News:

Wondering if this will always be free?  See why free is better.

Main Menu

New user email notification bug after 2.0.9 upgrade

Started by Black Tiger, November 26, 2014, 05:57:51 PM

Previous topic - Next topic

Black Tiger

I think there is a bug in the email which is send to the admin of the forum when a new user has registered.

This is what happens when a new user registers.

1.) A verification email is send to the new user.
2.) A notification email is send to the admin that a new user has registered.
3.) And 3 should not be present... mailer-daemons sends back a message with the following content:

A message that you sent contained no recipient addresses, and therefore no
delivery could be attempted.

------ This is a copy of your message, including all the headers. ------

To:
Subject: A new member has registered
X-PHP-Originating-Script: 522:Subs-Post.php
From: "Myforums" <[email protected]>
Return-Path: [email protected]
Date: Wed, 26 Nov 2014 22:33:53 -0000
X-Mailer: SMF
Mime-Version: 1.0


As you can see, there is no email address in the "to" line. However, this is some kind of second email.
Because we also get the correct email which says this user has registered.

This happens until now on 2 different forums. One is a fresh 2.0.9 installation, the other one was upgraded from 2.0.6 to 2.0.9 and since then this double email (1 correct email and 1 extra without the "to" field filled in).

Any clues/fixes for this?
Greetings, Black Tiger

Oldiesmann

Michael Eshom
Christian Metal Fans

Black Tiger

In one forum only this one:
Quote[26-Nov-2014 20:32:25 Europe/Amsterdam] PHP Fatal error:  Cannot redeclare template_quotefast() (previously declared in /home/user/public_html/forum/Sources/Load.php(2170) : eval()'d code:25) in /home/user/public_html/forum/Sources/Load.php(2170) : eval()'d code on line 1001

This is present 4 times, and the one I quoted is the last one of the four.

In the other forum the same one and some others.
Greetings, Black Tiger

kat

From that, it seems that a mod may have been installed, twice. But, that "eval" thing could be masking the real error. Can you go to Admin>Maintenance>server settings and put a check in "Disable evaluation of templates?

Any new errors should be real.

Kindred

well, to be clear...   the ERROR is real, regardless of the eval.

The eval just masks the actual LOCATION of the error.

Which means that you appear to have installed some sort of quote mod more than once.

Mods installed?
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Black Tiger

Lets look at the forum with only those 4 errors. I got the following mods installed:
1.    My Posts SMF2    1.2
2.    SimplePortal - Dutch    2.3.5
3.    Remove "Last edit" mod    0.2.5
4.    SimplePortal    2.3.5
5.    Downloads System    2.0
6.    Contact Page    3.2

Since both forms have the same problems it might be wise to look at mods installed on both forums.
Those are:
1.    My Posts SMF2    1.2
2.    Remove "Last edit" mod    0.2.5
6.    Contact Page    3.2

I had those already present in 2.0.6 without the notification registration email issue. Had to reinstall them again after the upgrade ofcourse.
I don't have any quote mods installed.
Those don't seem mods to me which cause a email registration notification to be send twice, from which 1 is no good and 2 is in perfect order. But then again, I'm no coder so I'm not sure.
Greetings, Black Tiger

Black Tiger

QuoteCan you go to Admin>Maintenance>server settings and put a check in "Disable evaluation of templates?
That's not at Maintenance but under Configuration.:)

Very odd. It might be the errors in the error.log were the only instances, as said the one I quoted was the last one of for.

Now I deleted the error.log, disabled the evaluation of templates, registered as a new user. Confirmed the account.
Then I got an email notification about a new user had registered. But only once as should be, no second mail via mailer-daemon anymore.

Seems the problem has gone suddenly. Is that because I disabled the evaluation now? Or could there be some other reason those mails were send out twice?

Did not test the other forum yet.
Greetings, Black Tiger

kat

Quote from: Black Tiger on November 27, 2014, 05:04:59 PM
That's not at Maintenance but under Configuration.:)

OOps! That's where mine is... Hmmm... Probably a change that got made by a mod.

Quote from: Black Tiger on November 27, 2014, 05:04:59 PMIs that because I disabled the evaluation now?

I'd be surprised, if it is, to be honest. I have that disabled, anyway, coz it speeds things up, a little.

I think we have one of those coincidences that makes you go "Well... waddya know?" ;)

Black Tiger

QuoteOOps! That's where mine is... Hmmm... Probably a change that got made by a mod.
??? That would be strange because I had the "server settings" even under configuration on a fresh install as far as I remember. Or do you mean that your's was changed by a mod?

