Confirmation link not working correctly

13 years 4 months ago #11390 by beat
moneybagsxp wrote:

How long has 1.0 Stable been released? Is it compatible with SMF 1.1RC2 and Joomla 1.0.7?


1.0 stable will be released in the next days.
It is compatible with Joomla 1.0.7.
I don't know the status with SMF.

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
13 years 4 months ago #12006 by ccreding
I had this same issue, the problem was fixed by adding spaces in the ue_config.php file just before and after the hyperlink, seems that the link was accquiring some of the text from the lines after the link and that was contaminating the user registration confirmation.

the code should look like this:

<?php
$ueConfig='1';
$ueConfig='3';
$ueConfig='m/d/Y';
$ueConfig='3';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='Wildfire Registration Admin';
$ueConfig='registration@wildfireyouthgroup.com';
$ueConfig='blambert@cfaith.com';
$ueConfig='Your Registration is Pending Approval';
$ueConfig='Greetings [NAME],
Thank you for applying for registration with us. We have
received your request and we will process it as soon as you
confirm your email address by clicking on the following
hyperlink:

[CONFIRM]

Once your email address is confirmed our moderators will be

notified to continue the activation process.
You will be notified by email of the progress of the process.
[DETAILS]
Kind Regards,
Website Administration Team';
$ueConfig='New User Details';
$ueConfig='Welcome [NAME],
Your application has been approved by our administration team.
Your account with the following details:
[DETAILS]
has been activated.
We welcome you to our online community and trust that together
we will grow.
Enjoy the experience!
Kind Regards,
Website Administration Team';
$ueConfig='';
$ueConfig='';
$ueConfig='0';
$ueConfig='index.php?option=com_content&task=view&id=18';
$ueConfig='';
$ueConfig='30';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='-1';
$ueConfig='60';
$ueConfig='default';
$ueConfig='50';
$ueConfig='32';
$ueConfig='32';
$ueConfig='0';
$ueConfig='0';
$ueConfig='auto';
$ueConfig='auto';
$ueConfig='4';
$ueConfig='1';
$ueConfig='1';
$ueConfig='0';
$ueConfig='500';
$ueConfig='200';
$ueConfig='100';
$ueConfig='86';
$ueConfig='60';
$ueConfig='24';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='0';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='1';
$ueConfig='Friend
\\';
$ueConfig='1.0 RC 2';
?>

the red parts represent the areas that need to be changed

hope this is helpful, it worked for me.
13 years 4 months ago #12009 by beat
ccreding wrote:

I had this same issue, the problem was fixed by adding spaces in the ue_config.php file just before and after the hyperlink, seems that the link was accquiring some of the text from the lines after the link and that was contaminating the user registration confirmation.

the code should look like this:

<?php
...
$ueConfig='Greetings [NAME],
Thank you for applying for registration with us. We have
received your request and we will process it as soon as you
confirm your email address by clicking on the following
hyperlink:

[CONFIRM]

Once your email address is confirmed our moderators will be

notified to continue the activation process.
You will be notified by email of the progress of the process.
[DETAILS]
Kind Regards,
Website Administration Team';
$ueConfig='New User Details';
...
?>

the red parts represent the areas that need to be changed

hope this is helpful, it worked for me.


Yes, it helps in Entourage for mac for instance :)

I had added the space after for that. Now I also added the space before, so we are on the safe side for 1.0 stable.

Thanks!

Beat - Community Builder Team Member

Before posting on forums: Read FAQ thoroughly -- Help us spend more time coding by helping others in this forum, many thanks :)
CB links: Our membership - CBSubs - Templates - Hosting - Forge - Send me a Private Message (PM) only for private/confidential info
13 years 3 months ago #14697 by moneybagsxp
Using Joomla 1.0.7 and CB 1.0 Stable, we're starting to see occurences of Activation link not working...quite frequently, actually. I think I have uncovered a trend in that the users impacted by the issue all appear to use AOL. User@aol.com ... I wonder what's happening on the AOL end that could be happening...

