Module: Group Auto-Email
Posted by Joe Curia
|
Re: Group Auto-Email - change default status January 21, 2009 10:46AM |
Registered: 14 years ago Posts: 13 |
Done. All it shows is :
Info 01/21/2009 10:39AM post Application Message "Re: test post" posted by "Ashley Horn".
User info:
User ID = 12, username = hornwa [ view user's profile ]
User IP address = 192.168.100.15
Related message:
Forum = AACEBOD
Message ID = 20
[ view message ]
However, I tailed the apache2 error log and saw this:
[Wed Jan 21 10:26:50 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
[Wed Jan 21 10:29:31 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
Info 01/21/2009 10:39AM post Application Message "Re: test post" posted by "Ashley Horn".
User info:
User ID = 12, username = hornwa [ view user's profile ]
User IP address = 192.168.100.15
Related message:
Forum = AACEBOD
Message ID = 20
[ view message ]
However, I tailed the apache2 error log and saw this:
[Wed Jan 21 10:26:50 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
[Wed Jan 21 10:29:31 2009] [error] [client 192.168.100.15] ALERT - mail() - double newline in headers, possible injection, mail dropped (attacker '192.168.100.15', file '/srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php', line 234), referer: [www.aace.com]
|
January 21, 2009 11:21AM |
Moderator Registered: 16 years ago Posts: 1,301 |
Please make sure the Event Logging module has its minimum log level set to "Debug" and that you are not filtering out the "Debug" level events.
The apache message tells us there is something wrong with the headers, which should show up as a debug level event. The only site-specific info put in the headers is the "System Emails From Name" and "System Emails From Address" set in the Admin Section -> General Settings page near the bottom. Could you check that those two fields do not have anything irregular in them?
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
The apache message tells us there is something wrong with the headers, which should show up as a debug level event. The only site-specific info put in the headers is the "System Emails From Name" and "System Emails From Address" set in the Admin Section -> General Settings page near the bottom. Could you check that those two fields do not have anything irregular in them?
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
|
Re: Module: Group Auto-Email January 21, 2009 11:35AM |
Registered: 14 years ago Posts: 13 |
Minimum log level is set to debug and nothing is filtered. System Emails From Name and Address appear ok. I looked at the group_autoemail.php file and found several instants of \n\n in the code. I changed them to \r\n and now there are no errors produced in the apache error log but mail is still not sent.
Ashley
Ashley
|
Re: Module: Group Auto-Email January 21, 2009 11:42AM |
Registered: 14 years ago Posts: 13 |
OOH! I got lots of stuff now:
User info:
User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15
Additional details:
Message:
PHP notice: Array to string conversion
PHP notice generated at /srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php:122
Back trace:
Function implode called at
{path to Phorum}/mods/group_autoemail/group_autoemail.php:122
----
Function phorum_mod_group_autoemail_after_post called
----
Function call_user_func_array called at
{path to Phorum}/common.php:1567
----
Function phorum_hook called at
{path to Phorum}/include/posting/action_post.php:226
----
Function include called at
{path to Phorum}/posting.php:473
----
Request info:
HTTP_HOST = www.aace.com
HTTP_REFERER = [www.aace.com]
REQUEST_URI = /bodforum/posting.php
AND
User info:
User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15
Additional details:
Message:
First user:
12 = 12,hornwa,Ashley Horn,Ashley Horn,979cdfb8dce374f1a974af08470f6cb6,*NO PASSWORD SET*,9a5d67ad33e7d23972ae7b492f2e273d,,0,wahorn@xxxxx.com,,1,1,Ashley Horn,0,9,0,0,1232480409,1232551761,3,0,1,2,1,-5.00,0,,,,0,Array,Array,Array,Array,on,Array
Edited 1 time(s). Last edit at 01/21/2009 11:43AM by wahorn.
