Users Configuration settings determine whether visitors to your web site can register themselves, whether an activation link will be sent for e-mail verification, what the default user group for a new user should be, and so on. The Users Configuration page shows the fields shown in Figure 10-28.
Set the Allow User Registration option to Yes if you want to enable a visitor to your web site to create an account. If this option is enabled, you’ll see a Create an Account link in the Login module, as shown in Figure 10-29. If you set this field to No, the Create an Account link disappears; no visitor can create an account from the front end, and only existing users can log in and access the member areas of the web site. The administrator can still create new users from the back end.
When the Create an Account link is clicked, a User Registration form appears (see Figure 10-30) in which visitors can enter their information. All the fields marked with an asterisk (*) must be filled in; otherwise, an error will occur, and the visitor will be asked to provide the missing information.
Via the New User Registration Group drop-down list, you can select any of the predefined user groups shown in Figure 10-31 to define the default group for newly created accounts. (Refer to Chapter 5 for the rights and limitations of each user group).
To validate the e-mail address provided by a visitor when creating an account, an activation link is sent to the e-mail address specified, and the account will not be created until the visitor accesses the account and clicks the activation link. The activation link is sent to the e-mail address of a newly created account only if the New User Account Activation option is set to Self.
For example, suppose that this option is enabled, and user Rahul creates an account. After filling in the desired information in the User Registration form, when Rahul clicks the Register button, he will see a message (see Figure 10-32) saying that the account has been created, and an activation link has been sent to the specified e-mail address. He will have to click the activation link to activate the account.
After accessing this e-mail, the visitor will find a message sent by the owner of the web site. In the example shown in Figure 10-27, the name of the owner of the Joomla web site (where the account was created) is bintu, and the Joomla web site name is bmharwani.net.Rahul will receive an e-mail with the subject “Account Details for Rahul at bmharwani.net.” After he opens the e-mail message, Rahul will see a message that consists of a Thank You message for creating an account and an activation link to be clicked to activate the account. In addition, it displays the username and password to be used for logging into the web site in the future.
When the activation link is clicked, the user’s account is activated, and an Activation Complete! message appears. The message also says that the user can now log in using the username and password supplied at the time of registration.
In the Users Configuration page, if the value of the New User Account Activation field is set to None, no activation link will be sent to the visitor’s e-mail address; instead, the account will be directly activated.
To understand this better, let’s set this field to No and click the Create an Account link from the Login module to create a new account. Assuming that the name of the user is Peter David, fill in the registration information as shown in Figure 10-33.
After the registration information is complete and the Register button is clicked, the message You May Now Log in Using the Username and Password You Registered With appears, as shown in Figure 10-34.
The Front-end User Parameters option provides the user with the flexibility to edit the information specified during account creation from the front end. A user who successfully logs into the system sees an Edit Your Profile page (see Figure 10-35) that enables the user to see and edit the user information. Only if the value of this field is Yes will the user be able to edit the information. In addition to being able to edit
personal information, the user can choose the type of editor (if the user is a member of the Author group or higher), the local time zone, the front-end language, and so on.
1. Configuring Media Manager
Media in a web site include images, banners, videos, songs, and so on. In Joomla, the media is managed via the Media Manager. You can configure Media Manager through Global Configuration. Open the Global Configuration page and from the list of components displayed on the left side, select the Media Manager component to open the Media Manager Options page.
The Media Manager Options page is used for setting certain checks on the files being uploaded to your web site. The idea is to upload only legal and verified files. The allowable file types and file sizes for uploads are set in Global Configuration, which you can access by clicking the Options button found in the toolbar. The options in the Media Manager Options page are shown in Figure 10-36 and explained following.
The Legal Extensions (File Types) field contains the list of file types that users are allowed to upload. By default, Joomla allows the following basic image and document files: BMP, CSV, DOC, EPG, GIF, ICO, JPG, ODG, ODP, ODS, ODT, PDF, PNG, PPT, SWF, TXT, XCF, and XLS. You can edit this list to suit your needs.
The Maximum Size (in MB) field contains the maximum file size that users are allowed to upload. The default setting is 10MB. You can edit it according to your requirements.
In the Path to Images Folder field, you specify the path to the directory in which images are to be stored. The default is <Joomla! home>/images, but you can create a new folder to store your images and specify its path in this field to use it with the Media Manager. The images folder is used by Joomla, so you should not delete or rename this folder.
The Restrict Uploads option is used for restricting uploads to the server. If you set this to Yes, only authorized users will be able to upload documents or images to the web site. The default value of this option is Yes.
The Check MIME Types option is used for ensuring that the MIME files uploaded to your web site are valid. Valid MIME types include GIF, JPEG, PNG, and most other file types that support audio, video, and graphics. Recall that MIME files make it possible to include graphics, audio, and video to be sent over the Internet. To verify files, MIME Magic or File info is used. If the value of this field is set to Yes (the default), users will be restricted from uploading malicious files onto the web site. MIME Magic and File info contain vast databases of file extensions with detailed information about the associated file types. The file extensions of all three platforms are included in the database: Macintosh, Windows, and Linux. Each entry in the database contains information about the file format, a description of the file, and the program that opens the file. If the user tries to upload a file with an unknown file extension (i.e., one that doesn’t exist in the MIME Magic or File info databases), an error will occur, and the file will not be uploaded.
The Legal Image Extensions (File Types) field allows you to specify the types of images that can be uploaded to your Joomla web site. It operates by checking the file image headers. By default, Joomla allows only images of type BMP, GIF, JPG, and PNG. For example, if you want to upload an image file with the extension .tiff, it will not be uploaded unless tiff is entered in this field.
The Ignored Extensions field is used for specifying the extensions that are to be ignored for MIME type checking. By default, this field is blank to indicate that no extensions are ignored, but you can always add an extension that you want to be uploaded without any checking.
The Legal MIME Types field contains the list of legal MIME types, making them valid for uploading. By default, Joomla automatically includes certain standard file types, including image/jpeg, image/gif, image/png, image/bmp, application/x-shockwave-flash, application/msword, application/excel, application/pdf, application/powerpoint, text/plain, and application/x-zip. You can edit this list to suit your requirements.
In the Illegal MIME Types field, you specify the list of illegal MIME types so that these types won’t be uploaded. By default, Joomla automatically blocks text/HTML types.
Source: Harwani B M (2015), Foundations of Joomla!, Apress; 2nd ed edition