Allow for shared email addresses [#313225]

Some sites attract families who share an email address. Some companies have groups of workers who share a role and need a common meail address. Allow for a shared email address.

The right way would be a hook_meail_verification to let modules replace the email verification in module user. The second way is the quick modification I show in the following code. This example mod simply allows duplicate email addresses if set in the admin interface.

A preferred option would be to pass the verification to en external module through a hook. The same module would need to process the verification email and the password replacement email so that the process can allow for people with no email address who use alternative communications. The idea is discussed in http://drupal.org/node/15578. I suggest a tasty alternative communications media in http://drupal.org/node/15578#comment-1026668. SMS is another alternative to hook in through a module.

user_admin.inc function user_admin_settings() gets an extra setting:

function user_admin_settings() {
  // User registration settings.
  $form['registration'] = array('#type' => 'fieldset', '#title' => t('User registration settings'));
  $form['registration']['user_register'] = array('#type' => 'radios', '#title' => t('Public registrations'), '#default_value' => variable_get('user_register', 1), '#options' => array(t('Only site administrators can create new user accounts.'), t('Visitors can create accounts and no administrator approval is required.'), t('Visitors can create accounts but administrator approval is required.')));
  $form['registration']['user_email_verification'] = array('#type' => 'checkbox', '#title' => t('Require e-mail verification when a visitor creates an account'), '#default_value' => variable_get('user_email_verification', TRUE), '#description' => t('If this box is checked, new users will be required to validate their e-mail address prior to logging into the site, and will be assigned a system-generated password. With it unchecked, users will be logged in immediately upon registering, and may select their own passwords during registration.'));
/*
20080917 PeterMoulding.com Allow duplicate email addresses so families can share email addresses.
*/
	$form['registration']['user_email_duplication'] = array('#type' => 'checkbox',
		'#title' => t('Allow duplicate e-mail addresses when a visitor creates an account'),
		'#default_value' => variable_get('user_email_duplication', false),
		'#description' => t('If this box is checked, new users will be allowed to use e-mail addresses already registered in the database.'));
  
  $form['registration']['user_registration_help'] = array('#type' => 'textarea', '#title' => t('User registration guidelines'), '#default_value' => variable_get('user_registration_help', ''), '#description' => t('This text is displayed at the top of the user registration form and is useful for helping or instructing your users.'));

  // User e-mail settings.

user.module function _user_edit_validate() checks the setting then drops a test if true:

function _user_edit_validate($uid, &$edit) {
  $user = user_load(array('uid' => $uid));
  // Validate the username:
  if (user_access('change own username') || user_access('administer users') || !$user->uid) {
    if ($error = user_validate_name($edit['name'])) {
      form_set_error('name', $error);
    }
    else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(name) = LOWER('%s')", $uid, $edit['name'])) > 0) {
      form_set_error('name', t('The name %name is already taken.', array('%name' => $edit['name'])));
    }
    else if (drupal_is_denied('user', $edit['name'])) {
      form_set_error('name', t('The name %name has been denied access.', array('%name' => $edit['name'])));
    }
  }

  // Validate the e-mail address:
  if ($error = user_validate_mail($edit['mail'])) {
    form_set_error('mail', $error);
  }
/*
20080917 PeterMoulding.com Allow duplicate email addresses so families can share email addresses.
  else if (db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0) {
    form_set_error('mail', t('The e-mail address %email is already registered. <a href="@password">Have you forgotten your password?</a>', array('%email' => $edit['mail'], '@password' => url('user/password'))));
  }
*/
	else if (!variable_get('user_email_duplication', false)
	and db_result(db_query("SELECT COUNT(*) FROM {users} WHERE uid != %d AND LOWER(mail) = LOWER('%s')", $uid, $edit['mail'])) > 0)
		{
		form_set_error('mail', t('The e-mail address %email is already registered. <a href="@password">Have you forgotten your password?</a>',
			array('%email' => $edit['mail'], '@password' => url('user/password'))));
		}

  else if (drupal_is_denied('mail', $edit['mail'])) {
    form_set_error('mail', t('The e-mail address %email has been denied access.', array('%email' => $edit['mail'])));
  }
}

Comments

Comment #1

-Anti- commented 25 September 2008 at 18:31

I would also like to see an option for NO compulsory registration email.
ie. an option which allows the registration email address to be left blank.

This would be extremely useful for school websites, where students are too young to safely have email addresses, or where some students do not wish the school to have a record of their personal email address. I'm sure it would be useful for many thousands of club/clan websites, and organisation intranets.

Along with this, drupal would have to gracefully manage current modules which simply assume that all users have an email address, and will crash or behave weirdly if they retrieve a null email address from the database.

Also, in a related thread, a big deal was made of not having a method of 'password reset' if no email was supplied. My answer to that is 'forget it'. If an admin turns off compulsory email registration, it means that they are running a website for a closed club or organisation (ie. you wouldn't turn off email registration without having another method of communication in place). If someone wants a password reset, they can just contact the admin through the normal means of 'club communication', whatever that may be. In other words, don't make this complicated, just switch off the damn compulsory email. If someone wants to develop something better for D7 or D8 (like security questions) then go ahead, but for D6 just switch the damn thing off please.

Also remember that email is a crap 1970's protocol that is not appropriate for the modern usage. It is on its way out, to be replaced by more secure and useful means of communication, and drupal should embrace that change. In fact the only thing I use email for these days is to sign up to stupid websites which still require email registration for no other reason than 'password reset'. Ludicrous! Come on drupal - break the mould.

Comment #2

maartenvg commented 5 October 2008 at 21:24

Version:

6.4

» 7.x-dev

New features go in HEAD.

Comment #3

SeedTreeLLC commented 17 November 2008 at 05:00

How do we get this in Drupal 6? Is there a module in development? This would help with family sites and school sites. Thank you for posting about it.

Comment #4

SeedTreeLLC commented 17 November 2008 at 05:42

Unless this is an school intranet, I would still want to require a parent/guardian email. This would verify the parents permission for the child to use the site. I would never want my child to create an online account without my approval. I guess you could do it the old fashion way of hard cc permission slips, but why.

I would allow the email option to be setup per role. So role:parent required, role:spouse shared, kids: none.

Just a thought.

Comment #5

peterx commented 17 November 2008 at 07:07

I would still want to require a parent/guardian email.

Drupal gives you workflow options and Drupal 6 gives you actions. When you switch off the compulsory email, you should be able to set up workflow actions to require some other control or cross check. I do not need workflow or actions for my site so have not looked at how that might fit together. Perhaps you could read up on workflow and actions then start a forum topic on putting them together when the compulsory email is switched off.

Comment #6

aufumy commented 6 December 2008 at 02:26

Version:	7.x-dev	» 6.x-dev
Status:	Active	» Closed (fixed)

There is a sharedemail module available for 6x at http://drupal.org/project/sharedemail

Please fill out issues and patches under than module.

Thanks
Audrey

Allow for shared email addresses

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

News items

Our community

Documentation

Drupal code base

Governance of community