Problem/Motivation
I would like to make a request for Drupal 7 (if it can't be done for any up-and-coming version of drupal 6) that an option be created so that providing an email address at registration is not necessary.
This is very important for school websites as children shouldn't need to provide an email address (and before a certain age shouldn't even have an email address due to inappropriate spam), and perhaps even for businesses which want an internal site for employees without them having to provide a personal contact email.
Currently, we have an option to disable the email authentication, but supplying an email address is *still* always required during sign-up.
Taking my situation regarding a school website, for example:
Duplicate email addresses aren't accepted, so I couldn't just tell the pupils to all use blackhole@ourdomain.com, as each email needs to be unique. I'm going to have to create a subdomain: no-email.ourdomain.com, and tell the pupils to sign-up to the website using name@no-email.ourdomain.com, and try to blackhole any mail based on the subdomain using a cpanel filter.
However, this is messy because:
1) it relies on the pupils following written instructions during sign-up
2) the user contact forms will silently fail when the email is blackholed
3) it would be great for the older children to be able to optionally supply email addresses; for the younger ones not; for drupal to intelligently check that a user has provided an email before trying to use it, and provide a message to users informing them that the intended recipient has not provided an email address.
There is a (currently broken) module which kind-of works around this issue by automating 1).
http://drupal.org/project/localemail
But it doesn't address 2) or 3) and of course, I'd rather see a more complete solution in core!
What do you think?
Cheers.
Steps to reproduce
Proposed resolution
Remaining tasks
Postponed on #2227381: Apply formatters and widgets to User base fields 'name' and 'email'
User interface changes
API changes
Data model changes
Release notes snippet
Comment | File | Size | Author |
---|
Comments
Comment #1
Asif99 CreditAttribution: Asif99 commentedI have created a Drupal 6 module which allow sign-up without a valid email.
As drupal core requires an email, therefore 'null-(rondaom-string)@localhost.com' is automatically generated without displaying and stored into mail field.
Comment #2
-Anti- CreditAttribution: -Anti- commentedSounds nice.
Is this module in the download section of drupal.org?
Comment #3
newbuntu CreditAttribution: newbuntu commentedI got a solution without hacking the core. May be it can be turned into a module if it proves to be useful and there is a demand for it.
This solution is non-intrusive, if your guard condition is not true, it won't affect anything.
Here is how:
Sample code is for 6.x.
However, if you allow empty emails (such as for kids in a family), then some modules may not work as designed if these modules assume each account has a valid email. Well, like they say, you can't have it both ways ;-)
Comment #4
newbuntu CreditAttribution: newbuntu commentedThe above logic takes care of registration email, but it still requires email if you edit your account. So I just whipped up a small module that takes care of both.
The module is very simple. Just enable/disable the module as you need. If anyone tries it, please let me know your feedback. I may submit it as a module. The source code is for 6.x.
Thanks.
Comment #5
Apollo610 CreditAttribution: Apollo610 commentedHi ubuntu,
This works perfectly, thank you for the module, I tried it on 6.6 and it works as advertised... I think this would definitely be helpful, so if you could publish this it would be a help to a great many folk.
If I may offer a quick suggestion - if there any way to add an additional "Security" field during registration with this module, so that users have at least 1 option to be able to recover their password?
Thanks again for this!
Comment #6
Apollo610 CreditAttribution: Apollo610 commentedActually, just to give you a heads up. I just started to heavily use this module and came across a slight error... seems as though it throws a "malformed header from script ... in file index.php" Apache 500 error right after the user submits for registration and the account ID/password are written to the DB. I'm using v6.6 at this moment.
Comment #7
Apollo610 CreditAttribution: Apollo610 commentedI think I found what's happening - Drupal seems to be doing a condition check on the email address field in the users table, and because nothing is there it's bombing out.
I'm going to see if I can alter the email notifications to either manually put in a fake email address or bypass the condition check altogether... just thought I'd update what the actual issue is. It's too bad this isn't a complete module, sounds like people really are clammering for something like what this does.
Comment #8
newbuntu CreditAttribution: newbuntu commentedThis is good information. I figure anywhere that requires email will cause problem. This is one of those places. My hunch is there may be other places.
I didn't encounter this because I hacked the user module that bypassed email notification with my condition.
