Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
By jim_at_miramontes on
If a user is logged into Drupal and tries to go to the user registration page, they get an "access denied" error. You can see this happen on drupal.org (http://www.drupal.org/user/register).
I'd prefer to send the user to their profile page (/user/123), perhaps with a message noting that they're already registered. Before I start hacking the user module (presumably in user_menu), can anyone point out a more principled way to do this, or problems with doing this in the first place?
Comments
I agree
I don't see any harm in showing a logged in user the register page again. This has caused a lot of confusion for users on some of my Drupal sites. It would be helpful if the message was even friendlier... i.e. "You are already logged in." with a link to logout.
I agree too
I'm trying to theme the user/register page and finding it a pain to not be able to view it while I'm logged into the site.
Is there even a work around for this?
This issue comes up all the time for me. At this point, I'd settle for just being able to customize the message that shows up on this page.
Hacking user_menu?
I haven't looked at this carefully yet, but it seems like one could hack user_menu to deal with this. There's a section like so:
and I guess you'd change the callback to user_view (passing $user->uid in via callback arguments) when $user->uid is not 0. But then you'd still need the rule in its original form to properly hand non-logged-in people off to user_register, and (as I'm demonstrating) I'm not familiar enough with Drupal's menu system to know how it copes (or if it can cope) with two $items[] statements that have the same path, but that differ in their access rules. I guess you could pass all calls to user/register off to a separate function that would decide where to go, but that's getting pretty ugly. More thought (and wisdom) is needed here.
Well I tried this solution
Well I tried this solution but it doesn't work. I also tried to redirect if the user in logged in with a custom access denied page but it still doesn't work.
Does anyone have a solution?
It's weird we can't have a login form on the registration page...
Any thoughts?
Thanks
I was able to use a redirect
A simple bit of PHP code did the trick for me, although I would rather not have to put hacks in like this. Basically, check if the user is logged in and the URL is "denied" (e.g. if arg(0) = "denied") and then do a PHP redirect. A Drupal redirect doesn't work since it gets stuck in a redirect loop.
Please kcouch, could you tell
Please kcouch, could you tell me where I can change this simple bit of code...I have a problem that seems to will be solve with your issue..
Thank's in advanced.
Registered users loop
Hi friends!
I have a problem of user access to my web.
When a user already registered, enter your login to the web, the system refuses and does not give permission to perform actions, as if I did not acknowledge their permits. This only happens the first time.
However, when this same user "Logs" and re-enters the system recognizes him.
I have been reading all your issues, but I think that are not for my problem... do you have any siggestion?
Thank's in advanced!
reister & login access denied
I'm confused... I have been building a Drupal site for the last five days (on and off again) and I had no problem getting to the registration page while I was logged in, I even put a Members menu link that went to that page instead of a blatant login block.
Then I made a change (which I have reverted) removing the navigation block for unregistered users) and now I am unable to get to the registration page where I used to be able to see three tabs - my account, login, request password. This is while logged in as the Admin account...?
Wow
I thought this was a bug and just got round to looking into what I'd done to cause it:
What I get is:
a) Going to user/register when logged in gives access denied, although I can live with this as its not a likely situation (my site has no register links for authenticated users)
b) Much more seriously pressing submit to login after filling out username and password sends you back to /user/login and gives access denied which would give users the initial impression they're not logged in properly although they are.
Sounds very much related to the issue on this thread and I think may have occured when I turned clean urls on although not sure on that :-(
Anyone help me with this?
My "solution"
This is just a "works for me" hack: in
user.module
, functionuser_menu
, around line 715 where theuser/register
item is defined, just take out the!$user->uid
part of the access check.user_register_undenied.patch
:I think this is a safe change, since function
user_register
has its own access checks, and it even conveniently does thedrupal_goto
to your own profile page for users who do not have permission to create other new users.Make sure you clear your menu cache after doing this.
