-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
2.7.1
-
MOODLE_27_STABLE
There have been various reports on email-based self-registration not working. I hit this trying to register at http://coderunner.org.nz/. The confirmation email contained the URL http://coderunner.org.nz/login/confirm.php?data=ADRhmD52irvXK/timhunt, but when the site admin investigated, they found that the user.secret field contained UaADRhmD52irvXK (two extra characters at the start).
Here are more details from the coderunner site admin:
I've now had four reports of this account confirmation problem in 3 days, and one of them was from a friend who got it while trying to register on moodle.org, so it's not just my site having problems. OTOH, why aren't there lots of bug reports on this? Perhaps because anyone who has it can't log in to the bug tracker to report it?!
|
|
I've looked at DB tables to find the secret value and compared it to that given in the links. In the two cases for which I have data, here are the results:
|
|
Your attempt to register:
|
Link: http://coderunner.org.nz/login/confirm.php?data=ADRhmD52irvXK/timhunt
|
Secret: UaADRhmD52irvXK
|
|
A friend's attempt to register on CodeRunner:
|
Link: http://coderunner.org.nz/login/confirm.php?data?sjivjf8U3HDIX/jah219
|
Secret: E0sjivjf8U3HDIX
|
So while your link is at least syntactically correct, two letters have been dropped from the start of the data, while in the other case not only have two characters been dropped but the '=' has turned into a '?'.
|
|
I can't log this on the Moodle bug tracker as I can't provide reliable steps to reproduce it.
|
The code that sends the email seems to be send_confirmation_email in moodlelib.php, which gets called from user_signup in auth_email (and auth_ldap).
1.
|
Email-based self-registration deactivates automatically | Closed | Unassigned |