Comment #9
Apollo610 CreditAttribution: Apollo610 commentedIf you don't mind me asking, how did you do the override for the user registration? That's really the only piece that I have on my site that's going to be using email (other than the global contact form, which is a seperate module and has hardcoded email addresses). Everything else is confined to the site itself...
You ever think of publishing this as a valid module and letting the community help build it out?
Comment #10
newbuntu CreditAttribution: newbuntu commentedNo problem. Here is my hack, for drupal 6, user.module, around line #2349
This may point you to the idea. Your logic should be different based on your application.
I haven't spent enough time to validate that the module covers all corners. I may formally submit it later when I get some more feedback so I can turn it into a robust module. In fact, I believe the same simple principle can be used to build the "shared emails" as well.
Comment #11
Apollo610 CreditAttribution: Apollo610 commentedThanks again ubuntu, that lead me into exactly the area I was looking for. I just commented out
_user_mail_notify('register_no_approval_required', $account);
at line 2349 and this bypasses the email notice being sent out to new users who don't require approval. Error is gone, things are good again. :)Thanks for your help - let me know if you need any testers for this module if you decide to take it any further. I'd be glad to offer my services.
Comment #12
adewinne CreditAttribution: adewinne at Therefore commentedI've backported this module to D5. There are some specific additions to the module for the project I'm working on, but I could strip those out if anyone is interested in it.
Comment #13
-Anti- CreditAttribution: -Anti- commented> However, if you allow empty emails (such as for kids in a family), then some modules may not
> work as designed if these modules assume each account has a valid email. Well, like they say,
> you can't have it both ways ;-)
This is exactly why I put this as a core request. I don't think *any* no-email module could intervene to make all other modules degrade gracefully if they simply assume an email address is present; that kind of function would have to be in core, would it not?
Thanks for your continued work on this.
Comment #14
Apollo610 CreditAttribution: Apollo610 commentedI actually had to circle back on this as I realized that we needed a random email generator since Drupal is also checking for unique emails... so to that end I added a random number generator function that appends the email address... this should do the trick for most sites until something more official is implemented into core. :)
Comment #15
-Anti- CreditAttribution: -Anti- commentedApollo and ubuntu,
Just a head's up to mention that user: ebizondrupalservices has taken over the local-email module in the last few days, with a view to getting a stable, functioning version for D6. No idea if you want to contribute some input into it or not?
http://drupal.org/project/localemail
Anyway, just thought I'd raise awareness of this change.
Thanks for all your work on this so far; I'm reassured to find that this issue also affects others.
Cheers.
Comment #16
Dave Cohen CreditAttribution: Dave Cohen commentedMoved from feature request to bug report because several modules create user accounts without providing email addresses. Later, administrators cannot edit these accounts (i.e. to add a role) because the user edit form insists on having an email address.
Attached patch is for D6 because that's what I happen to be working on. Hoping someone can port the code to D7, if it does not apply...
The attached patch does not alter default drupal behavior in any way at all. However with the attached patch, a third-party module can simply remove the #required from the mail field (via hook_form_alter) and everything will work as expected. I understand the workarounds above accomplish the same result, but really it should not require so much effort. let's fix core!
Comment #17
moshe weitzman CreditAttribution: moshe weitzman commentedrerolled for 7. code and functionality look good. i would rtbc this but the bot must approve first.
Comment #19
-Anti- CreditAttribution: -Anti- commentedThank you for also working on this as a core issue for D6. I didn't expect that!
> However with the attached patch, a third-party module can simply remove the
> #required from the mail field (via hook_form_alter) and everything will work as expected.
So if personal contact forms are enabled, some users have supplied an email, and some
haven't, what would happen if:
· a user without email tried to use the contact module to send an email to a user with email?
· a user with email tried to use the contact module to send an email to a user without email?
Would there be a message saying the contact form can't be used?
How gracefully would your solution degrade for modules which assume an email address is supplied?
Thank you to everyone who is working on this.
I really didn't expect this request to get any response at all.
Comment #20
moshe weitzman CreditAttribution: moshe weitzman commentedThat would also have to be handled by the module that removes the #required. Core is just trying to get out of the way, not actually fully handle the no email case.
I can't tell what test failed. :(
Comment #21
Dave Cohen CreditAttribution: Dave Cohen commentedWhat Moshe said. If the contact module fails when a user has no mail address, thats a separate bug in the contact module.
