Firefox PHP

Module: Group Auto-Email

Posted by Joe Curia 
Re: Group Auto-Email - change default status
January 21, 2009 04:46PM
Done. All it shows is :

Info 01/21/2009 10:39AM post Application Message "Re: test post" posted by "Ashley Horn".

User info:

User ID = 12, username = hornwa [ view user's profile ]
User IP address = 192.168.100.15

Related message:
Forum = AACEBOD
Message ID = 20
[ view message ]

However, I tailed the apache2 error log and saw this:

[Wed Jan 21 10:26:50 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
[Wed Jan 21 10:29:31 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
Re: Group Auto-Email - change default status
January 21, 2009 05:21PM
Please make sure the Event Logging module has its minimum log level set to "Debug" and that you are not filtering out the "Debug" level events.

The apache message tells us there is something wrong with the headers, which should show up as a debug level event. The only site-specific info put in the headers is the "System Emails From Name" and "System Emails From Address" set in the Admin Section -> General Settings page near the bottom. Could you check that those two fields do not have anything irregular in them?


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: Group Auto-Email
January 21, 2009 05:35PM
Minimum log level is set to debug and nothing is filtered. System Emails From Name and Address appear ok. I looked at the group_autoemail.php file and found several instants of \n\n in the code. I changed them to \r\n and now there are no errors produced in the apache error log but mail is still not sent.

Ashley
Re: Module: Group Auto-Email
January 21, 2009 05:42PM
OOH! I got lots of stuff now:

User info:

User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15

Additional details:

Message:

PHP notice: Array to string conversion

PHP notice generated at /srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php:122

Back trace:

Function implode called at
{path to Phorum}/mods/group_autoemail/group_autoemail.php:122
----
Function phorum_mod_group_autoemail_after_post called
----
Function call_user_func_array called at
{path to Phorum}/common.php:1567
----
Function phorum_hook called at
{path to Phorum}/include/posting/action_post.php:226
----
Function include called at
{path to Phorum}/posting.php:473
----

Request info:

HTTP_HOST = www.aace.com
HTTP_REFERER = [www.aace.com]
REQUEST_URI = /bodforum/posting.php

AND

User info:

User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15

Additional details:

Message:

First user:
12 = 12,hornwa,Ashley Horn,Ashley Horn,979cdfb8dce374f1a974af08470f6cb6,*NO PASSWORD SET*,9a5d67ad33e7d23972ae7b492f2e273d,,0,wahorn@xxxxx.com,,1,1,Ashley Horn,0,9,0,0,1232480409,1232551761,3,0,1,2,1,-5.00,0,,,,0,Array,Array,Array,Array,on,Array



Edited 1 time(s). Last edit at 01/21/2009 05:43PM by wahorn.
Re: Module: Group Auto-Email
January 21, 2009 06:17PM
Argh, I think I gave you a bit of bad code. Please re-edit the group_autoemail.php file changing:
Language: PHP
foreach($mail_users as $user_id => $user_info) { if ($debug_i == 1) { if (function_exists('event_logging_writelog')) { $testuser = implode(",",$user_info); event_logging_writelog(array( "message" => "First user:\n\n".$user_id." = ".$testuser )); } } if ((empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) || (!empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) && $user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"] != "on") || $PHORUM["phorum_mod_group_autoemail"]["allow_user_unsubscribe"] != 1)
to:
Language: PHP
foreach($mail_users as $user_id => $user_info) { if ($debug_i == 1) { if (function_exists('event_logging_writelog')) { $testuser = implode(",",$user_info); event_logging_writelog(array( "message" => "First user:\n\n".$user_id." = ".$testuser )); } } if ((!empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) && $user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"] == "on") || $PHORUM["phorum_mod_group_autoemail"]["allow_user_unsubscribe"] != 1)


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: Group Auto-Email
January 21, 2009 07:07PM
Well, now I get:

[Wed Jan 21 13:03:20 2009] [error] [client 67.98.187.69] File does not exist: /srv/www/htdocs/aaceonline/advocacy/images, referer: [www.aace.com]

and nothing in Phorum event logging. Also, the post gets posted to Phorum but blank page is returned after posting rather than returned to forum.

Ashley
Re: Module: Group Auto-Email
January 21, 2009 07:26PM
It sounds like this file may now have some errors in it. Could you upload your edited group_autoemail.php file and I will review it for any possible damage. Thanks.


Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Re: Module: Group Auto-Email
January 21, 2009 07:31PM
See attached and thank you for all your hard work on this.

Ashley

EDIT: Attachment removed to avoid confusion, Joe



Edited 1 time(s). Last edit at 01/21/2009 07:50PM by Joe Curia.
Re: Module: Group Auto-Email
January 21, 2009 07:40PM
Re: Module: Group Auto-Email
January 21, 2009 07:49PM
Sweet! Works like a charm. Thanks a million. Now, on to my RSS issues. Topic for another day.

Ashley
Sorry, only registered users may post in this forum.

Click here to login