Skip to content

Joomla 5 Custom Fields Disabled on Registration Form -- ACL Fix

More
3 weeks 49 minutes ago #831 by admin
Joomla 5 Custom Fields Disabled on Registration Form -- ACL Fix was created by admin
You've created custom fields for user registration in Joomla 5, assigned them to the registration form context, but they render as disabled (greyed out). Users can see them but can't fill them in. The fields work fine in the admin user editor.

Symptoms
  • Custom fields appear on the registration form
  • They are visually greyed out / disabled
  • Inspecting the HTML shows disabled="true" on the input elements
  • Even if you remove the disabled attribute with JavaScript, the values are stripped server-side
  • The same fields work perfectly when editing a user in the admin backend

Root Cause

Joomla's FieldsPlugin.php (around line 305) checks FieldsHelper::canEditFieldValue($field) before rendering each field. If the current user doesn't have core.edit.value permission on that field's asset, the field gets disabled="true".

On top of that, the onContentNormaliseRequestData handler strips values from disabled fields server-side. So even a JavaScript hack to remove the disabled attribute won't work -- the values are rejected on submit.

The permission check walks up the asset tree:
1. Check the specific field asset: com_users.field.{ID}
2. If no asset record exists, check the parent component: com_users
3. If nothing found, check root asset

For guest users (registering), Joomla checks the Public group (group ID 1). By default, Public has no core.edit.value permission anywhere -- so every custom field is disabled.

The Fix (Safe Way)

Create individual asset records for each field, granting core.edit.value to the Public group on only those specific fields:

Step 1: Find the parent asset ID for com_users
Code:
SELECT id, lft, rgt FROM j5_assets WHERE name = 'com_users';

Step 2: Insert asset records for each field
For each custom field (e.g., field ID 5):
Code:
-- Get insertion point SET @parent_rgt = (SELECT rgt FROM j5_assets WHERE name = 'com_users'); -- Make room in the nested set tree UPDATE j5_assets SET rgt = rgt + 2 WHERE rgt >= @parent_rgt ORDER BY rgt DESC; UPDATE j5_assets SET lft = lft + 2 WHERE lft >= @parent_rgt ORDER BY lft DESC; -- Insert field asset INSERT INTO j5_assets (parent_id, lft, rgt, level, name, title, rules) VALUES ( (SELECT id FROM j5_assets WHERE name = 'com_users'), @parent_rgt, @parent_rgt + 1, (SELECT level + 1 FROM j5_assets WHERE name = 'com_users'), 'com_users.field.5', 'Field: Your Field Name', '{"core.edit.value":{"1":1}}' );

The key is {"core.edit.value":{"1":1}} -- this grants the permission to group ID 1 (Public) on this specific field only.

WARNING: Do NOT grant core.edit.value to Public on the entire com_users component. That would apply to ALL current AND future fields, which is a security risk.

[hr]
This is one of 65+ gotchas documented in The AI Joomla Blueprint -- theaidirector.win

Please Log in or Create an account to join the conversation.

Time to create page: 0.192 seconds

The AI Director

Enjoy Building Joomla Sites with AI

The most enjoyable way to build a Joomla site. Open it in VS Code → — describe what you want, Claude Code → reads the briefing, runs the stack, writes the code. You just keep the conversation going.

A new paradigm.

Browse the Shop →
Built & designed by Weblio Sites from 9 900 NOK — built to outperform

This site was designed and built by Weblio — a Norwegian web agency specialising in fast, professional websites and AI-powered tools for businesses that want to move faster than their competition. Direct communication, honest pricing, no surprises.

Visit Weblio.no →