I too cannot tell what test failed. let's try the same patch again.
Comment #23
-Anti- CreditAttribution: -Anti- commented> If the contact module fails when a user has no mail address, that's a separate bug in the contact module
Maybe I don't understand the cut-throat world of php, but isn't that kind-of harsh? There are probably many dozens of modules out there which assume each user has supplied an email address, and so do not check for a null string when pulling addresses from the database, simply because they've never HAD to check.
Doesn't that mean that any module which utilises your user_validate_mail function will have a long list of incompatibilities, including the core's own contact module?
Also, can I ask if this implementation is an 'all or nothing' approach? In other words, either no-one supplies an email or everyone supplies an email?
Cheers.
Comment #24
Dave Cohen CreditAttribution: Dave Cohen commentedI don't intend to be cut-throat. It's just that if we tried to address every module which might have a problem, we'd never get this change checked in. I remember this coming up in Drupal 5 and probably previous versions. Its not easy to get any change into core, but the smaller the patch the more likely to be checked in, I think.
Its true that contact is in core, and it would be great if all of core did not assume every user has an email. But we have to start somewhere, and I believe this patch is a logical start. And I can guarantee this patch will not break the contact module, because this patch changes nothing. It's this patch in conjunction with a custom module which removes the #required, only that combo changes behavior. And if my site with my custom module cannot use the contact module, then I'll either live with that or submit a separate patch to contact.
...or you can augment the above patch with changes to contact and we'll review them. But keep in mind there are third party modules already creating users without email addresses. If contact fails in that case, then it's already failing on those sites. All I'm personally trying to accomplish here is that as a user administrator I can use the account edit form. That's why I see contact or any other module as separate.
P.S. I still cant determine why the patch failed.
Comment #25
-Anti- CreditAttribution: -Anti- commentedOK, that all makes sense. Thanks for the clarification.
Sometimes it's hard for non-coders to see why a certain approach is taken.
Cheers.
Sorry I can't help you troubleshoot the patch.
Comment #27
Dave Cohen CreditAttribution: Dave Cohen commentedLooks like there is a test specifically to test the email validation when email is blank. I think we need to patch the test, too.
Comment #28
fmueller CreditAttribution: fmueller commented@ comment #4
The patch uses
$form['mail']['#required'] = false;
in the form "user_register". This does not always work since there are situations in which$form['account']['mail']['#required'] = false;
must be used. An example for such a situation is when you have multiple sections at admin/user/user/create. For example once section for your "Account information" and another one for "Language settings". So I guess that the patch does not work for a lot of users.Comment #29
ratinakage CreditAttribution: ratinakage commentedEasy to fix in Drupal 6.16!
Simply delete the following line from user.module:
_user_mail_notify('register_no_approval_required', $account);
(line 2374)... and of course configure your system not to require user email confirmation.
Comment #30
andypost.
Comment #31
sbefort CreditAttribution: sbefort commented@Asif99
Have you shared this module? Where is it? Thanks.
Comment #33
andypostuser's mail is tightly involved in registration and notification so all previous patches are wrong.
suppose this mostly related to pluggable auth and mail handlers in upcoming initiatives
Comment #34
johnbarclay CreditAttribution: johnbarclay commentedI believe a good patch for drupal 8 would:
- have a switch for generally disabling and hiding email address in the user account.
This would avoid every external authentication and profile module from doing the same hiding and form altering on the user edit form. A hook_user_email_instantiated() could be used to communicate if an individual account's email field is in use or not. This would be be ideal for mixed authentication scenarios.
As the previous discussion clarified, there is just no way to predict all the uses the email field has and alter all the forms involved.
Comment #35
Dave Cohen CreditAttribution: Dave Cohen commentedFYI there's a really similar issue, originally posted against Drupal 5.x, now against 7.x. #189544: Allow administrator to edit account without email address (regression: accounts can be created without email addresses also)
Comment #36
drtrueblue CreditAttribution: drtrueblue commentedHas there been any stable solution recently for D7?
Comment #37
debra-v CreditAttribution: debra-v commentedApollo610 had a great start with his mini module. Unfortunately, there were some items that needed to be corrected.
