Player Email Verification

[DungeonMaster]

It installs the file under the verify_email folder under modules.

[KyleMassacre]

Is this part of your module (I can't seem to find it on the NWE site?) or a NWE function hidden somewhere?

Put it in edit mode because of the issue. If there is a problem then I dont want it to go out in the field

[DungeonMaster]

Yes I confirmed the issues I mentioned before. Did a clean install went back to this mod and those issues came back unless it is a conflict with something else I will leave it out for now.

[KyleMassacre]

Ok, I pulled off the market till I get it sorted

if someone doesnt mind can you try this out please and let me know?

replace auto_pre_content.php with this:

<?php
if (GetUserVariable(emailVerified) != "yes" && !IsSuperUser())
{
BlockModule("verify_email");    
TableHeader("Verify Your Email");


if (isset($_POST["cmd"]))
{
   if ($_POST["cmd"] == "resend")
   {
       $email = $db->LoadData("select email from users where id = ?",$userId);
       SendEmailConfirm($email["email"]);
       ResultMessage(Translate("An email containing your new code has been sent"));
   }
   if (isset($_POST["newEmail"]) && $_POST["newEmail"] !="" && $_POST["cmd"] == "update")
   {
       $email = filter_var($_POST["newEmail"],FILTER_VALIDATE_EMAIL);
       if ($_POST["newEmail"] != $email)
       {
           ErrorMessage(Translate("You must enter a valid email address"));
           return;
       }
       else
       {
           $result = $db->Execute("update users set email = ? where id = ?",$email ,$userId);
           SendEmailConfirm($email);
           ResultMessage(Translate("Your email has been updated and a new verification code has been sent"));
           echo "<script>setTimeout(\"document.location='index.php';\",2000);</script>";
           return;
       }    
   }
}


if (isset($_POST["vCode"]))
{
   if ($_POST["vCode"] != GetUserVariable(emailVerifiedCode) && $_POST["vCode"] != "")
   {
       ErrorMessage(Translate("Invalid Confirmation Code, please try again"));
       echo "<script>setTimeout(\"document.location='index.php';\",2000);</script>";
       return;
   }
   if ($_POST["vCode"] == GetUserVariable(emailVerifiedCode))
   {
       ResultMessage(Translate("Thank you for verifying your email address, you may now continue"));
       SetUserVariable(emailVerified,"yes");
       ReleaseModule("verify_email");
       echo "<script>setTimeout(\"document.location='index.php';\",2000);</script>";
       return;
   }
}


   ErrorMessage(Translate("Your account has not been confirmed as of yet, please check all mailboxes"));
   echo "<form method='post' name='frmVerifyEmail'>";
   echo "<input type='hidden' name='cmd' value='doResend'>";
   echo "<table class='plainTable'>";
   echo "<tr><td width='1%'><b>" . str_replace(" ", " ", Translate("Enter your Code")) . ":</b></td><td><input type='text' name='vCode' value=''></td></tr>";
   echo "<tr><td width='1%'><b>" . str_replace(" ", " ", Translate("Update your Email?")) . ":</b></td><td><input type='text' name='newEmail' value=''></td></tr>";
   echo "</table>";
   echo "</form>";


   TableFooter();
   ButtonArea();
   SubmitButton("Confirm Code", "frmVerifyEmail");
   LinkButton("Resend Code", "#", "document.forms['frmVerifyEmail'].cmd.value='resend';document.forms['frmVerifyEmail'].submit();return false;");
   LinkButton("Update Email", "#", "document.forms['frmVerifyEmail'].cmd.value='update';document.forms['frmVerifyEmail'].submit();return false;");
   EndButtonArea();
   return;
}

Edited May 8, 2013 by KyleMassacre

[DungeonMaster]

Wish I could test it but I had already deleted it off the system and you don't have it in the market.

[KyleMassacre]

Wish I could test it but I had already deleted it off the system and you don't have it in the market.

Ok I attached it here. But just incase replace the file I originally posted cause I can remember if this is updated or not and im at work right now

And also remember to manually update the module after you upload it to ensure it installs correctly

verify_email.nwp

[DungeonMaster]

What is the standard procedure to install these .nwp files manually?

[KyleMassacre]

Down towards the bottom of your admin panel there is a import button. You just click that, then click install/update single module

[DungeonMaster]

Thank you for the heads up about installing.

I changed the code to what you gave but it does not work. I cannot access anything. The left menu only reads "Logout".

 

I tied logging out and then log back in which it did allow this time but the left menu is still disabled and I cannot access anything.

You may want to test it out thoroughly on a test environment and work out all the quirks first and then when you think it is correct I can check it out again for you.

[KyleMassacre]

Well so far its doing exactly as it should but the question is, when you request a verification code are you locking yourself out?

I think the issue was when requesting a new code to resend it, the module went through a constant loop giving you x amount of bad trials. Should the game owner have to request a code to be verified? Most likely not but think of it as test of the module to ensure its working :p I personally have tried replicating it and unfortunately I have not successfully caused the erorr, I even tried registering a second account several times and it has worked for me and like I said before I had sniko test it and also I think I had sim test it and it all worked.

