How to prevent users from changing their username or email

Question

I am using the qa-ldap-plugin to do user management. If a user exists in the LDAP directory, then they can log in with their credentials. All new users etc. are managed through that LDAP directory.

The qa-ldap-plugin creates a user in the MySQL database if they exist in the LDAP directory but have never logged in before. This way, all user credentials etc are totally managed by LDAP.

However, a user could still go in to their profile and edit their username or email address. This may cause issues from an administration standpoint, because I need this information to always stay consistent with the LDAP directory. How do I prevent a user from modifying this info?

Comments

I think you can remove the whole content of the question and leave the last question :) The rest, just doesn't make any difference when answering it

---

@pupi1985, you are probably right, because I tend to get wordy with questions. In this case, I thought there was a connection between the plugin and the problem. I figure, it normally can't hurt to have more information.

Answer 1

Just create a filter plugin and implement these functions:

public function filter_handle(&$handle, $olduser) {
    if (isset($olduser)) {
        return 'You are not allowed to change your username';
    }
}

public function filter_email(&$email, $olduser) {
    if (isset($olduser)) {
        return 'You are not allowed to change your email';
    }
}

This will allow new user registrations and block username and email changes.

Comments

I read the link you gave me and it is clear on the purpose of each function, but not necessarily on how to integrate each function into the existing code. I found that these function definitions exist in qa-filter-basic.php. Do I modify this file, or create a new file (a "plugin")? If I create a new one, and call it qa-filter-ldap.php, for example, how will Q2A know to pull it in?

---

Try not to modify core files. Just create a new plugin (generic info here http://www.question2answer.org/plugins.php). Q2A will now because of directory and file convention.
Funny thing, I've just remembered I had already developed an extremely simple plugin with a filter module: https://github.com/pupi1985/q2a-maximum-tag-length Use it as a template :)

---

Awesome. Your template and the documentation definitely helped. I made my life easier by just adding to the qa-ldap-login plugin and piggy backing a registered module off of its qa-plugin.php. This worked.

---

Seems someone (mbplautz himself?) posted their implementation of part of the above code as a Q2A plugin on Github at https://github.com/MirzaMedia/MRZ-Q2A-prevent-username-change.

Here is a quick hack of MRZ-Q2A-prevent-username-change which prevents the edition of profile information rather than username: https://github.com/vanderlindenma/MRZ-Q2A-Prevent-Profile-Change