-- Steven N. Severinghaus
Thank You!
Steven - Thank you for finding that. This was turning into a big problem for one of my sites.
In looking through the user code, I can't see any reason for the $user->uid check. Any chance of this change getting incorporated into the main code so that I won't have to remember to "fix" it every time I update?
I just made a workflow to get round this
I needed a solution since I need to link to registration from within a flash file... and I don't know the first thing about flash (can't edit or change it).
So I looked at workflow-ng and made a workflow to do the redirect, firing when user is going to view a page and comparing the page url to "register". I can post the export data here if anyone is interested.
I'm still wondering if this is overkill, but I don't know how much of a difference it will make. And my sire is small, not going to be very community based so it may not be so much of a problem.
Drupal 6?
has anyone got a method for doing this on Drupal 6.2?
For D6 w/o modifing the user module
yes. I just did it! I think i just may be getting the hang of this :)
Here is what i did:
Let me start by saying i am still very new to drupal. This may not be the right way to do it or even wise to do it at all.
I made a custom module with 2 functions, implementing hook_menu_alter, and changing the access callback.
This redirects a logged in user to their account view page when they goto 'user/register'
im not sure why. I had thought it would allow the reg form to be accessed and not redirect. This is bearable for my purposes i guess, but I guess there is check somewhere else that redirects to the account page. Can anyone out there answer that?
anyway, hope that helps
Slight improvement
Thank you, this worked well for me. This should really be in core by now, there's been a feature request in for it since 2005: http://drupal.org/node/17664#file-test-results-17664-1357290 .
One slight improvement to the above, is to give the user a message stating they're already registered, and then to redirect them to their user page. I modified the myreg_register_access() function from loze's myreg module, as follows:
Tested and working in Drupal 6.13.
thanks
loze & asimov,
Thanks for posting your code. I borrowed from what you two posted and created a module for Drupal 6, called Already In.
In user.module, modify
In user.module, modify user_register_access
Of course the separate module is more elegant..
Just noticed the "Already In"
Just noticed the "Already In" module announced above. Works great.
Thanks Matt.
And FYI the issue is tracked here: http://drupal.org/node/17664
this brings you no where
this does not bring you to the user/register form again but to /user/5 which is nothing at all... (well just this "history" title with "member for..." etc...)
the return variable must be something else but I don't know what exactly...
I really don't like this tweaking as if it's inherent in all drupal website development and as if:
-or you must be your own developer (create your own modules --> see this multiple registration form problems an discussion on the different fora)
-or you activate modules based on other modules between other modules... going down the rabbit whole...aaargh
-or you tweak so much in the PHP of the different files that you might start asking: what's the point (of drupal)?
(wasn't it just lego block building? --> discussion of learning curves)
anyway Boran thanks for the attempt, we all keep on 'attempting' :-)
another angle taken to this issue
Instead of making it possible to complete another registration as an already registered user, I'm taking another appoach:
A certain type of registered users, so to speak linked to a certain role, would have some admin privileges:
They are able to create user (/admin/user/user/create).
First issue: by enabling this permission for that role, they can even have access to more handling than I really want (but that's an issue for later --> yet another one "going trough the maze")
Major issue: If this registered user in "that role" hass the oportunity of creating new users, I really do not want him to be obliged to fill in all the same fields of the custom registration form that was initially there.
--> Now this is going parallel with maybe other thread about ways of having multiple forms (also there it's amaze: choosing the way of module on modules on modules, eg the dirty way or building your own module, the clean but heavy way, discussion about the learning curve)
last issue: If that registered user (say a company partner) can make new users, can they be somehow linked (ofcourse basically in the database to the registered user/company partner that made him?.
I feel that these things/this request are normal things on company websites tough within drupal this is exotic in the way that it's not just the lego building approach by modules on modules on modules, to be expected...
