Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: Problems with registration email  (Read 6667 times)

0 Members and 1 Guest are viewing this topic.

dshade69

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Problems with registration email
« on: October 25, 2004, 02:53:14 pm »

I am having issues with the link in the registration email.  They are not the same problems I have seen others have, but instead the problem is where the key is displayed on the end.  For some reason even though the key seems to be generated fine, the key is saved fine in the db, when the link is displayed in the email with {ACT_LINK}, the key starts with "3D" and has an equal sign part way through the key.  Also the link breaks off at the point of the equal sign with the rest of the key being displayed below.

For example, here is a link that I received after creating a test account:

http://www.digitalshade.net/cm/register.php?activate=3D957f54cb6444babd5e07=
3c63631ae2d7

It appears exactly like that in the email. The path is correct, just the key that is having problems (key should be 957f54cb6444babd5e073c63631ae2d7)

Now if I go into register.php and do the following change:

'{ACT_LINK}' => $act_link

to

'{ACT_LINK}' => $act_key

then when the email is sent out the key appears correctly in the email.  The code to make the link appears to be fine so i'm confused.

Here is the part of my register.php file dealing with the registration key...

Code: [Select]
    if ($CONFIG['reg_requires_valid_email']) {
        $active = 'NO';
        list($usec, $sec) = explode(' ', microtime());
        $seed = (float) $sec + ((float) $usec * 100000);
        srand($seed);
        $act_key = md5(uniqid(rand(), 1));
    } else {
        $active = 'YES';
        $act_key = '';
    }

    $sql = "INSERT INTO {$CONFIG['TABLE_USERS']} ".
           "(user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".
           "VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($password) . "', '" . addslashes($email) . "', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6')";
    if ($CONFIG['log_mode']) {
        log_write('New user "'.addslashes($user_name).'" created on '.date("F j, Y, g:i a"),CPG_ACCESS_LOG);
    }
    $result = cpg_db_query($sql);

    if ($CONFIG['reg_requires_valid_email']) {
        $act_link = $CONFIG['site_url'] . 'register.php?activate=' . $act_key;
        $template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'],
            '{USER_NAME}' => $user_name,
            '{PASSWORD}' => $password,
            '{ACT_LINK}' => $act_link
            );
        if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), strtr($lang_register_confirm_email, $template_vars))) {
            cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
        }
        msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_continue, 'index.php');
    } else {
        msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
    }

    // email notification to admin
        if ($CONFIG['reg_notify_admin_email'])
        {
        cpg_mail('admin', sprintf($lang_register_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php['notify_admin_email_body'], $user_name));
        }

    return true;
}

pageheader($lang_register_php['page_title']);
if (isset($_POST['agree'])) {
    input_user_info();
} elseif (isset($_POST['submit'])) {
    $errors = '';
    if (!check_user_info($errors)) {
        input_user_info($errors);
    }
} elseif (isset($_GET['activate'])) {
    $act_key = addslashes(substr($_GET['activate'], 0 , 32));
    if (strlen($act_key) != 32) cpg_die(ERROR, $lang_register_php['acct_act_failed'], __FILE__, __LINE__);

    $sql = "SELECT user_active " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_actkey = '$act_key' " . "LIMIT 1";
    $result = cpg_db_query($sql);
    if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['acct_act_failed'], __FILE__, __LINE__);

    $row = mysql_fetch_array($result);
    mysql_free_result($result);

    if ($row['user_active'] == 'YES') cpg_die(ERROR, $lang_register_php['acct_already_act'], __FILE__, __LINE__);

    $sql = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET user_active = 'YES' " . "WHERE user_actkey = '$act_key' " . "LIMIT 1";
    $result = cpg_db_query($sql);

    msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
} else {
    display_disclaimer();
}
« Last Edit: March 01, 2005, 10:06:02 am by GauGau »
Logged

Nibbler

  • Guest
Re: Problems with registration email
« Reply #1 on: October 25, 2004, 03:02:11 pm »

Moving to bugs for further investigation.
Logged

Nibbler

  • Guest
Re: Problems with registration email
« Reply #2 on: October 25, 2004, 03:37:41 pm »

Confirmed.

Suggest switching html encoding method from Quoted printable to 8bit. Not really my area so I'll wait for confirmation before I commit.

Code: [Select]
$mail->setHtmlEncoding('8bit');
Line goes in the mailer.inc.php under

Code: [Select]
$mail = new htmlMimeMail();
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: Problems with registration email
« Reply #3 on: December 17, 2004, 06:55:49 pm »

I was unable to replicate.

I am using Outlook 2002. What are you using?

When I checked in text-only webmail, the link got truncated but there was no extra = or 3D.
« Last Edit: December 17, 2004, 07:04:01 pm by TranzNDance »
Logged

dshade69

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Problems with registration email
« Reply #4 on: December 21, 2004, 01:28:38 pm »

This was in both outlook 2000, and squirrelmail.
Logged

Tranz

  • Dev Team member
  • Coppermine addict
  • ****
  • Country: 00
  • Offline Offline
  • Gender: Female
  • Posts: 6149
Re: Problems with registration email
« Reply #5 on: February 19, 2005, 08:53:17 pm »

Is this still an issue?
Logged

Nibbler

  • Guest
Re: Problems with registration email
« Reply #6 on: February 19, 2005, 08:57:47 pm »

The fix suggested is now in devel, so should be resolved now.
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Problems with registration email
« Reply #7 on: February 20, 2005, 06:01:02 pm »

@dshade69: can you confirm the fix works for you? Please report back.

Joachim
Logged

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47843
  • aka "GauGau"
    • gaugau.de
Re: Problems with registration email
« Reply #8 on: March 01, 2005, 10:05:50 am »

no answer means approval. Marking as "fixed" then, especially since there is a new mail class available.

Joachim
Logged

dshade69

  • Coppermine novice
  • *
  • Offline Offline
  • Posts: 22
Re: Problems with registration email
« Reply #9 on: March 04, 2005, 01:17:04 pm »

Sorry, I had let Nibbler know via PM (since they PM'ed me the fix to try) that this did resolve the issue.
Logged

Nibbler

  • Guest
Re: Problems with registration email
« Reply #10 on: March 04, 2005, 02:49:43 pm »

This is true. Default encoding with the new mailer is 8bit, so this issue no longer exists.
Logged
Pages: [1]   Go Up
 

Page created in 0.017 seconds with 20 queries.