Thank you all for trying to help!
But I still think, either we are completely talking past one another, or my installation is buggy?
Once again:
1. A user registers, and gets a confirmation mail with a link he has to click on, in order for his account to be confirmed. Until this link is clicked in the backend it looks as follows (not enabled, not activated):The link looks like that https://mydomain.tld/become-am-member?t ... 9e97ccd73a and after clicking an automated Joomla message opens on the website, saying that the profile has been confirmed and soon somebody (the admin) will activate it (the user will then receive another system mail after activation, confirming this).
The status of the user in the backend is after clicking the confirmation link, still the same as on the screenshot above - so it is not really visible if he has confirmed his account or not by now.
2. After the user clicks on that confirmation link, the admin will receive an email with the info that a new user has been registered and can be activated - this happens again with an activation link on that email (or manually in the backend if the admin knows what user has confirmed his account - which he will if reading the confirmation mail).
3. But (and this is my question!): What if the admin never receives that mail, or accidentally deletes it or whatever? How can he find out in the backend, what newly registered users have "confirmed" their account, so that he can safely activate them?
4. If not possible, then what is the purpose of this "confirmation" at all? If an admin activates a maybe fake (because not confirmed) profile, what could somebody malevolent do with access to the system?
All best,
D.
But I still think, either we are completely talking past one another, or my installation is buggy?
Once again:
1. A user registers, and gets a confirmation mail with a link he has to click on, in order for his account to be confirmed. Until this link is clicked in the backend it looks as follows (not enabled, not activated):The link looks like that https://mydomain.tld/become-am-member?t ... 9e97ccd73a and after clicking an automated Joomla message opens on the website, saying that the profile has been confirmed and soon somebody (the admin) will activate it (the user will then receive another system mail after activation, confirming this).
The status of the user in the backend is after clicking the confirmation link, still the same as on the screenshot above - so it is not really visible if he has confirmed his account or not by now.
2. After the user clicks on that confirmation link, the admin will receive an email with the info that a new user has been registered and can be activated - this happens again with an activation link on that email (or manually in the backend if the admin knows what user has confirmed his account - which he will if reading the confirmation mail).
3. But (and this is my question!): What if the admin never receives that mail, or accidentally deletes it or whatever? How can he find out in the backend, what newly registered users have "confirmed" their account, so that he can safely activate them?
4. If not possible, then what is the purpose of this "confirmation" at all? If an admin activates a maybe fake (because not confirmed) profile, what could somebody malevolent do with access to the system?
All best,
D.
Statistics: Posted by deeno — Thu Jul 18, 2024 11:12 am