User info:
User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15
Additional details:
Message:
PHP notice: Array to string conversion
PHP notice generated at /srv/www/htdocs/aaceonline/bodforum/mods/group_autoemail/group_autoemail.php:122
Back trace:
Function implode called at
{path to Phorum}/mods/group_autoemail/group_autoemail.php:122
----
Function phorum_mod_group_autoemail_after_post called
----
Function call_user_func_array called at
{path to Phorum}/common.php:1567
----
Function phorum_hook called at
{path to Phorum}/include/posting/action_post.php:226
----
Function include called at
{path to Phorum}/posting.php:473
----
Request info:
HTTP_HOST = www.aace.com
HTTP_REFERER = [www.aace.com]
REQUEST_URI = /bodforum/posting.php
AND
User info:
User ID = 1, username = wahorn [ view user's profile ]
User IP address = 192.168.100.15
Additional details:
Message:
First user:
12 = 12,hornwa,Ashley Horn,Ashley Horn,979cdfb8dce374f1a974af08470f6cb6,*NO PASSWORD SET*,9a5d67ad33e7d23972ae7b492f2e273d,,0,wahorn@xxxxx.com,,1,1,Ashley Horn,0,9,0,0,1232480409,1232551761,3,0,1,2,1,-5.00,0,,,,0,Array,Array,Array,Array,on,Array
Edited 1 time(s). Last edit at 01/21/2009 11:43AM by wahorn.
|
January 21, 2009 12:17PM |
Moderator Registered: 16 years ago Posts: 1,301 |
Argh, I think I gave you a bit of bad code. Please re-edit the group_autoemail.php file changing:
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
to:Language: PHPforeach($mail_users as $user_id => $user_info) { if ($debug_i == 1) { if (function_exists(';event_logging_writelog';)) { $testuser = implode(",",$user_info); event_logging_writelog(array( "message" => "First user:\n\n".$user_id." = ".$testuser )); } } if ((empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) || (!empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) && $user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"] != "on") || $PHORUM["phorum_mod_group_autoemail"]["allow_user_unsubscribe"] != 1)
Language: PHPforeach($mail_users as $user_id => $user_info) { if ($debug_i == 1) { if (function_exists(';event_logging_writelog';)) { $testuser = implode(",",$user_info); event_logging_writelog(array( "message" => "First user:\n\n".$user_id." = ".$testuser )); } } if ((!empty($user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"]) && $user_info["phorum_mod_group_autoemail_user_unsubscribe_setting"] == "on") || $PHORUM["phorum_mod_group_autoemail"]["allow_user_unsubscribe"] != 1)
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
|
Re: Module: Group Auto-Email January 21, 2009 01:07PM |
Registered: 14 years ago Posts: 13 |
Well, now I get:
[Wed Jan 21 13:03:20 2009] [error] [client 67.98.187.69] File does not exist: /srv/www/htdocs/aaceonline/advocacy/images, referer: [www.aace.com]
and nothing in Phorum event logging. Also, the post gets posted to Phorum but blank page is returned after posting rather than returned to forum.
Ashley
[Wed Jan 21 13:03:20 2009] [error] [client 67.98.187.69] File does not exist: /srv/www/htdocs/aaceonline/advocacy/images, referer: [www.aace.com]
and nothing in Phorum event logging. Also, the post gets posted to Phorum but blank page is returned after posting rather than returned to forum.
Ashley
|
January 21, 2009 01:26PM |
Moderator Registered: 16 years ago Posts: 1,301 |
It sounds like this file may now have some errors in it. Could you upload your edited group_autoemail.php file and I will review it for any possible damage. Thanks.
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
|
Re: Module: Group Auto-Email January 21, 2009 01:31PM |
Registered: 14 years ago Posts: 13 |
|
January 21, 2009 01:40PM |
Moderator Registered: 16 years ago Posts: 1,301 |
Yep, it was a missing paranthesis. Please re-upload this fixed group_autoemail.php.
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
Joe Curia (aka Azumandias)
Modules: l0Admin Mass Email00000000l000000Automatic Time Zones000ll.l00000Enhanced Custom Profiles0.00Google Calendar0000l.l000000Post Previews
000000000Admin Security Suite000000000000Check Modules for Upgrades0000External Authentication000000Group Auto-Email00000.00000Private Message Alerts
000000000Attachment Download Counter0000Custom Attachment Icons000ll.ll00Favorite Forums000000.00000Highlighted Search Terms0000Self-Delete Posts Option
000000000Attachment Watermarks0l00000000Custom Language Database00l.l.0Forum Lockdown00000.00000Ignore Forums0000000000000Threaded Tree View
000000000Automatic Message Pruning00.llll.00Easy Color Scheme Manager0l.l00Forum Subscriptions0000lll000Moderated User Group
Templates:lGeneric Integration000000000 0000Simple Rounded000000 00000000Tabbed Emerald
|
Re: Module: Group Auto-Email January 21, 2009 01:49PM |
Registered: 14 years ago Posts: 13 |
Sorry, only registered users may post in this forum.