First, rather than replace the original validation in the form_alter function, doing this makes more sense...
array_unshift($form['#validate'], 'my_user_email_validate');
The custom email validation has to come first in the validation lineup in order to work, otherwise the standard validation is called first and the validation will always fail. Also, then there is no need to explicitly call the native validation function as its still in the validation array
Rather than a random number generator for the emails, personally I prefer using a timestamp from
time()
.Finally, it's not enough to change the value of the email in $form_state['values']['mail']. I was able to make this work by first changing the value of
$form['account']['mail']['#value'].
Otherwise, that little module was a big help in getting this working in my project. Thank you Apollo610!!
Comment #38
sadanand kenganal CreditAttribution: sadanand kenganal commentedHello Guys,
This module is very simple.
It makes email field nonmandatory on registration and profile updation.
Check out. If any correction, let me know.
Comment #39
andypostComment #40
sadanand kenganal CreditAttribution: sadanand kenganal commented17: mail.patch queued for re-testing.
Comment #42
jyotisankar CreditAttribution: jyotisankar commentedFrom comment 21, for code "elseif (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {", it is not available in drupal7 and drupal8. There is a different style of writing/executing code in drupal7. Made the changes for drupal6.
Comment #43
andypostDo not change the branch
Comment #44
andypostComment #45
jyotisankar CreditAttribution: jyotisankar commentedwith no change in the branch.
Comment #46
andypost@jyotisankar first the issue should be fixed in 8.x
Also the issue looks a duplicate of related
Comment #47
andypostComment #51
cilefen CreditAttribution: cilefen commentedComment #52
andypostlooks this will go in 8.1
Comment #54
andypostComment #56
m0ray79 CreditAttribution: m0ray79 commentedI started some work in this direction. Please check it out and suggest improvements.
Module: Simplified Registration (sandbox)
Comment #59
jonathanshawIt's a valid feature, but what's the argument for this being core not contrib? If there isn't one, we can "won't fix" this issue.
Comment #63
sandeep_jangra CreditAttribution: sandeep_jangra commentedDRUPAL 8 : If you want to make email field as optional for anonymous user, you just need to do add your custom validation for user registeration form :
For Ref. :
/**
* Implements hook_form_alter().
*/
function YOUR_MODULE_form_alter(&$form, FormStateInterface $form_state, $form_id) {
if($form_id == 'user_register_form'){
$form['#validate']=[];
$form['#validate'][] = 'YOUR_MODULE_custom_user_validation';
}
}
/**
* Implements YOUR_MODULE_custom_user_validation().
*/
function YOUR_MODULE_custom_user_validation(&$form, FormStateInterface $form_state) {
$form_state->setTemporaryValue('entity_validated', TRUE);
}
Using above code in your own module you will be able to register an account without using email id.
Comment #64
jonathanshawI suggest we don't fix this in core: it can be solved well in contrib and the lack of recent engagement suggests it's a less common need.
Comment #65
andypostIt is not solved for core at all, contrib is here to get common ground and fix it in core
All patches are for 7.x and here 27 people following
Comment #70
andypostComment #73
geek-merlinSearch engine carried me here.
With the hopefully upcoming rise of WebAuthn this need is likely to increase.
SO +1 for keeping this open.
Comment #74
quietone CreditAttribution: quietone at PreviousNext commentedDuring a BugSmash group triage meeting with darvanen, lendude and myself we triaged #2600158: User email requirement is inconsistent and found it to be a duplicate of this issue. The lendude pointed out that the likely 'root fix' is #2227381: Apply formatters and widgets to User base fields 'name' and 'email'. We all agreed that this issue should be postponed on #2227381: Apply formatters and widgets to User base fields 'name' and 'email'.
Comment #77
dwwAlso here via search, also building a site involving user accounts for people of all ages, including very young, for whom an email address is inappropriate. It'd be great if this wasn't necessarily a required property/base field.
I understand the desire to "solve" this via #2227381: Apply formatters and widgets to User base fields 'name' and 'email', however, the required bit is not something that can be controlled via widget nor formatter. That's a property of the field/basefield/property itself. Even if we were using regular field widgets for these things, how would we be able to control if this is required or not?
Can't this proceed as a parallel effort? Don't we need something other than widgets or formatters to both let site builders control if this property is required, and teach the rest of core / contrib that email isn't necessarily always available?