Opened 10 years ago
Closed 7 years ago
#5775 closed enhancement (maybelater)
Registration: email, password strength, username JS validation
Reported by: | SGr33n | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | |
Component: | Registration | Keywords: | needs-refresh, good-first-bug, trac-tidy-2018 |
Cc: |
Description
Hi,
May I provide patch and files to implement the real time email validation and the WP built-in password strength meter on the registration page?
Maybe then also the real time username availibility.
Attachments (4)
Change History (25)
#1
@
10 years ago
- Keywords needs-patch added
- Milestone changed from Awaiting Review to Future Release
- Summary changed from Registration page enhancement to Registration: email, password strength, username JS validation
#2
@
10 years ago
Sure :)
So I will work on the password meter and the email validation (well formed). Then maybe we can speak about the other two things, in order to know if they can be made.
#3
@
10 years ago
- Keywords has-patch added; needs-patch removed
This is for the password strength meter on the registration page... an explaination:
I created a new function on the buddypress-functions.php that will enqueue scripts just on register page, it may be also expanded in the future to load scripts on other BP pages.
Infact I created the register.js that loads only on the registration page, not to weigh the buddypress.js with functions only used on one single page. I also thought if it was appropriate to create a separate file for the css, but I opted not to create it because in buddypress.css there were already lines about the registration page and because, eventually, the css could be reused later on the settings page.
#4
@
10 years ago
5775.patch moves the patch out of the zip into a standalone file for easier review.
#5
@
10 years ago
- Keywords needs-refresh added; has-patch removed
Basic approach seems OK to me. Loading a separate 'register.js' is OK, though I wonder if we might do this based on functionality (password-verify.js) rather than based on the current page (register.js). This would mirror WP's organization better, and would make it more modular for use on, eg, the settings page.
I'm not sure I see the need for a separate enqueue_bp_pages_scripts()
method. I think this logic can go into the enqueue_scripts()
method. In that method, you should be able to use bp_is_register_page()
rather than checking the settings directly.
JS could use some formatting cleanup. And I'd say that the checkPassStrength() function can probably go inside the function( $ )
scope, since it requires jQuery. As an aside: I haven't looked, but does WP not have a standalone function that we could use for this purpose?
#6
@
10 years ago
Thanks :)
1) I will move it inside enqueue_scripts();
2) Will be done;
3) wp-admin/js/user-profile.js checks different field ids.
#7
@
10 years ago
- Keywords has-patch added
Sorry again for the zip file :P
Made modifications according to your requests. The password-verify.js is now more similar to wp-admin/js/user-profile.js
Also enqueue .min version of the js file if not defined('SCRIPT_DEBUG').
#8
@
10 years ago
Thanks for this, SGr33n. I'm going to make some modifications so that it can be used for the Settings page as well.
Sorry again for the zip file :P
How are you generating them? There must be a setting that allows you to include the new file in the patch.
#10
@
10 years ago
Well! :)
I'm generating them via linux command
svn diff > name.patch
Now, about the email validation (not availability), is it better to act like the WP user-profile.js, renaming password-verify.js in bp-user-profile.js and putting in this all form validations ( email, username min length) or creating a new one?
#12
@
10 years ago
SGr33n - Try running svn add src/bp-templates/bp-legacy/buddypress/js/whatever.js
before generating the patch.
I'd put email validation stuff into its own file, so it's more reusable. BuddyPress should be aiming for more separate files, not fewer; we should have a grunt routine or something like that to combine them if we think that it's valuable to do so.
#13
@
10 years ago
Perfect, thanks :) I'll try your command, I found a command that was not really working.
#14
@
10 years ago
The command worked, so... no zip file :P
In buddypress-function.php I added a whole new condition, since that I don't know how they will be merged. Then I added the new class email-field, like you made for the pass strength meter, both on registration and on settings page.
Then I also added the required attribute for required input fields on the registration page, this will automatically validate required fields.
#15
follow-up:
↓ 16
@
10 years ago
I guess all these new checks are OK but if we don't enforce a minimum complexity, they sound kinda pointless.
#16
in reply to:
↑ 15
@
10 years ago
Replying to DJPaul:
I guess all these new checks are OK but if we don't enforce a minimum complexity, they sound kinda pointless.
You really think so? AFAIK, WP also doesn't enforce password complexity. The idea behind the client-side check is that it prods the user psychologically into using better passwords. I don't have any data to back it up, but I'd assume that this has a measurable effect on behavior.
#17
@
10 years ago
I'm just realizing that the second part, the email address validation, could be useless Since that new HTML 5 input type=email should automatically check for a valid email address.
#20
@
7 years ago
- Keywords trac-tidy-2018 added
We're closing this ticket because it has not received any contribution or comments for at least two years. We have decided that it is better to close tickets that are good ideas, which have not gotten (or are unlikely to get) contributions, rather than keep things open indefinitely. This will help us share a more realistic roadmap for BuddyPress with you.
Everyone very much appreciates the time and effort that you spent sharing your idea with us. On behalf of the entire BuddyPress team, thank you.
If you feel strongly that this enhancement should still be added to BuddyPress, and you are able to contribute effort towards it, we encourage you to re-open the ticket, or start a discussion about it in our Slack channel. Please consider that time has proven that good ideas without contributions do not get built.
For more information, see https://bpdevel.wordpress.com/2018/01/21/our-awaiting-contributions-milestone-contains/
or find us on Slack, in the #buddypress channel: https://make.wordpress.org/chat/
Password meter, yes.
By "email validation" do you mean JS checks to see whether your email address is well-formed? If so, yes, please patch it up. If not, please clarify.
Username availability is a whole other can of worms. AJAX calls from non-logged-in users can open the door for performance issues (especially given the spambots that hit registration pages). And it raises the possibility of privacy issues.
If you plan to patch these, please do it in separate patches so they can be reviewed separately. Thanks!