Postponed (maintainer needs more info)
Project:
Sql authentication
Component:
sql_auth_update
Priority:
Normal
Category:
Feature request
Assigned:
Unassigned
Reporter:
Created:
1 Feb 2007 at 18:03 UTC
Updated:
2 Feb 2007 at 01:27 UTC
I'm not sure this is not really a feature request yet. I'm curious as to why the decision was made to only allow insertion into remote databases if the site is set to allow anyone to sign up? I couldn't find any documentation on the issue, and it doesn't make any sense to me why that limitation exists. I have a private site where the only person allowed to create accounts is the administrator, and it took me a while to figure out why I was having seemingly odd behavior. After commenting out that check, I was able to successfully complete the task I was trying to accomplish.
Comments
Comment #1
Bèr Kessels commentedI don't know what you mean, Ive read trough the code three times, but could not locate the test you mention.
would you be so kind as to provide that information?
Comment #2
oadaeh commentedSorry about that. It is obscure and took me quite a while to figure it out.
In sql_auth_update.module, starting at line 24 is the following:
As I'm sure you already know, the user_register variable corresponds to the "Public registrations:" setting on the admin/settings/user (v. 4.7.x) page. On my site, that is set to "Only site administrators can create new user accounts." (or 0), which means when a user administrator creates a new account, only the Drupal database gets updated. When I commented out line 29 (and the related closing brace line) the remote database started getting updated as well.
So, I was curious of that was really necessary or not. Maybe there's another issue that I'm not aware of that requires it's presence.
Comment #3
Bèr Kessels commented««So, I was curious of that was really necessary or not. Maybe there's another issue that I'm not aware of that requires it's presence.»»
Yes, the thought is as follows:
If you have '0 only site admins' set, you never. Ever. want people to register on your site. With your hack, if I am not completely mistaken, people can now register and log in, without you, the admin, doing anything.
Comment #4
oadaeh commentedHmm, okay, I will test that out and see if it is true.