Well I still seem to have found a little issue. :)

On our previous (vBulletin) forum we had a mod.  If we got notification emails send back to us via mailer-daemon, we removed the email address out of the account. This prevented vBulletin from sending other notification and birthday emails.
The mod we had installed, let the user see a notification banner on top of the forum, that he needed to update his email account.

Would be nice to have such mod on SMF too, but that's not the issue.

I've discovered that SMF is trying to send emails to users, in spite of the fact that no email address is present in the users account.
So it looks like SMF is not using a check for this.

This is resulting in mails which come back via mailer-daemon, because the "to" field is empty. Same as the the reason I started this thread.
Like this:
QuoteTo:
Subject: Happy Birthday!
X-PHP-Originating-Script: 522:ScheduledTasks.php
From: "Duckfiles" <[email protected]>
Return-Path: [email protected]
Date: Sat, 29 Nov 2014 00:00:14 -0000
X-Mailer: SMF

How can I fix it so SMF is not sending out notifications and emails anymore when no email address exists in the user's account?
Greetings, Black Tiger

Illori

SMF requires an email address to be in each profile, the email address is also used as a way to log in with it as the username.

Black Tiger

Every forum requires an email address. Fact is that it's not there and SMF is not checking if it's present which it should do anyway imho.
I appreciate your answer, but it is no solution to my issue. :)
Greetings, Black Tiger

Arantor

No, it is an answer.

SMF always requires an email; there is no legitimate case in SMF where an email address would be missing.

Kindred

I assume that the reason it is missing is because black tiger did a direct import to the database from vbulletin and did not transfer the email addresses....

Which does not change the fact that arantor and Illori are correct. There is no case in which a real user of smf would exist without an email... Therefore there is not check for it, since it is impossible to register an account without an email.

Actually, I see some potential issues with so many of your accoutns missing email, since smf users can use the email as an alternative to the username for login...  It could, potentially, cause issues if a user triggers the list password function.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor


Black Tiger

Well oke I'll rephrase it. It is an answer, but it's no solution for the issue.;)

QuoteI assume that the reason it is missing is because black tiger did a direct import to the database from vbulletin and did not transfer the email addresses....
Hmmz... I wonder if you read my previous post, because in there I clearly explained why and how -some- of the email addresses got emptied.
So it's only a few (maybe around 15 or 20) accounts without an email, not a lot.

Next to that I wonder, if empty email accounts can be an issue, why no check is build in. The fact that there is no valid reason for an email address to be missing, goes for every existing forum I know of, so that's no real argument if admins can remove email addresses so easily.
However, to be honest, on this part I only know of vB who has a check build in, I don't know about other forums.

Still... an admin could decide for some reason (like I did), to remove the email address to force the user to update it for example or (like I did) to get rid of the mailer-daemon returning mails for a user.
As you can see from those examples,  alone the fact that it would cause issue's would rectify the presence of a check.
So a check might be a nice feature suggestion maybe?

FYI: I'm sorry if it looks like I'm complaining, I really am not, just exchanging thoughts about this with you. I know what a lot of work you guys put in SMF and that's a great effort. So sorry if you get the wrong impression of my intentions.

I also didn't know (or didn't remember) users could login with their email address.

So these are the questions I still have.
1.)  Can that (users can login via email address) be turned off somewhere so they can only login with their username?
2.) Is there a way to prevent mailer-daemon messages of notifications and email addresses of users with changed or non existing email addresses?
3.) Is there a fix for the issue I'm having now? Or is the only thing I can do is delete all those users?
4.) For vB i had a mysql command to look for users without email addresses:
SELECT userid, username FROM user WHERE email = '';
Do any of you know of a mysql command like this which I could use for SMF?
Greetings, Black Tiger

Arantor

So, let me clarify this, you manually altered the database to a state SMF was never expected to reach, and expect SMF to deal with it gracefully anyway despite it being something SMF itself will do everything it can to prevent? Just curious here.

1) Not without a code change. Email is also required in most cases for forgot password and that's still going to be broken for those users.

2) You would have to ask your host about dealing with mailer-daemon. You can certainly turn off normal notifications in SMF and remove the user's birthday so they won't get that either.

