Add constants NO_USER_URL and NO_USER_COUNTRY.
If you set these to true (in project.inc)
there will be no query or display of user web site URL
and user country, respectively.
Add new constant in project.inc, TERMSOFUSE_FILE, which is a path to the project's terms of use. This defaults to the previous location, a text file in the project's base directory.
get_project_config.php RPC modified to use this new constant, but if it is not defined, then the code will attempt to use the old path: this should be backwards-compatible for projects that do not update project.inc, but have a terms_of_use.txt file in their base directory.
HTML code modified to use this new constant.
Renamed 'optin consent' to 'agree to terms of use'. New config.xml variable name.
Decoupled new user agree to terms of use from existing users. If there is a ENROLL terms of use, and the project has enabled the 'enable_login_mustagree_termsofuse' boolean, then existing users must agree to the terms of use when the login, and this is recorded in the consent table.
Now the code uses the enabled flag for the consent_type ENROLL to detmerine if a terms of use
is showed to the user and whether or not consent is recorded for this general terms of use.
When a user logs in, and they have not yet consented, the user is presented with a form to consent to the Terms of Use. This adds or modifies records in the consent table.
Supported logins are: web form, authenticator, email_link, and ldap.
create_account RPC modified to record a user's consent.
am_set_info RPC modified to allow for modification of user's consent.
Account registration on Web site modified to show terms_of_use.txt file and record user's consent.
When you check the box it turns the input field type from "password" to "text".
If you navigate to another (say by clicking Submit)
and then return via the back button,
the checkbox is still checked but the input field type is back to "password"!
Further clicks toggle the type, so it's always wrong from that point.
I changed it so that clicking the checkbox sets the type
to the appropriate value rather than toggling it.
The type is still wrong after "back",
but it's right after further checkbox clicks.
Note: the example on w3schools.com
https://www.w3schools.com/howto/howto_js_toggle_password.asp
has the same bug.
Generate a new login token only if the current one is older than a day.
That way if a user does several downloads in quick succession
(for whatever reason) autoattach will work with all of them.
Note: you can supply authenticator instead of password in regular login form.
Occasionally a project admin may need to do this to log in as another user.
Add the server parts of the scheme described here:
https://boinc.berkeley.edu/trac/wiki/SimpleAttach
This includes:
- add login_token table and function for creating login tokens
- add Web RPC login_token_lookup.php for mapping token to auth
- change concierge protocol to take project ID and login token
- update download.php so that it gets client version info
from versions.xml (from BOINC web site)
and displays buttons with OS name, versions and file sizes
like on the BOINC download page
- make "register.php" work
I've tested this all the way through downloading the installer file
with the augmented name.
Changes to the installer and client are needed to complete the system.
principles:
- primary action buttons are green (btn-success)
- secondary action buttons are blue (btn-primary)
- potentially risky action buttons are yellow (btn-warning)
- if there are a lot of buttons (e.g. forum posts) use btn-xs
In bootstrap.inc there are some functions for creating forms.
They conceal Bootstrap (and HTML itself) from the caller.
I changed a couple of forms (edit user into and create account) to use this API.
There are many other forms that we could change as well.
This is how I'd like the PHP code to evolve:
encapsulate HTML in utility functions.
We have this for tables, forms, and header/footer.
Also finish the NO_COMPUTING changes.
We were asking for postal code (optional) on registration.
The purpose was to let projects study
the geographical distribution of their volunteers.
But AFAIK no one ever did this,
and some volunteers have said (understandably, I think)
that asking for postal code seems like an invasion of privacy.
So I conditioned the postal-code code on a boolean constant POSTAL_CODE.
If you put
define('POSTAL_CODE', true);
in your html/project/project.inc, you'll get the old behavior.
Otherwise users won't see postal-code related stuff any more.
- use form-control class for text inputs and selects.
This makes them all full-width, but I guess that's OK.
- use success class (green) for action buttons
- right-align table headings where appropriate
- use <small> instead of text-muted.
- tweak custom CSS to fix link and navbar visited colors
Also: on default home page, don't show the big green Join button
if the user is logged in; they're presumably running BOINC
on at least one computer.
However, in this case put a Join item in the Project menu
in case this is a new computer and they forgot where to download from.
- make selects 240px wide (kludge)
- in navbar, link user name to home page
- add Project to navbar, more Your Account there
- add maximum-scale to <meta>
When also including an older recaptchalib.php this function gets redefined. Since it is only a wrapper function and only used within BOINC, renaming it is safe.
David Anderson