Welcome Guest, Not a member yet? Register   Sign In
Question about Freak Auth Registration and Activation
#1

[eluser]ashleyA[/eluser]
Hi everyone,
I am pretty new to CI and Freak Auth, I am currently working on my first project using CI & FAL, the question I have is whenever someone registers at my site, the FAL sends them an email instructing them to activate, when they click the activate uri it takes them to the activation page and says "We are sorry, but your activation has failed. Contact the site administrator for assistance." Even though it says it has failed, it still moves the user's registration details from the user_temp table to user table. It is very frustrating to see it do this.

Can someone please help me

Thanks
Ashley
#2

[eluser]Grahack[/eluser]
Hi,
this is quite strange. Could you precise the background (OS, CI version, FAL version...)? Do you have a live install that I could test?
#3

[eluser]ashleyA[/eluser]
I have a live install at http://www.abrahamsphotography.com/index.php , please feel free to test it.

The background info

I am hosting my site in a Linux Server with 1and1.com and
CI Ver 1.5.4
FAL Ver 1.1
PHP Ver 5.2.4

The only change I made to the FAL code was is to use the email address as the username and made the required changes to the code to handle username checks, duplicate checks and validations. So, basically I am storing the email address in both the username field and email field in the database. The email as the username part is working with no problem at all. I dont know how it could affect the email activation part.

I have attached two snapshots, first one of user_temp table after someone registers and the second one is of the user table after the activation. The reason for attaching them is just to show how the registration is successful and the activation email is also sent properly and all.

Thanks for taking a look


Thanks,
Ashley
#4

[eluser]ashleyA[/eluser]
Hi Grahack,
One thing I noticed after posting the above message, that is the id# in both user_temp and user tables are different... but the id in the activation email uri matches the one in the user_temp table.

Thanks
Ashley
#5

[eluser]Grahack[/eluser]
Just tested: I have a
Code:
Call to undefined method Freakauth_light::deleteUserAfterActivation() in
/OOsystem/application/libraries/FAL_front.php
on line 422
when I click on my activation link. Did you too?
#6

[eluser]ashleyA[/eluser]
I didn't get that error message. About the code on line 422, when I started getting the failed message, I was trying to investigate and did some test earlier and forgot to take that line of code, what I was trying to test is to see whether it made any difference in executing the function deleteUserAfterActivation() only after a successful activation. Now, I've restored all the changes I've made in the files for test back to the original code, but I still get the failed message when I do activation.

Thanks
Ashley
#7

[eluser]Grahack[/eluser]
Hi Ashley,
Your id # in the tables and URLs are perfectly normal.
What bothers me is that if you see the 'failed' message, it can only because this portion of code returns false (see here).
And if false is returned, I don't see why the user is moved from temp to real table.

Anyway, thanks to you my eyes went on a security issue we had! Now fixed.

That would be easier to live-debug (it seems a test install) because I'm not sure about the code that is on your server. So I'm gonna send you an email to see how we can proceed.
#8

[eluser]ashleyA[/eluser]
Regarding the activation failed message I was getting When the user clicks on the activation link in the email saying “We are sorry, but your activation has failed. Contact the site administrator for assistance.” What I came to find out was, when the PHP Version you are running in your server has the ‘Thread Safety enabled’ then it has no problems, but, if it the Thread Safety is disabled then I am experiencing the email activation problem.

The weird thing was, some how the process moves the user from user_temp table to user table but it also gives activation failed message.

My guess was, without thread safety enabled multiple threads work on your request, so one thread races the other thread and moves the new user from the user_temp table to the user table and the other checks the user_temp table and doesn’t find the user in it and complains saying activation failed.

-Ash
#9

[eluser]Grahack[/eluser]
Nice shot, this could be why. But do you have a fix?
#10

[eluser]Brockjava[/eluser]
I created two fresh installs one local dev and remote. I am getting the same error. Is there any fix for this?

-Bradley




Theme © iAndrew 2016 - Forum software by © MyBB