here's an excerpt of the issue:

I WAS SENT THE AUTO GENERATED REGERSTRATION, DID AS INSTRUCTED AND THEN WHEN THE SECOND AUTO GENERATED E-MAIL WAS SENT, I WAS INSTRUCTED TO CLICK ON THE HYPER LINK TO VERIFY E-MAIL ADDRESS AND IT WOULD NOT LET ME DO SO ...


our ue_config.php has pleanty of space before/after [CONFIRM] so now I am at a loss...?

www.pixelchutes.com - Where every pixel matters.
13 years 1 month ago #17133 by fwd
Hi Joomlapolis,

Im running Mambo 4.5.4, and CB 1.0RC2.
I had the same problem mentioned in this thread. Users register sucessfully and the registration email is sent to them.
However, upon clicking the Confirm Email link, They receive this message: "Your account is not yet active. Please check your email and follow the instructions to complete the registration process.".

I did a bit of debugging and it seems that in Mambo 4.5.2, mosGetParam( $_REQUEST, 'confirmcode', 1 ) will return 0, even though $_REQUEST contains the md5 hash of the user's id.

That is, when the user clicks the confirm link, eg: fijiwebdesign.com/index.php?option=com_comprofiler&task=confirm&confirmcode=e2ad76f2326fbc6b56a45a56c59fafdb

Comprofiler runs the following bit of code:
[code:1]
case "confirm":
confirm( mosGetParam( $_REQUEST, 'confirmcode', 1 ) );
break;
[/code:1]
Since Mambo 4.5.2's mosGetParam( $_REQUEST, 'confirmcode', 1 ) returns 0 and thus passes 0 to the confirm() function then the mysql query fails as there is no userid that md5 hashes to 0.

The temporary work around is to use:
confirm( mosGetParam( $_REQUEST, 'confirmcode', false ) );

So that is:

go to: yoursite/components/com_comprofiler/comprofiler.php and change line 94 from:

[code:1]confirm( mosGetParam( $_REQUEST, 'confirmcode', 1) );[/code:1]

to

[code:1]confirm( mosGetParam( $_REQUEST, 'confirmcode', false ) );[/code:1]

That should make it work.

After you've fixed the code above, you can use this bit of code to send out an email to all your unconfirmed members.



[code:1]case "confirm_notify":
// temporary, delete after use
$query = "select c.user_id as userid, u.name, u.email from #__users as u".
"\n left join #__comprofiler as c on (u.id = c.user_id)".
"\n where c.confirmed = 0";
$database->setQuery($query);
$rows = $database->loadObjectList();

if (count($rows) < 1) {
echo 'All users are confirmed, you are all set :«»)';
} else {

if ( mosGetParam( $_REQUEST, 'msg', false ) ) {
$message = mosGetParam( $_REQUEST, 'msg');
$subject = mosGetParam( $_REQUEST, 'subject', 'Notification');
foreach($rows as $row) {
$umsg = str_replace('{confirm_link}', sefRelToAbs('index.php?option=com_comprofiler&task=confirm&confirmcode='.md5($row->userid)), $message);
echo 'Email sent to: '.$row->name.' with email address: '.$row->email.'<br />';
mail("{$row->name} <{$row->email}>", $subject, $umsg);
}
echo 'All '.count($rows).' emails sent!<br />';
echo '<hr /><b>Summary</b><br />';
echo 'Subject:'.$subject.'<br />';
echo 'Message:'.$message.'<hr />';
} else {
global $mosConfig_live_site, $mosConfig_site_name;
$GLOBALS = $GLOBALS ? $GLOBALS : $mosConfig_sitename;
$GLOBALS = $GLOBALS ? $GLOBALS : $mosConfig_live_site;
?>
<form name="confirm_notify" method="post">
<fieldset>
<legend>Send an Email to all unconfirmed members of your site</legend>
<div>Subject: <input type="text" name="subject" value="Please Confirm your Registration" class="inputbox" /></div>
<div>Message: <textarea name="msg" rows="15" cols="50" class="inputbox">Dear Sir/Madam,

Recently you have tried to register at <?php echo $GLOBALS; ?>, <?php echo $GLOBALS; ?>.

