Registration with admin review and all notifications
When a new user fills in the registration form they will see the
strength of their password, along with additional email address
and password fields to ensure they are filled in correctly.
Upon submitting the form, the user will have their data presented
to them for review, just in case they want to change something.
If the user submits again, the data is then stored in the database
with a temporary usergroup. Any uploaded pictures are stored in a
temporary folder until the user is activated.
The user is then sent an email with a link to verify their email address.
The website administrator also receives an email to notify them that
a new user has registered.
Once the user has verified their email address, the admin will be sent
another notification, but this time containing an activation link.
If the admin decides to accept the new user, they can click the link
which will then update the database and set a regular usergroup for
that user's account. One final email notification is sent to the user
to inform them that their account is now active.
The new user will be able to log in and see all the pages and content
that their usergroup permits!
Features
Simple frontend user registration
uses extbase and fluid
admin review optional
email notification to users after each step
email notification to admin after each step
password strength indicator without javascript library
localisation support by static info tables
daylight saving support
respect AGB checkbox included
Captcha integration
email as username supported
required fields validator and some more validators out of the box
edit profile
change password
change frontend view for every form and registration step
english and german localisation included
mechanism to avoid profile images as file transfer by encrypted
filenames and storage in temporary folders
saltedpassword encryption (if activated) or sha1- and md5 encryption
support
configuration by TypoScript – customize to your needs
Screenshots
Users manual
Here you get information on how to use the content element
Changing sorting of fields
To change the order of fields its not necessary to edit the html template. It
could be either done via TypoScript (which needs administrativ rights) or by
the editor alone.
For an editor its as easy as selecting the fields in the plugin and then order
them in the field selection. The screenshot below shows the select field.
Screenshots
Administration
install the extension with composer
shell
composer req evoweb/sf-register
Copied!
install a compatible captcha extension of your choice
shell
composer req evoweb/recaptcha
// or
composer req sjbr/sr-freecap
Copied!
install static-info-tables
shell
composer req sjbr/static-info-tables
Copied!
include the static template, since TYPO3 13 its possible to use one of the two
available SiteSets instead.
create a sysfolder to store the user data
create two fe_usergroups inside this sysfolder
use the Constants Editor to configure the extension. If you use a SiteSet
instead of TypoScript static template, you need to use 'Site Management >
Settings' instead
create a page for register, insert a "Registration: Create user" content element
record storage must include the sysfolder with your user data
create a page to edit the profile, insert a "Registration: Edit user" content element
limit the access to the usergroup the user gets after activation
record storage must include the sysfolder with your user data
create a page to change the password, insert a "Registration: Change password" content element
limit the access to the usergroup the user gets after activation
record storage must include the sysfolder with your user data
You have to write a captcha adapter for this purpose. You find the
adapters here in vendor/evoweb/sf-register/Classes/Services/Captcha.
Your class should extend
\Evoweb\SfRegister\Services\Captcha\AbstractAdapter.
The functions render() and isValid() are required for the adapter to work.
Write own validators
You can write your own validator. Validators are stored in
vendor/evoweb/sf-register/Classes/Domain/Validator extends class
\TYPO3\CMS\Extbase\Validation\Validator\AbstractValidator
and require the function isValid().
Validators are a mechanism to ensure that all information given by the user
meet your expectation as an admin. Either if the values make sense in terms
of format like emails oder in required information value like age verification.
If values need to be enforce your should use the RequiredValidator because
this validator does not only check if the value of the configured field is
filled but it also serves as a signal for the Required Partial to render the
corresponding flag.
All validators are optional, could be set single or may be even assigned multiple
times to a field. Despite the concept of extbase you are free to choose how many
validators should take care of a value.
Changes since version 9.0.0
Since version 9 validators are only used for selected fields, it's not necessary
to remove validation configuration only because certain fields should not be
present in the form.
The name needs to be quoted followed with a comma if options are following. Then
the options with an equal sign and json notated properties and values.
Different possibilities of assigning validators
In case you want to have no validation at all for a field was was configured
by default as required you need to empty the associated validators. Look at the
example given where the validators of the email gets removed.
Regarding validator it's possible to have values attached to the assigned one.
This is beneficial if you want to check against conditions that are not equal
in different cases. One point where this is shown best with is the length of
passwords. One would like to keep it simple as possible because the loss would
be nearly not existing while another would prefer the passwords stronger than
for Fort Knox.
In total you have five possible combination of validator assignments for each
field that you use in your form. You have none, one and multiple validators.
And in case of a validator present you can add options too override the default
that is set in the validator.
Separate validators per process
Each process has its own needs. While you want to have the username validated on
creation, this is not needed in the edit or password change form. This could
be achieved by separating the TypoScript settings in different conditions per
page. But this is mostly inconvenient as you don't see what settings is met until
the condition. Because of this the validation settings are split for any process.
The UserValidator is not meant to be used for field validation. This validator
is a special construct to make the configuration via TypoScript possible. All
others are free to combine. If a validator is only suited for a certain field
it will be mentioned in the detail configuration.
Custom validators
You can use your own validators. Just code your validator and make it available
for auto loading (either in an extbase standard path or via ext_autoload.php).
Afterwards you are ready to use your validator like in the following example.
Beside the validators that come with extbase and which are although available
in the different processes, the registration come with a set of specific ones
that are tailored to the special need. The following lists all validators
which are suited for the usage on fields.
Checks if the field contains non of the word in the list is present.
Words to check against are configured in badWordList
IsTrueValidator
IsTrueValidator
Type
string
Checks if the field is set for example the general terms and conditions
RequiredValidator
RequiredValidator
Type
string
This validator serves two purpose. First of check if the field contains
a value and that it is not empty. Second the rendering uses this
validator as condition to render required sign or not.
Checks if the entered value matches the captcha text by using the same
captcha adapter like the one used for the rendering. Therefor the option
type needs to equal the configuration of the rendering.
Likewise the rendering of the captcha its possible to use custom
captchas to validate. How to use create custom is described in
Bring in your own captcha
Possible options are:
types
srfreecap
jmrecaptcha
recaptcha
EmptyValidator
EmptyValidator
Type
string
Checks if the field uid is empty to no unauthorized user manipulation
could happen.
Specialty:
This validator gets auto-assigned to the uid field in the create process
EqualCurrentPasswordValidator
EqualCurrentPasswordValidator
Type
string
This validator is used in the password change process. It compares if the
entered old password is equal to the current set password for the account
the user is logged in with.
EqualCurrentUserValidator
EqualCurrentUserValidator
Type
string
On edit process it's important that the correct user data get modified. To
ensure that the submitted data does not temper the user id. This
validator compares the user id send by the form with the user id of
the logged in user to prevent and change of the id.
Specialty:
This validator gets auto-assigned to the uid field in the edit process
ImageUploadValidator
ImageUploadValidator
Type
string
The image upload validator checks if the file uploaded has an allowed
file extension and if the file size is in the allowed max size. Both
checks uses system configuration.
config/system/additional.php
// file extension in
$GLOBALS['TCA']['fe_users']['columns']['image']['config']['allowed']
// file size in
$GLOBALS['TCA']['fe_users']['columns']['image']['config']['max_size']
Copied!
UniqueValidator
UniqueValidator
Type
string
Default
0
Checks if the value is unique for the field in the storage folder. If
the option 'global' is set a second check for the value in the field is
done system wide.
By this you could define that an email address is unique either in the
local context or for the complex TYPO3 cms installation. So if you have
multiple newsletters that could get registered its ideal to choose only
the global = 0 check, so an user could register multiple times.
If the username should be only available once in the system to prevent
collisions in authentication you would choose to set globals = 1 .
Possible options are:
global
0 unique only in storage folder
1 unique in the hole installation
RepeatValidator
RepeatValidator
Type
string
To ensure that the input of a user was done without mistake by the user
self it's a good idea to have the values entered in two fields and then
compare their values. That is possible with this validator.
The fields need to be present with the pattern [fieldName] and
[fieldName]Repeat. Where fieldName is free to choose. While Repeat is
not configurable by now this validator is only usable for email and
password fields.
Since version 8.8.0 its easier then ever to user your own fields. Just add your
partial folder via typoscript and register your own field configuration. After
that you need to tell the user ts config that the new type is available to
be selected in the plugin too.
By using the same fields file both in typoscript as well as in user ts config.
No additional configuration is needed.
In your partials there are the following information available
{user} the user object with previous entered values
{fieldName} the name of the field in the user object
{options} every value that is inside of the field config {partial, backendLabel, etc}
{settings} the general plugin settings
Adding custom properties
Since late the frontend user domain model can be extended. This can be done the
extension evoweb/extender which sole purpose is to extend extbase domain models.
There is an example on how to use the extender.
If you run into problems extending please be aware that the only solution
supported is by the use of 'extender'.
In this example its noteworthy that the last array key is not required but advised.
The path to the file matches extension key and extbase compatible path to the domain model.
For highlighting purpose its advised to let the domain model extend
from
\Evoweb\SfRegister\Domain\Model\FrontendUser
By implementing a adapter which is extending the
\Evoweb\SfRegister\Services\Captcha\AbstractAdapter you are able to add
an own captcha. The adapter now then has to be configured to be usable by adding
typoscript settings like the following taken from recaptcha:
Captcha.typoscript
plugin.tx_sfregister.settings {
# register recaptcha as captcha possibility
captcha.recaptcha = Evoweb\Recaptcha\Adapter\SfRegisterAdapter
fields {
configuration {
# change captcha field type to recaptcha
captcha.type = Recaptcha
}
}
validation.create {
# tell validation to use recaptcha adapter
captcha = Evoweb\SfRegister\Validation\Validator\CaptchaValidator(type = recaptcha)
}
}
Copied!
PSR-14 Events
This kind of event is superseding Hooks and Signal-Slots in TYPO3 and are the
way to go. That's why all signals are replaced with their event counterparts.
How to implement a slot
An overview on how to configure and interact with events was given on the
Developer Days in 2019. The detailed example shows how to configure them in the
Services.yaml:
Since version 8.8.0 the forms are rendered by partials. Create and Edit form
fields are defined in typoscript or selected in the plugin and then rendered by
a loop which calls the configured partial per field.
This was made to be able to only change one field alone through modifying the partial.
Additionally its now possible to select the fields needed in the content instead
the need to add typoscript for the one page where the registration should be different.
As its not always needed to define your field selection there are some defaults
configured out of the box.
Word of advise to those that upgrade an existing installation. To make use of
this feature in your old templates you need to replace all <div> tags between
the form tags with the loop.
Per default, all templates are stored in typo3conf/ext/sf_register/Resources/Private/
Copy files you want to modify of the folder into the fileadmin.
Don't forget to set the path to this new templates folder with.
Since TYPO3 6.2 its possible to have so called fallback paths for
template, partial and layout root paths. By this its not necessary to
copy all files of given path any more.
In pre and post TYPO3 6.2 version its possible to define a template rootpath in
the registration plugin. This gets add/set to the view and used for rendering.
you get the asterix (*) behind your label, if the required validator
is active for this field.
Tutorial
How to setup different registration processes?
It is possible to have simple registrations like directly activated user
accounts as well as complex ones like double optin confirmations with admin
acceptance. So if its possible to have different approaches how to set them up?
Simple like peanut butter jelly sandwich
In the Extension Manager
install the extension
in Extension Settings choose 'minimal' in TypoScript complexity
In modul List
add a storage folder and remember the storage folder id
add a usergroup with name of your choice in this storage folder
add a page named Registration
in the page page properties on tab Resources select the storage folder in field 'General Record Storage Page'
on this page add a plugin type 'Registration for create, edit or delete Frontend Users'
In the plugin
select 'Create' in the 'What action should be taken?' select box
leave the Template root path empty until you know what you do
In modul Template
choose 'Info/Modify'
edit the whole template record
add the include static 'Feuser Register [minimal] (sf_register)' and save and close the TypoScript
choose the Constant Editor
activate and set the remembered usergroup id in the field 'usergroup set if no activation is needed':
(the result in constants field is plugin.tx_sfregister.settings.usergroup = 3)
Somewhat like creme bruleé
Help is needed here, to describe each step.
Your christmas stuffed Turkey
Help is needed here, to describe each step.
Registration actions
Possible actions
The following diagram displays which actions are necessary for a successful registration. Some of them are optional like
the confirmation and activation. Some are mandatory to get a valid user to login with.
With version 13 site sets with own settings $evoweb.sf-register.settings.* were introduced.
These should have override TypoScript constants.
This concept is now discarded in favor for $plugin.tx_sfregister.settings.* which is now
also used in the siteSets. Please be aware and migrate them. Most likely its replacing
evoweb.sf-register with plugin.tx_sfregister.
2025.01.10
The breaking change of 2019.01.13 is reverted. Since commit d10e1bc the shorthand
notation for validators got deprecated and will be removed in 14.0. So now you
need to use the fully qualified classname again.
Replace TypoScript condition and plugin.tx_sfregister.settings.minified value
with
\Evoweb\SfRegister\ViewHelpers\ApplicationContextViewHelper.
Environments are matched with Expression Languages and allow values like:
Development
Testing
Production
Production/*
Production/Staging
By this one TypoScript condition less gets used, which improves cacheability of
pages.
2024.10.23
The new content element wizards are now not auto registered. If you use one of
the two provided SiteSets, the wizards are available in the related tree.
If you use a page tree without a SiteSet, the wizards can be included in the
the root page with the page field "Page TSconfig" by selecting the "[Frontend
user registration] New content element wizards".
2024.10.22
Since TYPO3 13.x list_type is deprecated. A upgrade task is provided to convert
the plugins from list_type to CType rendering.
2024.10.18
Rename password meter with ID sfrpassword to sfrPassword
Fallback for password element <meter> is not supported anymore.
2024.08.31
Extract the modification of the validators to ModifyValidator service. It's
still configured the same (via TypoScript) but is handled via service outside
of the controller.
Replace $controller->controller with $controller->getControllerName()
Move change usergroup to FrontendUserGroup service
Without injecting FrontenUserGroup into other controller, changing
usergroup is only supported in FeuserCreateController.
Move getLoggedInUserId, getLoggedInUser, determineFrontendUser, userIsLoggedIn,
autoLogin and redirectToPage to FrontendUser service
Remove access on context in controller and move it to FrontendUser service
2024.08.26
Replace SelectStaticCountriesViewHelper with f:form.countrySelect to decouple
from EXT:static_info_tables if you only relay on selecting countries.
2024.05.13
The registration of fields for the field selection in the content elements was
moved from ext_localconf.php to user.tsconfig. The consequence is, that
extending/overriding fields requires to order the loading of extensions. To
achieve this, you need to require sf_register in your composer.json and
ext_emconf.php
2022.01.01
Interface EvowebSfRegisterInterfaceFrontendUserInterface is renamed to
EvowebSfRegisterDomainModelFrontendUserInterface
2021.12.31
Validator configuration is changed. As long as your custom validator has no
injected classes like repository or likewise, you do not need to change anything.
If you need something in your validator, you need to use to constructor
injection, add an implements of InjectableInterface, make the validator a public
service via Services.yaml and need have a way to get
the options set.
Options can be set by your own method or by using the AbstractValidator of
sf_register.
So if you need a class in your validator in code this changes are needed:
Add your validator to Services.yaml:
Add implements InjectableInterface to your validator
Use `\Evoweb\SfRegister\Validation\Validator\AbstractValidator` as validator base
Add the repository in constructor
The hole extension was refactored to make best usage of TYPO3 10 changes. Namely
constructor DI
exchange Signal/Slot dispatcher with PSR-14 events, have a look in extendability at PSR-14 events
refactor to fully match the PSR-12 standard
rename TypoScript setting processInitializeActionSignal to processInitializeActionEvent
rename TypoScript setting redirectSignal. to redirectEvent.
reorganize TypoScript setting createDefaultSelected etc to defaultSelected.create etc
reorganize TypoScript notifyUser and notifyAdmin setup and constants to notifyUser. and notifyAdmin.
modify Mail service to have better controller and action assignment
replace switchableControllerActions with individual plugin per controller
check what elements with list_type sfregister_form are present in table tt_content
and replace them with their corresponding new plugin
change how TS names, templates, mail subject and PSR-14 event name are build based
on controller and action name in combination with notifyAdmin and notifyUser
TS name is build notifyAdmin.{ControllerName}{ActionName} notifyAdmin.createSave
Template name is build NotifyAdmin{ControllerName}{ActionName} NotifyAdminCreateSave
Mail subject is build subjectNotifyAdmin{ControllerName}{ActionName} subjectNotifyAdminCreateSave
Event name is build NotifyAdmin{ControllerName}{ActionName}Event NotifyAdminCreateSaveEvent
PostCreateSave replaced with CreateSave
PostCreateConfirm replaced with CreateConfirm
PostCreateRefuse replaced with CreateRefuse
PostCreateAccept replaced with CreateAccept
PostCreateDecline replaced with CreateDecline
PostDeleteSave replaced with DeleteSave
PostDeleteConfirm replaced with DeleteConfirm
PostEditSave replaced with EditSave
PostEditConfirm replaced with EditConfirm
PostEditAccept replaced with EditAccept
SendInvitation replaced with InviteInvite
PostResendMail replaced with ResendMail
2019.02.03
Drop custom form styles in favor for Bootstrap 4.2 styles. Be aware, to get the styles.css
from older releases if you depend on it. If you use the Bootstrap 4.2 form styles you are
good to go.
2019.02.02
The password strength meter got replaced with the <meter> element. If you still need the old
iframe variant for old browser or for the looks, please override the file
EXT:sf_register/Resources/Private/Partials/Form/Password.html in your sitepackage and replace
The core changed away from saltedpasswords towards integrated passwordHashing in EXT:Core (see
Deprecation: #85804 - Salted password hash class deprecations)
By this its always possible to properly hash passwords.
Due to this shift the support for md5 and sha1 configuration is dropped in
EqualCurrentPasswordValidator::isValid and FeuserController::encryptPassword.
2015.11.15
Method changeUsergroup got pulled up from FeuserCreateController to FeuserController. If a controller extends
FeuserCreateController the change in changeUsergroup needs to be copied.
Method changeUsergroup got the parameter $usergroupIdToBeRemoved removed. This is because all known usergroups
previously set get removed now. So only the $user and $usergroupIdToAdd need to be provided. All usage of this
method needs to be changed accordingly.
Drop mailhash, setMailhash() and getMailhash() from frontend user model as it was deprecated since 2014.
Sitemap
Reference to the headline
Copy and freely share the link
This link target has no permanent anchor assigned.The link below can be used, but is prone to change if the page gets moved.
