[aur-dev] RFC: create link for account registration and account information next to the login.
Justin Davis
jrcd83 at gmail.com
Wed Nov 17 21:52:10 CET 2010
On Wed, Nov 10, 2010 at 7:03 AM, Loui Chang <louipc.ist at gmail.com> wrote:
> On Fri 29 Oct 2010 16:23 -0700, Justin Davis wrote:
>> Hello aur-dev!
>
> Hello Justin.
>
>> My suggestion, which I am willing to write a patch for, is to create a
>> registration link near the login/password input boxes. When logged in
>> this registration link is instead a link for viewing/editing account
>> information. These links would be next to where the "[Forgot
>> Password]" link is now. Or where the "[Logout]" link is when logged
>> in. When an unprivileged user is logged in there is no "Accounts" link
>> in AUR's little toolbar on the left. Only TUs and Devs have that link
>> in order to edit accounts.
>
>> This change of location creates a greater contrast between the normal
>> AUR toolbar links and user account links. Often links that manipulate
>> a users account are grouped closer together and away from links that
>> basically get work done and are used more commonly. This also removes
>> the generally confusing "Accounts" link from people who do not realize
>> that it serves a dual purpose for account administration as well as
>> personal account editing... oh and account registration.
>>
>> The only downside is that new translations would be needed for the
>> registration link and for the account information viewing/editing
>> link.
>
> Sounds like a good idea. I wouldn't worry about translations. They can
> always be updated later.
>
>> As I side-note I would also like to move the account form printing and
>> processing code out of acctfuncs.inc and into a template/controller. I
>> would also make a new template/ file for the account info/edit form
>> which would then be used from the account info and registration, and
>> the TU's account admin. This would leave the low-level account login,
>> password, etc code inside lib/acctfuncs.inc, move the html printing
>> code into a template/ file, and the form checking code... somewhere
>> else.
>
> Moving html to template is good. I think it would be fine to keep
> functions in acctfuncs.
>
>> Anyways, what do people think about those simple changes in design?
>
> Thanks for your input and interest!
>
Thanks for the encouraging response Loui! I just wanted you to know I
am still interested in this. I have worked on this a little bit today
and pushed my split/acct branch to github at:
[https://github.com/juster/aur]. Basically I have moved
display_account_info() and display_account_form() into templates
called account_info.php and account_edit_form.php. I am reorganizing
accounts.php before I modify things. So far I have broken it up and
pieced it back together so it works exactly as before.
Before I go further I have another idea that builds upon the last. I
would really like to implement secure logins using https for the AUR.
Right now logins are unencrypted and this is a little disheartening.
So how would you feel about a login link and page? This would be a bit
different from the current system where logins can occur from any
page/URL on the AUR. Instead logins could only occur on one page and
you would have to click a link to get to it.
The advantage here is that logins can be shuttled over to the https
URL through a https secured html/login.php page. Logged-in users would
then be accessing the AUR over https and very importantly the password
would be sent over https. Some checks would also be added to account
editing/viewing page to make sure it is over https. I don't think this
idea violates the "rule" of only maintaining the AUR and not adding
new features so I hope people like it.
--
-Justin
More information about the aur-dev
mailing list