I am having issues with the link in the registration email. They are not the same problems I have seen others have, but instead the problem is where the key is displayed on the end. For some reason even though the key seems to be generated fine, the key is saved fine in the db, when the link is displayed in the email with {ACT_LINK}, the key starts with "3D" and has an equal sign part way through the key. Also the link breaks off at the point of the equal sign with the rest of the key being displayed below.
For example, here is a link that I received after creating a test account:
http://www.digitalshade.net/cm/register.php?activate=3D957f54cb6444babd5e07=3c63631ae2d7
It appears exactly like that in the email. The path is correct, just the key that is having problems (key should be 957f54cb6444babd5e073c63631ae2d7)
Now if I go into register.php and do the following change:
'{ACT_LINK}' => $act_link
to
'{ACT_LINK}' => $act_key
then when the email is sent out the key appears correctly in the email. The code to make the link appears to be fine so i'm confused.
Here is the part of my register.php file dealing with the registration key...
if ($CONFIG['reg_requires_valid_email']) {
$active = 'NO';
list($usec, $sec) = explode(' ', microtime());
$seed = (float) $sec + ((float) $usec * 100000);
srand($seed);
$act_key = md5(uniqid(rand(), 1));
} else {
$active = 'YES';
$act_key = '';
}
$sql = "INSERT INTO {$CONFIG['TABLE_USERS']} ".
"(user_regdate, user_active, user_actkey, user_name, user_password, user_email, user_profile1, user_profile2, user_profile3, user_profile4, user_profile5, user_profile6) ".
"VALUES (NOW(), '$active', '$act_key', '" . addslashes($user_name) . "', '" . addslashes($password) . "', '" . addslashes($email) . "', '$profile1', '$profile2', '$profile3', '$profile4', '$profile5', '$profile6')";
if ($CONFIG['log_mode']) {
log_write('New user "'.addslashes($user_name).'" created on '.date("F j, Y, g:i a"),CPG_ACCESS_LOG);
}
$result = cpg_db_query($sql);
if ($CONFIG['reg_requires_valid_email']) {
$act_link = $CONFIG['site_url'] . 'register.php?activate=' . $act_key;
$template_vars = array('{SITE_NAME}' => $CONFIG['gallery_name'],
'{USER_NAME}' => $user_name,
'{PASSWORD}' => $password,
'{ACT_LINK}' => $act_link
);
if (!cpg_mail($email, sprintf($lang_register_php['confirm_email_subject'], $CONFIG['gallery_name']), strtr($lang_register_confirm_email, $template_vars))) {
cpg_die(CRITICAL_ERROR, $lang_register_php['failed_sending_email'], __FILE__, __LINE__);
}
msg_box($lang_register_php['information'], $lang_register_php['thank_you'], $lang_continue, 'index.php');
} else {
msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
}
// email notification to admin
if ($CONFIG['reg_notify_admin_email'])
{
cpg_mail('admin', sprintf($lang_register_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_register_php['notify_admin_email_body'], $user_name));
}
return true;
}
pageheader($lang_register_php['page_title']);
if (isset($_POST['agree'])) {
input_user_info();
} elseif (isset($_POST['submit'])) {
$errors = '';
if (!check_user_info($errors)) {
input_user_info($errors);
}
} elseif (isset($_GET['activate'])) {
$act_key = addslashes(substr($_GET['activate'], 0 , 32));
if (strlen($act_key) != 32) cpg_die(ERROR, $lang_register_php['acct_act_failed'], __FILE__, __LINE__);
$sql = "SELECT user_active " . "FROM {$CONFIG['TABLE_USERS']} " . "WHERE user_actkey = '$act_key' " . "LIMIT 1";
$result = cpg_db_query($sql);
if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_register_php['acct_act_failed'], __FILE__, __LINE__);
$row = mysql_fetch_array($result);
mysql_free_result($result);
if ($row['user_active'] == 'YES') cpg_die(ERROR, $lang_register_php['acct_already_act'], __FILE__, __LINE__);
$sql = "UPDATE {$CONFIG['TABLE_USERS']} " . "SET user_active = 'YES' " . "WHERE user_actkey = '$act_key' " . "LIMIT 1";
$result = cpg_db_query($sql);
msg_box($lang_register_php['information'], $lang_register_php['acct_active'], $lang_continue, 'index.php');
} else {
display_disclaimer();
}