confirmation_new_user

Discussion in 'General Chat' started by david62311, Jul 26, 2017.

  1. david62311

    david62311 Well-Known Member

    Joined:
    Aug 29, 2013
    Messages:
    2,165
    Likes Received:
    251
    The confirmation code on the confirmation_new_user.php page looks like it's set up to email us whenever a new user confirms their account. This doesn't work. My email address is there and has been added there a long time ago. I never got emails when new users recently confirmed their account. It could of went to spam or the trash but, I always check my spam folder and didn't see anything. It would be nice to get that code to work. The code is short enough that I can share it here removing my email address.

    PHP:
    <?php
    // Get the IP address of the visitor so we can work with it later.
    $ip $_SERVER['REMOTE_ADDR'];

    // Here we just pull some details we can use later.
    $date   date('Y-m-d H:i:s');
    $uri    htmlspecialchars($_SERVER['REQUEST_URI'], ENT_QUOTES);
    $agent  htmlspecialchars($_SERVER['HTTP_USER_AGENT'], ENT_QUOTES);
    $agent  str_replace(array("\n""\r"), ''$agent);
    // If you would like to be emailed everytime the confirmation page is hit then, put your email
    // INSIDE the quotes below. (e.g. 'my@email.com')
    $email '';
    // This section prevents people from being sent to this script by mistake
    // via a link, image, or other referer source. If you don't want to check
    // the referer, you can remove the following line. Make sure you also
    // remove the ending } at the very end of this script.
    if (empty($_SERVER['HTTP_REFERER'])) {
        
    // Send email if address is specified
        
    if (!empty($email)) {
          
    $message "IP Address: {$ip}\n";
          
    $message .= "Date/Time: {$date}\n";
          
    $message .= "User Agent: {$agent}\n";
          
    $message .= "URL: {$uri}";
          
    mail($email'New user has hit confirmation page: ' $ip$message);
        }
    }
     
    Last edited: Jul 26, 2017
  2. david62311

    david62311 Well-Known Member

    Joined:
    Aug 29, 2013
    Messages:
    2,165
    Likes Received:
    251
    Dang, I forgot to change the title to regular separated words. Sorry. If the moderator @nay27uk can please change the the title to "Confirmation emails of new users" then I would really appreciate it! Thank you!

    I accidentally posted this thinking it was already part of the Webid script and it's not. I forgot I added it to my site and meant to tweak it to work.. I probably could get it to work without help but, now that I've posted it, I wouldn't mind help. It should be easy to fix that. Unfortunately, I won't be back for a few hours now so, if you would like to help get it to work while I am gone then please do so. Thank you!
     
    Last edited: Jul 26, 2017
  3. pani100

    pani100 Well-Known Member

    Joined:
    May 9, 2011
    Messages:
    2,327
    Likes Received:
    449
    david62311, can you tell me the following:
    includes/class_email_handler.php around line 41 what do you have below this line
    PHP:
    if (!isset($this->from) || empty($this->from)) {
     
  4. david62311

    david62311 Well-Known Member

    Joined:
    Aug 29, 2013
    Messages:
    2,165
    Likes Received:
    251
    @pani100 Ironically my code was working when a user hit the page. It was emailing me. The email account that I am using for my site gets forwarded to a Yahoo account. I thought all of the email accounts were connected correctly to the email program on my Android Phone but, apparently they weren't. I had to go in and reset the email account that I was using.

    What alerted me was I kept hearing the Bicycle Bell aka Postman chime. It started to ring every 15 minutes and I would look for a new email and there wasn't one. Trust me those alerts were driving me crazy and I didn't do anything about it for a while. At least I shut my phone off at night. I finally went through each email account and change the alert sound to each having a different alert sound. That's how I pinpointed which one it was and then went online and tried to log in and it made me reset the password. Once I got in then I could see all of the emails I got from users hitting the page. Since Yahoo has been hacked twice as far as we know in the past year or so, they've been trying to beef up their security. A lot of times my main Yahoo account when I try to log into asks me to check my Yahoo phone app for a security code. It's usually a hassle to do it when it happens. At least that part is solved and I am not getting false email alerts every 15 minutes. Phew.

    The email message comes out like this:
    IP Address: I withheld from showing it. It's bot info traced to a Kyivstar PJSC ISP.
    Date/Time: 2017-08-02 00:13:18
    User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:50.0) Gecko/20100101 Firefox/50.0
    URL: /confirm.php

    So, what I did with the code is I put it on it's own page and let's say I called the page confirmation_new_user.php for this example. I then set an include to the page to connect my code to it in an include at the top of the confirm.php page like this below:

    PHP:
    include 'confirmation_new_user.php';
    This way, I am not messing around with the Webid code too much and I can just add an include on the top of any of my php pages so, it alerts me a user or bot goes to that page and then it will send me an email and I will have that log in my email records.

    I'm thinking now, the original banning code could be very helpful with a automatic ban if anybody tries to get into my admin panel and they are not on the whitelist. When someone actually gets ban it puts their IP on the ban list and I get an email alert for it. I'm definitely going to look into that. More security and less worry. For now just for this example my code that I shared up at the top is just for email alerts if a user or bot hits a page that anybody sets the alert on.
     
    Last edited: Aug 2, 2017

Share This Page