3) Best solution: put email addresses back in which will fix all the main problems. As a secondary measure, it would be possible to interrupt the mail handler to stop them going out in the first place, which will stop you getting errors but won't solve the situation for users that are now potentially locked out of your site. Sources/Subs-Post.php, find this code:
// If the recipient list isn't an array, make it one.
$to_array = is_array($to) ? $to : array($to);


Afterwards, add:
foreach ($to_array as $k => $v)
if (trim($v))
unset ($to_array[$k]);
if (empty($to_array))
return $mail_result;


4) Despite this being something you did yourself, you could certainly find the same data with:SELECT id_member, member_name FROM smf_members WHERE email = '';

Even though I don't think it necessary, I think it sufficiently good from a defensive design standpoint to implement this check in 2.1 and have filed it as issue 2541 on Github.

Kindred

Let me be more blunt.

Why would we waste processing cycles on a condition that should never happen unless someone does something stupid, directly in the database?
There are hundreds, in not thousands of different, stupid, things that an admin can do,mdirectly in the database or by forcing code... 
While we do try to cover most common things that an admin could do through the admin interface, we can't write code to protect from every path down which someone can force an error through direct access.

If vb does so... Then good for them, but I consider it a waste of programming, our developer's time and system processing to check for things which will never occur under anything but exceptional (and manually caused) circumstances


Oh... And deleting the email address is not the way to force a user to re-enter it... There is no default feature in smf to do that.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Arantor

Because as I commented on Github, it's good defensive design and there are consequences beyond SMF itself for not sending out invalid email. However I'm firmly in the camp that it should be unnecessary to start with, but even the impossible sometimes happens. (Especially if I'm involved.)

However I'm only in favour of changing the mail handling not to send invalid emails; everything else is still completely on the table as user error that needs to be dealt with and not in this fashion. ;)

Black Tiger

@Arantor:
QuoteSo, let me clarify this, you manually altered the database to a state SMF was never expected to reach, and expect SMF to deal with it gracefully anyway despite it being something SMF itself will do everything it can to prevent? Just curious here.
No ofcourse not. I don't expect SMF to deal with it, because it's not default behaviour, it's a problem I caused myself. I would like to ask SMF to help me with it.
And I was exchanging some thoughts about it as an idea, because it could be more admins could have the idea of removing email adresses to prevent mail coming back from old non-existing email accounts. No more, no less. But I just discovered that this isn't even possible in SMF. So there is no need for an email presence check.

@Kindred: You're not blunt, you're just to the point. It's a good argument but your forgetting something:
Quotethat should never happen unless someone does something stupid, directly in the database?
It was not done directly in the database!! As I pointed out it was done in vBulletin. The converter just converted the accounts to SMF, also the email-empty accounts, I did not changed anything like that directly in the database. I'm indeed not that stupid. :)
I just discovered that SMF has another check. In SMF you can't remove an email adres from a users account, it will give you an error notice. In that case indeed no empty email check is or would be needed.

@Arantor:
1.) Oke thanks. I don't mind code changes, but in this case I don't find ith worth the trouble, since you told me another solution to prevent outgoing mails.

2.)I'm my own host (I'm a hoster too), next to that I do support, upgrade and maintenance for 4 hosting servers with shared accounts. It's normal that the mailer-daemon sends back emailto the sending party if the mail can't be delivered. I would'nt know why any host, including myself, would change that normal email server behaviour. :)
But oke, removing birth dates is a good idea as a solution! Next to removing notifications.
Is there also some option to turn off admin newsletters in a user's account?

3.) I can't put adresses back, because I don't know them anymore. :)
But thank you very much!! You're great! Is that the check for empty email? Awesome!

4.) Again I would like to express my thanks.

And again compliments on how SMF users and developpers are trying to help, even in cases like mine!
Greetings, Black Tiger

Black Tiger

P.s. As a solution to the empty email users I will delete those users with empty emails, so those accounts can not issue any problems anymore.
Greetings, Black Tiger

Arantor

This is the point we made originally; this is a situation that should never occur and SMF will not permit it if it has any control over it. I can't believe manually deleting emails would be considered an acceptable solution in vB's case either, to be honest, but given some of the... interesting... design decisions in vB, it's quite possible it is.

1) It's not actually problematic to the email login functionality, actually; if the username appears to be an email address when entered, it will simply look up the username attached to that email - but since there's no email to lookup in those cases, it won't be an issue.

2) I wasn't suggesting you changed that aspect of it, actually. I did expect you to be able to configure mailer-daemon to nullroute such emails though. As for notifications and announcements, that's all controllable from a user's profile (including turning off announcements). The announcement area will still offer the choice of overriding but the patch I suggested will curb the issue anyway.