We have noticed that your account registration has yet to be confirmed. This may be due to some technical problems that occured in the update of our website.

Please click on this link to confirm your registration:

{confirm_link}

Sorry for the inconvenience.

Regards,
<?php echo $GLOBALS; ?> Team.
</textarea></div>
</fieldset>
<fieldset>
Send message to (<?php echo count($rows); ?>«») users.
<input type="submit" name="send" value="Send" />
<input type="hidden" name="option" value="com_comprofiler" />
<input type="hidden" name="task" value="confirm_notify" />
<input type="hidden" name="act" value="Send" />
</fieldset>
</form>
<?php
}
}
break;[/code:1]

Add this on line 96 of comprofiler.php

Then go to www.example.com/index.php?option=com_comprofiler&task=confirm_notify

Where example.com is your website url.

That should save you quite a bit of time if you have alot of users who have registered and could not confirm their account. (Also useful for sending out a periodic reminder).
Note that {confirm_url} is converted to the confirmation link for the individual users getting the email. So dont change it.

The page is accessible by everyone however, so I'd recommend deleting the bit of code after use. ;)

This does not pertain to the topic, but since the discussion is on the confirmation link I think I'd say it here.

The "confirmation code" is simply the md5 hash of the users id. This makes the hashing of the users id useless and the the challenge sent to the users email is useless also.
Its like sending the user a url such as:

example.com?index.php?option=com_comprofiler&task=confirm&confirmcode=[userid]

It makes the whole purpose of sending a chanllenge to the user email meaningless as a simple php script can be written to confirm every single userid on a comprofiler based website...

Simply something like:

[code:1]<?php

for($i = 63; $i < 100; $i++) {
$f = fopen("http://example.com?index.php?option=com_comprofiler&task=confirm&confirmcode=$i", 'r');
fclose($f);
}

?>[/code:1]

This will effectively confirm every email address from userid of 63-100.
Hopefully this could get fixed in the next release as it may be one of the reasons I get so many spammers registering on my site... I know other CB users have the same problem.
The whole purpose of a challenge is that it is randomly generated, and complex enough (low probability of being repeated) not to be "guessed" out. Not created out of the userid.:(

Post edited by: fwd, at: 2006/07/16 02:20
13 years 1 month ago #17181 by moneybagsxp
moneybagsxp wrote:

I think I have uncovered a trend in that the users impacted by the issue all appear to use AOL. User@aol.com ... I wonder what's happening on the AOL end that could be happening...

here's an excerpt of the issue:

I WAS SENT THE AUTO GENERATED REGERSTRATION, DID AS INSTRUCTED AND THEN WHEN THE SECOND AUTO GENERATED E-MAIL WAS SENT, I WAS INSTRUCTED TO CLICK ON THE HYPER LINK TO VERIFY E-MAIL ADDRESS AND IT WOULD NOT LET ME DO SO ...


I figured it out:

Since our user group is less "technically-saavy", I didn't quite understand the issue until the 3rd of 4th occurrence. What is actually happening on our end is that we're sending the confirmation URLs, but our users (AOL.com mainly) aren't happy to "click" on the hyperlink. It seems as if the mail is being seng in Plain Text mode, rather than HTML.

I have created a modified, manual test version using PHPMailer where you send has HTML, but also supply and ALTERNATE Text-body for plain text mode, and all of our AOL users are able to click on the link.

While to me, as well as other members on this forum, it may seem all too easy to simply Copy and Paste the link, but many of users don't even know about that functionality.

I kid you not, I can remember back in the day when I first learned about the HOTKEYS to Copy / PASTE ...Pure excitement! Aaahhh, those were the days.

www.pixelchutes.com - Where every pixel matters.
Moderators: beatnantkrileon
Time to create page: 0.415 seconds
Facebook Twitter Google LinkedIn