What can I do when a members email address is no longer valid?

Kindred · January 04, 2015, 07:38:18 PM

and what is SMF supposed to DO when it sees a bounced email?

First of all - we'd have to write some sort of processor that would ACCEPT incoming emails (which is a security nightmare in and of itself)
second, - we'd have to figure out what to DO when a bounced email happens... delete the account? That's really the only thing that would solve the issue.

radu81 · January 05, 2015, 08:49:34 AM

could set that user email to inactive, or move that user to a inactive membergroup that will never receive any kind of email. imho...

once that a user from "inactive" group is logged we could display a message that his email address is invalid and invite him to update his account.

I'm not a coder, I don't know if this is easy or difficult to do in SMF. just my 2 cents

Arantor · January 05, 2015, 08:53:29 AM

(even though all of those things were outlined as being problematic)

Black Tiger · January 05, 2015, 09:59:14 AM

Yes but why? Sometimes statements confuse people.

This is what brought me to confusion last time.
it was not me "knowing best" as you wrote, but it were two statements on my mod request::

Quote from: KindredDoing that would require some changes to the smf design, but overall, not incredibly difficult.

And after that your incorrect statement that state 2 users would not be able to change their email address... which they can by default as I discovered myself afterwards.
But that also seems to have issues as I'm told after I discovered this.
It was both those statements, which confused me and made me doubt everything.

I'm still wondering what would not be incredible difficult to do, like Kindred said. I'm a curious person.

However.... having made that point clear....
I agree that SMF should not have to do -anything- on bounced emails. I don't know of any other forum software which does, so why should SMF do?

Next to that I appreciate the fact that it can't or won't be done because SMF developpers have very little spare time and doing already all they can.
So I can also understand when only a few people ask for something like this, that it won't be done.

Arantor · January 05, 2015, 10:24:01 AM

QuoteAnd after that your incorrect statement that state 2 users would not be able to change their email address... which they can by default as I discovered myself afterwards.

Yes because we're not all perfect like you and do make mistakes.

XenForo does actually have some support for bouncing.

Black Tiger · January 05, 2015, 10:37:54 AM

QuoteYes because we're not all perfect like you and do make mistakes.

Sigh.... you're missing the point and are still pissed I notice, but thank you for the complement. However, to give you peace of mind, I also make mistakes.

The point is that you got pissed at me in the feature requestion thread and said that irritating "you know best".

So it seems (I get that feeling from you new reply here too) that you can make a mistake but I'm not allowed to interpretate a mistake of yours as not being a mistake because I don't know how it works? Not really fair is it?
Because normally one does not suppose somebody's fear statement and a confirmation on it a few lines below... is a mistake.
You also never told me it was a mistake.

So yes everybody can make mistakes and I don't blaim you for it.
But I can't know either when something is a mistake and when it's not. I'm sure you have to agree with me, if you don't know a mistake was made, those statements work really confusing, correct? That's the point I wanted to make.

Xenforo is one of the few I did not check. I know there was a mod made for vBulletin for it. But I still think forums do not have to do those checks basically (or in the core or how do you call it?).

Black Tiger · January 05, 2015, 10:44:24 AM

P.s. I still hope Kindred would be willing to explain what exactly would not be that incredible difficult, still curious about that one.

Arantor · January 05, 2015, 10:48:32 AM

Considering that everyone else around here expects me to be perfect all the time and to always have all the answers (to the point where people ask me questions about code I've never even seen and still expect me to know the answers), coupled with the fact that in spite of whatever reputation I appear to have had bestowed upon me, I've been insecure for years about how little I know about programming and SMF, you can imagine that I'm pissed most of the time trying to walk a seemingly impossible tightrope.

