Forum OpenACS Development: Re: Registering does everything, but it does not redirect to a page that says "check your mail for verification link"

Anwering all your questions takes longer than fixing the bugs :)
Other than this, when I was working on this, I wanted to get thru the code and find the problem; a lot of things confused me. Could you say more about what you did leading to you discovering what the problem was?
Yes the code is more complicated than it probably has to be. Furthermore it has many hooks for configuration, which are probably there since there are needs for this in the wild. Restructuring will probably fix existing code.

For fixing, i did the following 3 things:

  1. try to understand how the code is supposed to work (i.e. the user-notification via util_user_message)
  2. try ad_returnredirect -message "hi gus!" /ds/shell from ds/shell. Since this did not show the message, it was clear that notification after registry would not work either.
  3. it was a surprise, that the message still did not show up. i digged into util_user_message, found it linked to the session_id, checked, where it was reset, and this was it.

Concerning export_vars: this was a call to export_vars without listed variables for export. It "exports" nothing and can be replaced. Maybe this is a leftover from a parameterization earlier, or it was introduced via cut&paste.

Concerning combining the two message: please write a RFE into the issue tracker.

Concerning the message "no permission to admin...": maybe i can look into this the next days.

all the best

Gustaf, wait a bit before reading this one, it's slightly less important. For now, I assert the statement in the next paragraph; read the rest in a day or so.

The messages should not be combined, and I believe I can prove this.

First, what they contain:

- first comes the email-verify link message, you click on it to activate your acct

- second message, contains "how to log in" with a link and "how to change your passwd" with a link.

Proof should be: you cannot chase any links in the second without first clicking on the verify link, QED, so the messages should not be combined, and they should each be sent at the right time.

The verify link is already sent at the right time, and the right time for the second is after they click the verify link, because at that time, they can actually log in and do stuff.


PS, the "you don't have permission to admin" is also slightly less important. The message is actually a lie, and is actually saying "user that was just deleted has no permission to admin some object".

(these next few messages are notes about what I found)
(Gustaf, you may find these notes helpful if you decide to dive into this stuff.)

I started with some text from the email that invites me to change my passwd, to find what in openacs uses it...

The text from the email that I used, was 'Please visit the following link to change your password now', and it turns out the only place this text is found, is in the localization catalog of the acs-subsite package.

Looking at that catalog, I found that the name of that message is "acs-subsite.email_body_Registration_password", and, the only place it's used is on line 516 of the file /packages/acs-authentication/tcl/local-procs.tcl.

Looking in that file, it's a proc that refers to that message, and that proc is named auth::local::registration::Register.

Inside that proc, is a call to the proc that sends the mail, its name is auth::password::email_password.

I'll make some notes similar to this about the email that contains the verify link.

It looks like Lars Pind was in the middle of either refactoring or else deciding what to refactor, and it looks like he wanted to move at least some of the code into the auth subsystem. Does anyone think we should try to finish what he started?


(just notes showing where some things are in the code)

This one is about where the verify link email is sent.

The text from the email I used to locate the string in the code, is "This message is to verify that the email address you registered with".

It was found at line 346 of file /packages/acs-subsite/catalog/acs-subsite.en_US.ISO-8859-1.xml; the name of the message in that catalog is lt_To_confirm_your_regis.

That message was found in two places, one is the design document for the auth subsystem (line 1250 of file /packages/acs-core-docs/www/xml/kernel/ext-auth-design.xml), and the other is on line 1518 of file /packages/acs-authentication/tcl/authentication-procs.tcl and the full name for the catalog entry is acs-subsite.lt_To_confirm_your_regis .

acs_mail_lite::send_immediately was used in the proc auth::send_email_verification_email to send the verify link email to the user.

There are three mentions of this proc in the file /packages/acs-authentication/tcl/authentication-procs.tcl -- incl the definition starting on line 1502 -- the two uses are line 986 in the proc auth::create_local_account (line 815), and line 1435 in the proc auth::check_local_account_status (line 1400).

I'm guessing the email was sent by auth::create_local_account.

Pausing for now. My next step is probably to read that design document.