Steven Heynderickx wrote on 10 Nov 2009 15:50
Originally suggested by pieterh 1 October 2009.
This is a design sketch for "Drive-by Sign-in" (DBS) and "Drive-by Registration" (DBR), two techniques for improving Wikidot for existing users by reducing annoying permission popups, and reducing the barrier for new member registrations (to a site and to Wikidot) to an absolute minimum.
Drive-by Sign-in (DBS)
DBS starts when an anonymous user (or a registered user who is not logged in) tries any action that is requires a session. This includes making a comment, rating a page, viewing the page source, editing a page, uploading a file, etc., depending on the site configuration. Currently, trying to do such an action when not signed-in causes an annoying popup like:
Sorry, you can not add new post in this thread. Only Wikidot.com registered users, members of this site, site administrators and perhaps selected moderators are allowed to.
There are many instances of such error popups. Instead of an error, a user who is not signed-in would get a popup that is a simplified version of the new Sign-in window:
+-- You are not signed in ---------------+
| Your email: ____________________ |
| Password: _____________________ |
| (if you have a Wikidot account) |
| [ Continue ] |
If the email and password match an account, the user is signed in. If the email matches but there is no password, the user is taken to the full sign-on popup. If the email is unknown, the user enters the Drive-by Registration process.
Drive-by Registration (DBR)
DBR works by creating an account with only an email address. The overall process is:
- A user with no session requests some action.
- Wikidot prompts for an email address and finds that there is no matching account.
- Wikidot creates a new account with that email address and a random password.
- Wikidot sends a verification email with a hashed one-time verification link and the password.
- The user reads the email and clicks on the verification link.
- That brings the user to a popup over the original site.
- The popup asks for a new password (not the old one!) and confirmation, and a username.
- That brings the user back to the original website and continues the action.
Profiles that do not have a username can be considered junk accounts, and regularly removed.
The verification email contains:
- The action the user was trying to do, and the site
- The URL of the computer that was used, and perhaps its location
- The email address that was used
- A link to the Wikidot Terms and Conditions
- A verification link (one-time hashed)
On a site with open membership, DBR automatically results in the user becoming a site member. Open sites are "sticky" and acquire all new registered users.
Simpler Account Creation
We can simplify the "Create Account" screen using the DBR approach. It should ask for only a name and email address. The user would enter their password after email verification. The language can be determined from the browser, or the original site. The captcha is redundant and can be removed. The Terms of Service can be explained in the verification email.
Join module Drive-by Registration
The Join module would allow embedding of an email and password field anywhere on a site. This would be visible only to users with no active session. Signed-in users would see a Join this site button if they are not already members, and a Sign out button if they are members.
Thus the Join module with DBR works as follows:
- Anonymous users see an email and password field, and a Sign in or join this site button.
- Signed-in users who are not members see the current Join this site button.
- Signed-in users who are members see a Sign out button.
Proposed module syntax:
[[module Join button="Join this site" signout="Sign out"]]
Comment Drive-by Registration
For page comments we use an adapted DBR that is designed to get more commenters to register and join a site. This depends on a new simpler user interface, here is a mockup:
Notes on this design:
- Labels for text boxes are put inside text boxes and disappear when the user types.
- The comment text box starts small (2 lines) and automatically grows, up to a sensible limit, as the user types more.
- The Wiki syntax action pops up a reminder of common wiki syntax.
- The Toolbar action toggles a mini toolbar above the comment text box.
- Ctrl-S saves a comment, as in the page editor.
Signed-in users do not see the name and email fields. Not signed-in users can enter either or both name and email. When they post the comment, the DBS / DBR process starts more or less as described above but with a few differences:
The verification email has the title "Confirm your comment on %%site_title%%" and also contains:
- The original comment text
- The URL of the original post
- The name used to post the comment
When the user has confirmed their comment by clicking the verification link, their comment is posted and they return to that page. For users with an account, when they have logged in, their comment is posted and they return to that page.
The user automatically becomes a watcher of the page; if the site has open membership they also become a member of the site.
We discourage direct comments on this thread: to discuss it, please start a sub-thread.