Originally Posted by omegatron
Hello this is not a bug
It is coded to work this way and permissions for this unverified usergroup are as you set. He will not be allowed to do anything. Vbulletin works this very same way. You can login but you only have permissions to do as the admin sets
But from a logic point of view, I do not understand it. If I make the settings in admin menu, that new users have first to click on the verification mail before their account is valid, it would be more logic not to let people log-in, without that approval. This is why I use this option in admin menu
IMO with the currenbt way of handling this, users will think that the problem lies somewhere else. So this leads to confusion for my users. They see they can login in, so they will think that they activated everything o.k, or no activation is needed.
Very often, approval mails get blocked by spam blockers. If users nevertheless can login, they will not realize that the confirmation mail is missing. Worst case, they try to get things done while beeing logged in, but leave afterwards frustrated and never come back again.
I would like to avoid to get my users upset or confused
So I would strongly suggest to change this in a next version so it is for users very straight forward: either they user the confirmation link and they get in, or they don't and have no login possibility at all.