I'm so close to understanding how to do this. Please help me understand.

I have members/users who register by filling out a form and then are added to a group. Works great.

I need to set a field in the user/member's record that is set to disabled and they are not able to login until I manually set them to enabled.

So, I figured out I will need to 'extend' the member object to add a field called loginstatus to each members profile/record.

Then I need to be able to check this status if they user tries to login and give them a msg that says you are currently disabled or we are reviewing you account...

This is where I'm stuck. I get the concept. I don't know how to implement specifically.

I think I need to create a newuserstatus.php file and extend the member object with a new field called 'LoginStatus'

then I need to say class LoginStatus extends DataObjectDecorator and then

update the CMSFields to reflect the new LoginStatus field. (I'm starting to get confused and don't know how to write this out properly)

I don't know how to get the login to check to see if the user is enabled or disabled and act appropiately.

I feel so close to getting this (somewhat) but my brain gets twisted and I loose my way.

Can you help me understand how to do this?

Thank you in advance.

Terry

Are you using a standard SS login form for the members or your own? I would simply make another field on the member table and set them to allowed by default. Then when you want to ban / restrict someone set it to disallowed. and check it on every login.

Say what? It can't be that simple.

I'm actually using a newly created RegistrationForm.php and adding the person to a group. So I can add a field called status and set to disabled, then check when they login if the field is enabled or disabled.

This would be very simple. When I look at the security section and under the group, I only see First Name, Surname, Email, Password. Even though I collect on the registration form several other fields, I"m not sure where those get stored or how to retrieve them.

Thoughts?

Terry

I may be interested in doing something like this in the future, so you have peeked my interest. It should be that simple. If you click the edit button on a user in the security tab you should get a pop up that shows all the member fields.

Have you implemented something like this before based on the question I was asking?

Terry

Not in silverstripe. But generally all member databases check some type of database value to make sure the user is still allowed to access the site. This just seemed the logical way to do it here as well.

Now if you are using the generic SS login you would probably need to extend it to check this value on every login, I'm not exactly sure how you would do that. I haven't really gone into the member login form that far.

Implementing this is a 2 step process

- Decorate the Member object as you have said with a DataObjectDecorator. You can pick a good name for this I usually call it 'MySiteMember' Where mysite is the name of the site of course (It doesn't make a difference really) with the following code http://www.pastie.org/471956

- Then you need to subclass login form to check this data. See http://doc.silverstripe.com/doku.php?id=recipes:overriding-loginform

willr,

I'm so glad you replied. Thank you.

So, I decorator (or extend) the member (which I did and added the other fields I'm tracking such as address) , then I do the customerloginform (which I did).

In the customloginform I'm going to simply check to see if the member's account is enabled like this:

if ($member->AccountEnabled) then proceed, if not redirect to badloginurl.

Am I going to put both of the steps in one file (CustomLoginForm.php) or seperate? Or, is the decorating (extending) need to only be executed once and then the db rebuild?

Thank you again for helping me on this...

Terry