
*******************************************************
    INSTALL.txt for logintoboggan.module for Drupal
*******************************************************

INSTALLATION:

Place entire logintoboggan module folder into
  (a) your sites/all/modules directory
  (b) your sites/[my site]/modules directory.

Enable the module at
Administer -> Site building - > Modules

Configure loggintoboggan settings at
Administer -> User management -> LoginToboggan.

The module changes the functionality of the login block
AND provides a new 'LoginToboggan logged in block'

Configure each block at
Administer -> Site building -> Blocks
as follows...

1. Configure the 'User login' block for LoginToboggan functionality:

Change title if required; using <none> can make for a very neat login system,
when combined with the javascript functionality: clicking upon "Login/register"
reveals the login form in neat sliding fashion. To select this functionality,
select 'Collapsible form' under "Block type". Selecting 'Link' under "Block
type" sends user to a login form, returning them to original page after
successful login.

2. Configure 'LoginToboggan logged in block'

Tip: by leaving the title blank, the 'LoginToboggan logged in block' is slim
and neat.

Done!

CAVEATS:

1. Use the 'Delete unvalidated users after' feature with extreme caution!

   This feature can be handy, but if misconfigured can cause unexpected damage
   to your user data -- specifically deleting users!  Two things to guard
   against:

     a. Be very careful when editing the 'Non-authenticated role' setting.
        If you set it to anything other than the 'authenticated user' role,
        LoginToboggan will happily start deleting any users you have in that
        role that were created prior to the purge interval. If you want to
        avoid problems, it's best to never change that setting after you've
        initially set it up.

     b. LoginToboggan has mechanisms in place that prevent a user from being
        re-added to the Non-authenticated role after a user has been validated.
        Note that these protections are only present in core's interface -- if
        you have another module enabled which does any role manipulation
        (either via the user interface or programatically), you must find your
        own way to ensure that it doesn't add any users back into the
        Non-authenticated role.

   Also note that the feature is only enabled if the 'Set password' option is
   also enabled.