I feel I'm still flirting with the "I suck" threshold within the learning curve by Dries Buytaert, while i also feel that this request must at least require a knowledge flirting with the "I rule" threshold. Pf course If I was there, I would be posting this.
In my big disadvantage: I have littke time to implement this, which might be contradictionary towards the needs of time to obtain the knowledge to easy, common and natural request but difficult approach towards solution.
Sorry for the article this post is becomming.
Drupal 5?
can anyone provide a patch (or a mini
module) for Drupal 5.7 ???
Thank you.
change user_access
Our way toward this is change user_access to TRUE. that way any one can access the page.
'callback' => 'drupal_get_form', 'callback arguments' => array('user_login'),
'access' => !$user->uid, 'type' => MENU_DEFAULT_LOCAL_TASK);
'callback' => 'drupal_get_form', 'callback arguments' => array('user_login'),
'access' => TRUE, 'type' => MENU_DEFAULT_LOCAL_TASK);
though, very worry about this could lead to security issue. if it were, pls point us out.
Thanks for this tip, i used
Thanks for this tip, i used the workflow-ng method you described and it worked like a charm! Just the solution we needed.
htaccess workaround
If your using the Boost module it sets the DRUPAL_UID cookie if logged in. Add this code to redirect user/login and user/register to the homepage.
Place it right below
and above the boost rules
Issue Created
#600472: Confused users: Already logged in users get 403 on user/login or user/register
Thank you!!! :)
Thank you for the htaccess workaround !!! Works great!! :)
If you don't have boost..
Thanks for the snippet for the htaccess.
If you don't have boost (and want to send users to their profile page if they try to access the login page) then the following works
It doesn't affect anonymous users.
George Boobyer
www.blue-bag.com
But this doesn't seem to
But this doesn't seem to allow registration for anonymous users - all registration requests are redirected to login, at least for me!
redirecting to a node
I needed to redirect logged in users visiting the register page to a custom page explaining why they can't access the register page, instead of just saying they can't. This little function in a custom module does the trick: (it redirect to node/10)
I need authenticated users to
I need authenticated users to be able to access the actual registration page. I use ip_authenticator to log in anonymous users within our physical facility. I still need people to be able to register, however. There is no way to log out with either of the two modules ("ip login" or "ip_authenticator"), though I have feature requests pending on both of those.
Can anyone help?
This worked for me, thanks
This worked for me, thanks for posting this @weseze!
can't access user pages
when this module is enabled the user account pages can not be accessed,
I have 'user' as the redirect location
browser says
Too many redirects occurred
same here on /user and
same here on /user and /users/admin
I'm a Drupal Website Developer and Google Street View Trusted Photographer.
Already In?
jday & fortina,
When you say "this module" are you referring to a custom module you made based on the code snippets above or to the Already In module? If you're referring to the Already In module, please open a ticket in the issue queue for Already In instead.
How about simply creating a
How about simply creating a block, putting in there something like "You can't register because you are already logged in!", and then placing that block below the content only on the user/register page, and only accessible to authenticated users? That way there's no fiddling with custom code or hacks.
You could even use css to hide the content section of that particular page (the part that says "Access Denied") using {display:none} if your theme provides a unique body class for that page.
Cheers,
Albert.
Albert I have been trying to
Albert
I have been trying to get my block to display on my user/register page and it will not display when I set:
Show block on specific pages:
+ Show on only the listed pages.
user/register
Is that the wrong link for register page it is what shows in address bar?
I am using Drupal 6.17
If you can tell me the correct configure, many thanks.
Should work...
in my installation It works as expected. D6.18, theme Garland, Show on only the listed pages: user/register, Show block for specific roles: authenticated user, block assigned to Content region. Also, please be aware that 404 "Not Found" pages do not render Left and Right regions (use module blocks404 if you need those)
If you are using AutoAssignRole
If you are using the AutoAssignRole module, you will need to change the access callback for your custom paths as well. In D6, I have a special path for artists: