Registration and Verification
From:
Michael JasonSmith
Date:
Mar 07 09:20 UTC
Short link
Sorry it has been a while since I last wrote to this group.
Today marks the end of the first week with the new registration and
verification code running live on OnlineGroups.Net. It did not start well. The
most common case of registration on OnlineGroups.Net is
administrator-initiated, and administrator-initiated registration (both
single-user and by CSV file) was broken to the point of being worse than
useless: it made a mess that I had to clean up. (OGN is still so small that it
is administrators that force people to use us, rather than people volunteering
to be part of our groups). I spent a fair amount of time this week diagnosing
the problem, cleaning up the mess, and writing apologetic email messages to
administrators. I did manage to correct the specific problem, so
administrator-initiated registration goes as well as could be expected. The
general issue (Zope errors cause roll-backs in the object-database but not in
the relational-database) remains unresolved.
On the up-side, the email-verification code ran flawlessly: members added,
verified and removed email addresses with little intervention from support;
usually we wrote “Dear… Look at the email settings page, off your profile.”
The reason that I know that the code is running well is the new GroupServer
system is maintaining a good log, which is the other positive note from this
week. What is reported in the log is being tweaked as Alice and I use it for
handling the email and telephone support for OnlineGroups.Net:
“Sorry, try adding the person now…
“I see the person added to our system…
“There goes the email invitation to join the group…
“The new member is setting the password right now…”
Alternatively:
“What does it say about forgotten passwords on the login page?
“Yes, click on the reset password link…
“If you put *my* email address in the box you will reset *my* password…
“The reset password message has been sent to you…
“Check your inbox, like it says on the page…
“I see you clicked on the link…
“And your password is now set”
That sort of thing. Currently the joys of logging are confined to Alice and
myself, though Richard is working on the elusive version of GroupServer that
can be installed by mortals. Until that time the number of development
GroupServer installations remains in the low single figures: 1.
Back to email addresses. On OnlineGroups.Net, notifications are only sent to
verified email addresses, and only verified email addresses can be set up for
default message delivery and specific delivery to groups. However, people can
post from unverified email addresses and (worse) posts are sent to unverified
email addresses. I wanted to have unverified email addressed blocked this week,
but issues with OnlineGroups.Net interfered.
One of the issues gave me a chance to revisit some of the neglected
administrator pages, so users are ordered alphabetically, according to the
display name, the manage members page is easier to read, and *works*. Related
to this, there has been a change to the definition of “unverified user”. It is
now a user with no verified email address; this will only occur in the short
period between a user being added to the system and the user responding to the
email address verification message (which may be disguised as an invitation to
join a group).
I have two and a half implementation tasks on the horizon: getting unverified
email addresses blocked, implementing nicknames, and implementing subscription
by email. Blocking posting from unverified email addresses — and blocking
delivery to unverified email addresses — scares me, as the email processing
code is a nightmare of code. Nicknames should be fine, except for some Zope
voodoo, which I hope that Richard to help me with. Subscribing by email address
is currently off on OnlineGroups.net, but I suspect that I can get it *mostly*
going without too much difficulty, so I will try to fit that in sometime soon.
Have a good weekend,
Michael