[RFC] Registration & Login Overhaul

[hanakin]

ok the issue is no that javascript is used for no good reason or that we should force people to use JS, as naderman keeps saying the use of javascript needs to fallback as with all web technology we do this with css, html, etc... the web is not designed to function in absolutes and we can not code to such. Those that argue one way or the other are simply ignorant.

The argument that this puts more on the developers is simply retarded and ignorant you obviously understand little about web development, because that is the burden we bare for working in such a backwards medium so get over it. The developers can make that call on there own and it need not be pointed out to them.

With that said speaking as a designer and not a developer as 99.5% of the PHPBB developers and community tend to be (sorry if that offends anyone but sadly it is true, styles team this includes you as most of the themes for phpbb are color changes which does not make a design in itself), any improvement JS can bring from a design/UX(User experience) stand point should be considered to provide better useability to those who can benefit from it in the same manner as we provide richer CSS3 enhancements for those who can benefit from it.

The web has changed a lot over the past decade since Prosilver and I believe narderman and some of the other developers understand this and are working to fix this but it is a slow process and it requires all the help they can get!

[imkingdavid]

In the past, it was good practice to have a fallback for non-javascript browsing. However, there are multiple reasons this should not have to apply anymore.
1) Quite simply, it takes more time both in coding and in testing.
2) People should understand that if they disable Javascript they will receive a less-than-pleasant browsing experience on almost any website. It's their problem, not ours.
3) Very, very, very few people even disable javascript by default when browsing. Some may have a NoScript or similar addon installed, but they can easily allow javascript on the website with one click. In any case, the vast majority of users do not disable javascript. Because it's a choice the user makes when browsing, it should be up to them to enable javascript if they want to be able to use all of the features, not up to the developer to make a separate non-javascript version.

As far as the hiding/showing password, I think that's a good idea; I think that any way we can decrease the amount of fields on registration the better. One site I recently registered on (can't remember which exactly, tbh) had one field: email address. An activation email was sent, then the user clicked it and entered their password. Anything else should be optional and can be entered after registration. Of course if we were to do that, we would put the username with the password page.

I agree with being able to login with either username or email, but there are some cases in which users might have multiple usernames associated with one email address that, which could become problematic. Perhaps there could be a way to associate those accounts and let people choose which account to use if they login with their email address, and optionally even switch between them on a whim (requiring password, of course).

Allowing the association of Google and Facebook accounts with your phpBB account is a good idea, imo. It makes registration much faster and easier. I also agree with the ajax login (w/o page reload), as that makes login that much faster.

[/a3]

I believe this is relevant: HTML Techniques for Web Content Accessibility Guidelines 1.0.

Content developers must ensure that pages are accessible with scripts turned off or in browsers that don't support scripts.

People should understand that if they disable Javascript they will receive a less-than-pleasant browsing experience on almost any website. It's their problem, not ours.

That's certainly not a good attitude. That's just saying that you don't care if your users can use your website properly; they have to enable a browser feature whether they like it or not.

Very, very, very few people even disable javascript by default when browsing

I use NoScript. Mainly for two reasons:

1. I only allow scripts on websites I use regularly. I don't normally appreciate special effects, those JavaScript popup boxes (not Windows; the boxes styled with CSS) and other various uses for JavaScript that I personally find useless.
2. Security. For example, Mozilla has a list of fixed security vulnerabilities, quite a few which can be prevented by disabling JavaScript.

Also keep in mind people who are disabled. People who may use screen readers. I'm not sure if a screen reader would even work with JavaScript, since JavaScript can quickly change the text on a page.

I'm not arguing against JavaScript, I'm just saying that there should be a valid and working fallback for users that don't have it enabled. phpBB is used by thousands of bulletin boards (maybe millions) and I'm sure blind or disabled users that use the internet would not appreciate being "locked out" after a bulletin board update that affects so many sites.

[callumacrae]

I believe this is relevant: HTML Techniques for Web Content Accessibility Guidelines 1.0.

Not really. "W3C Note 6 November 2000". It's over 11 years old!

Most big sites have dropped support for browser without JavaScript. Most sites I develop still fallback gracefully, but a lot of them don't. A core feature such as registration should work without JavaScript, but if the user has chosen to disable JavaScript then they can't expect everything to work properly.

[ecwpa]

I use NoScript

Seriously, This guys?

That's certainly not a good attitude. That's just saying that you don't care if your users can use your website properly; they have to enable a browser feature whether they like it or not.

Its not an opt-in situation, its an opt-out situation. Most users, easily more than 95%, have JS enabled. But I agree, even if it takes a bit more time, a fallback must be in place for users with JS disabled.

[/a3]

I believe this is relevant: HTML Techniques for Web Content Accessibility Guidelines 1.0.

Not really. "W3C Note 6 November 2000". It's over 11 years old!

So what?

Most big sites have dropped support for browser without JavaScript.

I browse the web fine without JavaScript on nearly all websites. Including big sites.

Most sites I develop still fallback gracefully, but a lot of them don't. A core feature such as registration should work without JavaScript, but if the user has chosen to disable JavaScript then they can't expect everything to work properly.

I do expect to be able to use phpBB without JavaScript. I don't care much about clicking smilies to insert them. Some features cannot have a fallback. I understand that.

Seriously, This guys?

I removed most of the default websites from the whitelist on installation. That doesn't change anything for me.

[callumacrae]

I've always thought that install NoScript is a bit like disabling cookies to stop the big bad companies from tracking you. Because that is, after all, the only use of cookies. It's only really done by people who don't understand what they're doing.

[Oleg]

As was already stated multiple times in this topic and elsewhere, phpbb will remain functional and usable without javascript. There is really no point in arguing over this.

[AmigoJack]

I believe this is relevant: HTML Techniques for Web Content Accessibility Guidelines 1.0.

Not really. "W3C Note 6 November 2000". It's over 11 years old!

Oh, it's n years old, so it's not relevant anymore. Then let's also stop following all the other "old" standards including their recommendations and guidelines, like

• HTTP - who needs status codes anyway if we can transfer a text body?
• TCP - who needs error detection and flow control in the times of broadband access?
• Geneva Conventions - who wants this when everything is caused by political opinion and the government is always right?

Most big sites

...are ignoring quite everything:

• Unfound sites still give you HTTP status 200.
• In most of the cases you only get HTTP status 404 although the site knows better and should give a 410 (it's a difference between something which isn't found at any time and something which was known and is confirmed to not re-appear anymore).
• A fixed display width (congratulations for ignoring everyone's desktop resolution).
• A fixed display height (mostly used by "designers" who mostly think of a print medium).
• Relying on propritary formats (Adobe Flash, Microsoft WMV, Oracle Forms...).
• Output everything HTML interpreted (although it is not always needed and sometimes even fatal).
• URLs to the same resource are changing (oh so SEO-"friendly" without carrying any ID anymore, so changing a topic will make old links invalid).

No, I'm more than happy how much phpBB follows standards and rules. A big drawback of JS enriched sites is that you can't save such a document to later view it properly offline or give a copy of that to people you want to show something where they don't have access to (instead of just giving a screenshot, which can only visually copy a portion of the whole page without capturing any variable/dynamic areas). Addition is good, but it must always be optional. All your cellphones will cease to operate on communication during a blackout, whereas an old fashioned telephone might still work of landline wires carrying voltage. I guess all you JS lovers lacking of detail knowledge even probably never heard of ECMA.

[callumacrae]

My job title is "JavaScript Developer" and I most certainly have heard of ECMA.

That was a bad example, as more web browsers have support for JavaScript than they used to, while I'm guessing that the same amount still support HTTP same as always.

Anyone who says that fixed widths are "wrong" needs to consider the fact that when I makes browser window small (or access a website from my phone), I would like more than two words per line and am perfectly capable of horizontal scrolling.



My cellphone works just fine during a blackout.