So if you can do me a solid and install it, try updating your email address through the module, and request a new code and see if it works. But do it in that order because updating your email sends a new code as well as a check to ensure they are still providing a legit email. If this doesnt work I will just have to strike this as a loss because there shouldnt be a reason it gives bad trials

[DungeonMaster]

I installed it on a clean site. Well you may have fixed the login issue but now I need to actually access the system ;) Maybe just declaring a super user is not enough.

Don't just rely on me though there should be feedback from others who have tried it and then they can say if it worked for them? Can't be just me that has used this?

[KyleMassacre]

Once you put in the code you can access the game fully and once you out it in you wont have to worry about it again. The real issue is if it locks you out for 15 minutes, is that still occurring?

[DungeonMaster]

I did put in the code. I can't access the panels even though I am logged in.

I may be new the NWE and how it operates, but I have been working with codes for many years and I can tell you that once you install the mod as is it locks Admin down when you add your adjustment it does not require Admin to be verified but at the same time you cannot access the panels. It seems some part of your mod is still looking for Admin to be verified.

I do appreciate your wanting to get it right but like I said you need to install a clean NWE and then install it and see the affect. Sure you can login but what use is it to be able to login if you cannot access any of the panels.

[KyleMassacre]

The use of not being able to access the panels is to make sure the user is giving the correct email because if they did then they receive the code in their email.

I have installed this on a clean install and as admin I clicked the button to resend the code, update my email, and enter the code provided in the input box and it unlocks me. If you have this up on a live site I would be more than happy to signup as test it to see if it works.

The only thing that I can see to prevent anyone from using this system in any way, shape, or form is if you are using anything less than php version 5.2 or I know if you are using a dev versions it does work just not with new registration hooks unless the paid dev version now has it but I dont have that license anymore

[DungeonMaster]

I think you are missing something here. The code you added does NOT show Admin the verify code.

[KyleMassacre]

It wont. Because when its first installed thats it, only when a player registers it emails them the code but you can request the code through the buttons provided in the module. Once you put the code in it should work. Check your email folders for the code

[DungeonMaster]

OK Let me ask you something. After uploading changes to the modules via FTP is there another step NWE needs to have happened for the file changes to work?

For instance in your lib file:

Your "From" line should be:

$headers = "From: no-reply@" .$_SERVER['HTTP_HOST']. "\r\n";

But it does not show up like that when Email is sent.

This will help me understand what is happening here.

[KyleMassacre]

That line is to help email hosts like gmail, hotmail etc show "hey this isnt supposed to be spam" is it guaranteed? NO but this I have seen woks best for me. The only thing you need to do if doing ftp is install/update manually or something like that, it is near you upload/export module package. But the only thing I noticed that does is for user variable and config values or basically anything in the xml file. I could be wrong cause it may do more

[Dominion]

I don’t see why you would need access to the admin area if you’re unverified since in theory you would only be a member.

I would suggest when you install the module it auto verifies ID 2, and you give an admin the option to manually set an account's E-mail to verify/unverified. This should solve most of the testing issues, and shouldn’t be hard to implement. To test it out simply log in through a normal user account this way you see what any new members would see.

[DungeonMaster]

The only thing you need to do if doing ftp is install/update manually or something like that, it is near you upload/export module package. But the only thing I noticed that does is for user variable and config values or basically anything in the xml file. I could be wrong cause it may do more

I'm sorry I do not understand this answer.

I am asking specifically... if I make an edit to a module's files, for instance I change the word "apples" to "oranges" in a file in the module how do I get that to show if it still shows "apples"?

[a_bertrand]

I think the issue is simply that once installed all the previously existing users like the admin user is not verified. Somehow there should be something which set the existing users as verified.

[KyleMassacre]

I'm sorry I do not understand this answer.

I am asking specifically... if I make an edit to a module's files, for instance I change the word "apples" to "oranges" in a file in the module how do I get that to show if it still shows "apples"?

Ohhh ok then no, you dont have to change a thing. I thought you were talking about importing the actual files via ftp.

I think the issue is simply that once installed all the previously existing users like the admin user is not verified. Somehow there should be something which set the existing users as verified.

You are correct and I will take that into account if/when it is confirmed the other parts to this works, i.e getting bad trials because of a bug in the script. But so far MY testing of it seems to find that it works im just worried about others and I doubt it should have anything to do with server environment other than PHP Version.

So Dom, if your reading this and if you have the lastest register version I did attach the module to a post above cause you were looking for it apparently, can you test and make sure the functions work. Just remember at initial install you will be module locked and can not go anywhere other than the module itself even as admin. Because as of now if it wont work for a Super User it sure as hell wont/shouldnt work for a normal player

[DungeonMaster]

So then ar modules cached somewhere because I see the changes I made to the files on the server but yet in execution it outputs the old content?

[KyleMassacre]

There is a caching system and should be disabled in dev environments

[DungeonMaster]

The irony of that is I cannot get to my controls via the web to get at it, where is it cached that I can delete it via FTP?