Not knowing the answers is fine. You're allowed to be wrong when you don't (and aren't expected to) know the answer. I hadn't looked at the code in literally years (never mind the fact that I've worked on three quite different variations of the same code in the last 5 years), glanced through the one section which doesn't appear to work the way that is described (the if blocks do not appear to match up to what is observed) and suddenly it's my fault for not knowing the precise answer. All this does is reinforce how little I think I know about things and discourages me from posting - which, I rather suspect, is contrary to your intent. But that's how it is. This bullish attitude... it's pure front.

Black Tiger · January 05, 2015, 11:21:57 AM

I don't expect you to be perfect. As said, anyone can make a mistake, but in this case both you -and- Kindred made the same confirmation when I specifically asked for it. How often does it happen that two of the most respected forum members make a mistake in the same thread on the same question?
If you take that in consideration, is it strange that I think the answers are correct and no mistakes are made? And that it works confusing if I find other conclusions myself afterwards?
There is and was no reason at all, to give the comments you gave as me "knowing it all" and me "not making mistakes". If you say it's a pure front, I'll accept that.

QuoteI've been insecure for years about how little I know about programming and SMF,

You must be joking right? Is this really true?
You really confuse me even more now. On some questions about coding, it looks like you almost throw the answers out of your sleave (I hope that's the correct proverb or saying in English?) so easy and correct they come out.
But if it's indeed the case what you are stating now, I'm still amazed about the knowledge about things present in your head, even after 5 years. I was under the impression you was still often checking code and getting into SMF for hobby.

I never in the most distance way, have ever thought you of being some kind of insecure or discouraged (hopefully not by me) in any way.
So I greatly appreciate your honesty about that.

I never said it was your fault that you did not know the precise answer, but try to look at it from my side. 2 well know people making the same mistake. How often does that happen. Next to that, I never point fingers to blaim somebody. So somebody had it wrong, so what, in my case 2 people made a mistake, so what? It's not a blaim, but it really is confusions if one thinks it's not a mistake. Sorry for that.

I still don't blaime you or Kindred or anybody for making a mistake. But I'm a technical person, I'm only very curious what is the "not difficult" part. And I'm very curious about the exact problematic issue on the display of this "state 2" default part.

Your suspicion is therefore exactly correct. It's contrary to my intent to discourage you in any way from posting or answering, I normally greatly appreciate them.
I do now understand that you are not that deeply involved and known with the code as I thought you were.
Some of your answers I read (also to others) gave me the impression you almost knew and were familiar with the complete code. Try to flatter yourself a little more. With your knowledge you really deserve it!
You don't need fronts to protect you. Without that front, you're great! And don't mind mistakes, even well known scientists make them, so what? It should not be a problem.

Kindred · January 05, 2015, 12:17:25 PM

when you quote from another thread, please link to that other thread...

I thought it was fairly clear what I was responding to in the original thread...
what would not be incredibly difficult is adding a user status which requires them to change (some user setting)
I can see that being done with some fairly basic coding and a change to the database query in a few places.

That's just off the top of my head, though -- without actually digging into the code.

Black Tiger · January 05, 2015, 12:51:53 PM

You're quite correct Kindred, the quote came from my mod request about this:
http://www.simplemachines.org/community/index.php?topic=531315.0

I wanted to make 100% sure I understood correctly what your answer was responding to, due to the fact I got confused later on.
I see now you mean adding a user status would not be incredibly difficult. I thought you ment creating a mod for setting a user to state 2 would not be very difficult.
But adding a status which requires them to make some change would be fine also.

This still leaves the question what the eventual security issues will be (if any), because I presume such user still has to make use of that default possibility to change his email address? Or would it require a complete new thing to have the user fix this?

It would make it a vector for attacking accounts, which is correct, but on the other hand, I don't quite understand the difference between attacking via that option, or attacking via the normal login option. Unless the "change email feature" option (to give it an easy name) is not protected by the "X strikes login failure and you're blocked" via the normale login protection ofcourse.
To prevent misunderstanding, my intention is to understand the problem which could cause something like that, related to the normal login sequence.

News:

What can I do when a members email address is no longer valid?