On Wed, Nov 10, 2010 at 7:03 AM, Loui Chang <louipc....@gmail.com> wrote: > On Fri 29 Oct 2010 16:23 -0700, Justin Davis wrote: >> Hello aur-dev! > > Hello Justin. > >> My suggestion, which I am willing to write a patch for, is to create a >> registration link near the login/password input boxes. When logged in >> this registration link is instead a link for viewing/editing account >> information. These links would be next to where the "[Forgot >> Password]" link is now. Or where the "[Logout]" link is when logged >> in. When an unprivileged user is logged in there is no "Accounts" link >> in AUR's little toolbar on the left. Only TUs and Devs have that link >> in order to edit accounts. > >> This change of location creates a greater contrast between the normal >> AUR toolbar links and user account links. Often links that manipulate >> a users account are grouped closer together and away from links that >> basically get work done and are used more commonly. This also removes >> the generally confusing "Accounts" link from people who do not realize >> that it serves a dual purpose for account administration as well as >> personal account editing... oh and account registration. >> >> The only downside is that new translations would be needed for the >> registration link and for the account information viewing/editing >> link. > > Sounds like a good idea. I wouldn't worry about translations. They can > always be updated later. > >> As I side-note I would also like to move the account form printing and >> processing code out of acctfuncs.inc and into a template/controller. I >> would also make a new template/ file for the account info/edit form >> which would then be used from the account info and registration, and >> the TU's account admin. This would leave the low-level account login, >> password, etc code inside lib/acctfuncs.inc, move the html printing >> code into a template/ file, and the form checking code... somewhere >> else. > > Moving html to template is good. I think it would be fine to keep > functions in acctfuncs. > >> Anyways, what do people think about those simple changes in design? > > Thanks for your input and interest! >
Thanks for the encouraging response Loui! I just wanted you to know I am still interested in this. I have worked on this a little bit today and pushed my split/acct branch to github at: [https://github.com/juster/aur]. Basically I have moved display_account_info() and display_account_form() into templates called account_info.php and account_edit_form.php. I am reorganizing accounts.php before I modify things. So far I have broken it up and pieced it back together so it works exactly as before. Before I go further I have another idea that builds upon the last. I would really like to implement secure logins using https for the AUR. Right now logins are unencrypted and this is a little disheartening. So how would you feel about a login link and page? This would be a bit different from the current system where logins can occur from any page/URL on the AUR. Instead logins could only occur on one page and you would have to click a link to get to it. The advantage here is that logins can be shuttled over to the https URL through a https secured html/login.php page. Logged-in users would then be accessing the AUR over https and very importantly the password would be sent over https. Some checks would also be added to account editing/viewing page to make sure it is over https. I don't think this idea violates the "rule" of only maintaining the AUR and not adding new features so I hope people like it. -- -Justin