST['amember_login']);
    That worked like a charm. That way technically they still use their "login" to authenticate. But it still verifies it against the email if they pass one in.

    Hope this helps
  13. skippybosco

    skippybosco CGI-Central Partner Staff Member

    Joined:
    Aug 22, 2006
    Messages:
    2,526
    This should be default behavior IMO.. thanks for sharing.
  14. tardus

    tardus New Member

    Joined:
    May 27, 2009
    Messages:
    3
    Bitlost:

    When using the new "login as user" feature, I get the following error:

    Fatal error: Call to undefined method db_mysql::get_login_from_email() in /<root dir omitted>/public_html/amember/plugins/protect/php_include/check.inc.php on line 68

    To duplicate, Browse User, select any user, then click on Login as User (Amember 3.2.x or higher) - and see if you also get the same error.
  15. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    function get_login_from_email should be added within db_mysql class in mysql.inc.php
    It seems you copy it outside of class.
  16. JimmyStephans

    JimmyStephans Member

    Joined:
    Mar 24, 2004
    Messages:
    89
    Using this email address as login method.... is there a maximum length for the email address?

    I just changed to it, and like it, but a few new subscribers that have longer email addresses can't get it to work.

    I raise maximum characters to 60, but still stops at 32.

    (32 is the max it was set at previously)
  17. alexander

    alexander Administrator Staff Member

    Joined:
    Jan 8, 2003
    Messages:
    6,274
    You need to change login field length in database as well(amember_members.login).
    Currently it set to varchar(32)
  18. jenolan

    jenolan aMember Coder

    Joined:
    Nov 3, 2006
    Messages:
    493
  19. miso

    miso aMember Pro Customer

    Joined:
    Aug 22, 2006
    Messages:
    542
    anyone know what modifications have to be done to get this Email as Username login to work with .htpasswd/.htpasswd_shared plugins as well?
  20. ihcus

    ihcus aMember Pro Customer

    Joined:
    Sep 17, 2009
    Messages:
    5
    Brilliant! - regarding the code to allow email or login ID use

Share This Page