3) Backups are a wonderful thing ;) If I do manual changes like that I tend to record them somewhere. But yes, that code will prevent the mail handler sending out email to null addresses. Since it's low cost, low risk and has beneficial side effects I also recommended it be added to 2.1.

P.S. as a solution to the empty email users, make SURE you delete them from inside SMF, not the database directly.

Black Tiger

In vB you can only login with your username and not with email addres, so it wouldn't be an issue if there's an email address or not I guess.

1.) On vB I could restrict certain usernames, because some dudes used arabic signs as usernames. So I also prohibited @ to prevent users using email addresses as a username. Which is a good thing because this prevents spam to their email accounts also.

2.) I don't think any host would null-route emails, Many times they are important notifications of things not going well. Often you can see in them that the recipients email box is full or that your domain is on a spamlist. So null route is not a good solution.

3.) I always have backups, also before and after I install a modification. However... After you converted and configured a complete SMF forum and users are already posting on it, you don't delete users from the old backup, and start from scratch with the conversion again.

So you suggest to delete the users from inside SMF? That would mean I have to note all names in mysql, then go to SMF and delete them one by one.
Luckily it's only about 20. But what is the thought behind it? What is the problem of deleting the users from the database directly? I'm just curious.
Greetings, Black Tiger

Arantor

1) SMF allows for this sort of thing too, incidentally. There's also a mod for disallowing emails as usernames to prevent people who really don't understand the spam concern.

2) Really? You wouldn't nullroute email that has no destination in the first place? Guess it depends on the setup you've got going on, but I've known places that just nullrouted such stuff at outbound.

3) Neither do I ;)

As for not deleting users directly in MySQL... do you have any idea how many clean-up queries get run by SMF at the same time when you delete a user? The exact same mentality we've been expressing with such agitation - that SMF doesn't expect people to mess with the DB directly - is present throughout SMF.

Black Tiger

1.) Ah cool. I will have a look for that mod.

2.) No. If possible I don't tamper with things. If it has no destination, it gets back to the sender, and that way the sender knows something is wrong. Otherwise he wouldn't know. If I did not have those mailer-daemon messages, I would never have known I had a problem because empty email in SMF is not good. Correct? ;)

As for the deleting of users, no sorry I don't have a clue because I never delete postings of a user. But I will gladly follow your advise and do it via the Admin panel of SMF as you suggested.

Just one last question, a bit off topic. I get tons of these messages:
Quote512: loadMemberContext(): member id 28085 not previously loaded by loadMemberData()
I read on the forums here that this is from users who were deleted before conversion.

An advise from endomorph in that thread was fix it by doing this:
update smf_messages
set id_member = 0 WHERE not exists
(select id_member from smf_members where smf_messages.id_member = smf_members.id_member )

But that was a thread from 2010.
Is this mysql command still good? And to I also have to use in that same line the things between the ( ) brackets? Like this?
update smf_messages set id_member = 0 WHERE not exists (select id_member from smf_members where smf_messages.id_member = smf_members.id_member );
Greetings, Black Tiger

Arantor

2) I can see that. Just saying I've seen other configurations too.

3) And that error is precisely why you do not delete users manually! It is precisely the case of deleting a user manually and then not updating the messages table (which is something SMF would do itself if you told it to delete a member and not delete their posts) that gives you that error.

The code looks fine to me, nothing has changed in SMF in forever that would affect that query.

Black Tiger

Awesome. Thank you again for the great help.

And I now also directly understand problems which could be caused by database deletion of users. Pity the convertor does not pick that up. But hey... some work must be left to do for us too. :)
Thanks!
Greetings, Black Tiger

Black Tiger

Just topping this again for feature references.

@Arantor if this code is applied (from previous page):
foreach ($to_array as $k => $v)
if (trim($v))
unset ($to_array[$k]);
if (empty($to_array))
return $mail_result;

Then totally no mail is send out anymore. I discovered this when a user tried to use the reset password failure. Forum said mail is send, no errors in the log, but no mail was send. After removing the code again, mail is send out again.
So something in this code is nog correct.
Greetings, Black Tiger

Arantor

Oh, this is what I get for doing it in a hurry.

if (trim($v) == '') not if (trim($v))

Black Tiger

Oke so the correct version should be:
foreach ($to_array as $k => $v)
if (trim($v) == '')
unset ($to_array[$k]);
if (empty($to_array))
return $mail_result;


Thanks!
Greetings, Black Tiger

Arantor


Advertisement: