izmpm
skipping stones
Posts:5
 |
| 08-03-2012 10:10 AM |
|
I encountered this problem after upgrading to DNN 6.2.1 and using DR When a new client registers, the registration email sends fine and generates a verification code, but upon clicking onto the URL I get an "Invalid verification code" error I´m currently running DNN 6.2.2 and DR 4.20.11 after upgrading both thinking this problem would be fixed, it still remains.
I read here this problem has been encountered before way in 2010 and was solved updating DR at that time, please let me know if there is a fix for DNN 6.2 as well.
Kind Regards! |
|
|
|
|
Candace
river guide
Posts:2431
|
| 08-03-2012 12:05 PM |
|
Hi izmpm,
Yes, this has been reported and is now being reviewed by the dev team. Please see Chad's comments and suggestions in this ticket:
https://datasprings.atlassian.net/browse/DR-17
Thanks!
Candace
|
|
|
|
|
Chad Nash
Posts:5260
|
| 09-11-2012 01:49 PM |
|
Hi guys - Just a quick follow up here. The latest Dynamic Registration patch now has this fixed up and this was released late last week.
Thanks,
Chad
|
|
|
|
|
Craigjb12
wading in the water
Posts:16
|
| 09-20-2012 06:51 AM |
|
I'm recieving a new code after the patch that looks about right: Vs29ETkPbU4%3d But I'm still getting the invalid code error from the DNN login module.
The $(AutoApproveWLogin) token does seem to result in a log in, and the correct success message, but the account doesn't seem to verify. |
|
|
|
|
Chad Nash
Posts:5260
|
|
Craigjb12
wading in the water
Posts:16
|
| 09-24-2012 06:45 AM |
|
Thanks Chad,
I'm using the following methodology (DNN login module):
1. Setup Dynamic Registration to send out the registration hyperlink and point it to a page that has the standard DotNetNuke login module on it. I believe the new core login module requires you to pass the verification code along the querystring anyway because I don't think it prompts you anymore for that code.
Dynamic Registration 4.20.20 DNN: 06.02.02
Sample registration link:
Results in error: Invalid verification code
The DNN login module does not have a verification form field. |
|
|
|
|
Chad Nash
Posts:5260
|
| 09-26-2012 10:55 AM |
|
Hi Craig - Thanks for submitting the details here. Everything you described seems like it should be working.
A few other quick questions:
1. What is the PortalID of this portal? The verification code comes from a combination of the portal ID and the UserID in an encrypted method. The only thing I think that could be happening is if we are URL or HTML Encoding the token and it should or shouldn't be encoded etc... From my testing this is working but maybe if I discovered that the URL or HTML encoding was causing a difference that might help.
2. If you use the standard DotNetNuke registration tool when creating users (or just going and creating them under Admin, User Accounts) does this then allow you to properly create users that send out a valid verification code?
I do know that the verification code needs to be passed from the query string (it does not surprise me that it does show the form field as my tests also do not show it appearing with the textbox anymore within the latest 6.2 release.
Thanks,
Chad
|
|
|
|
|
Craigjb12
wading in the water
Posts:16
|
| 10-03-2012 09:56 AM |
|
I am using Portal 0 on a one portal Site
This was the code generated for user id 24: verificationcode=icR6RECjwFU%3d
Creating a user manually does seem to result in a working validation code, these tend to look a bit different than the ones dyanmic registration is sending out: verificationcode=SYjv3SS4sLo_
|
|
|
|
|
Chad Nash
Posts:5260
|
| 10-03-2012 12:19 PM |
|
Hi Craig - Interesting... Ok, this is something we might have to review further. I know that this has been working for some users, so maybe (it looks to me) like we are handling the code with maybe an HTML Encoding and maybe it needs to be URL encoded (or maybe it doesn't need to be encoded or decoded at all for HTML?). That would make more sense... maybe you could verify this if you tried to run the code with a URL or HTML DECODE to see if that code works? This would help us get a patch out quicker. Maybe a tool like this: http://meyerweb.com/eric/tools/dencoder/ Which I believe generates this: icR6RECjwFU= I am curious if you change that last character from %3d to maybe = if it works then? Thanks, Chad |
|
|
|
|
Craigjb12
wading in the water
Posts:16
|
| 10-08-2012 04:51 AM |
|
Hi Chad,
The Decoder leaves me with the = sign as well
This QWHinuB4FEg%3d becomes QWHinuB4FEg=
Both result in invalid verification code.
I tried another manually through DNN N3anSM7VUG8_ mLVP0pm-Zq8_
It looks like DNNs codes always end in and underscore, and dynamic springs always ends in %3d
|
|
|
|
|
Stephane Peyroutet
skipping stones
Posts:4
|
| 10-12-2012 03:32 AM |
|
I answered those questions on a previous reply which was not posted.
I hope this one will hit the forum and help you find a fix quickly.
The problem seems to come from "special" characters, as everything is similar between standard DNN registration and Dynamic Registration except those.
Indeed, the final '_' is replaced with '%3d' whereas it should be '%5f'.
I also managed to have a '.' in the middle of a confirmation code and it is replaced with '%2b' instead of '%2e'.
I don't know if it's encoded related but all alphanumeric characters are ok and only the special characters are erroneous.
Best Regards,
Stephane. |
|
|
|
|
Chad Nash
Posts:5260
|
| 10-18-2012 11:47 AM |
|
Hi Stephane - This is something I am planning to test again tomorrow and get a patch out by the end of the day tomorrow or at least by the end of the weekend. I know we corrected this but apparently not specifically for some of the encoding.
Thanks,
Chad
|
|
|
|
|
Craigjb12
wading in the water
Posts:16
|
| 10-23-2012 09:44 AM |
|
Hi Chad, just checking in to see if there is any progress on this one.
Thanks! |
|
|
|
|
Chad Nash
Posts:5260
|
| 10-29-2012 03:28 PM |
|
Hi guys... Ahhh... I see. So basically this is working for some occasions except for special characters?
Craig / Stephane - I know that this has continued to be a problem for both of you guys (and others) and this is very high on my list to fix. I thought we had already fixed this except for this one last encoding issue of some sort that I can't seem to find. I am tempted to throw in a simple replace statement with %3d being an _ and see if that changes anything but I am not sure it will yet. I took this code (I thought) directly from the DNN code that is using the encoder... I am posting this below:
Public Function DSEncryptString(message As String, passphrase As String) As String
Dim results As Byte()
Dim utf8 = New UTF8Encoding()
'hash the passphrase using MD5 to create 128bit byte array
Dim hashProvider = New System.Security.Cryptography.MD5CryptoServiceProvider()
Dim tdesKey As Byte() = hashProvider.ComputeHash(utf8.GetBytes(passphrase))
Dim tdesAlgorithm = New System.Security.Cryptography.TripleDESCryptoServiceProvider()
With tdesAlgorithm
.Mode = System.Security.Cryptography.CipherMode.ECB
.key = tdesKey
.padding = System.Security.Cryptography.PaddingMode.PKCS7
End With
Dim dataToEncrypt As Byte() = utf8.GetBytes(message)
Try
Dim encryptor As System.Security.Cryptography.ICryptoTransform = tdesAlgorithm.CreateEncryptor()
results = encryptor.TransformFinalBlock(dataToEncrypt, 0, dataToEncrypt.Length)
Finally
' Clear the TripleDes and Hashprovider services of any sensitive information
tdesAlgorithm.Clear()
hashProvider.Clear()
End Try
'Return the encrypted string as a base64 encoded string
Return Convert.ToBase64String(results)
End Function
I simply was including this within the current build so we would not have to utilize multiple builds of the module but if I need to we will end up creating a specific new build specifically for 6.2.3.
If either of the two of you can jump on a call or go to meeting tomorrow Wednesday I would be happy to assist you with whatever I need to do so that I can get you a valid build.
Thanks,
Chad
|
|
|
|
|
Chad Nash
Posts:5260
|
| 10-29-2012 03:54 PM |
|
A few other comments based on the other feedback in this thread:
Craig - Does the verification code work for you if you change it out to be _ instead of %3d? What if you change that to be %5f as Stephane had mentioned?
This is actually working for me (even before I did this) so I am not sure what specifically would cause it to work for me. I have confirmed from my installation that it is also adding the %3d to the end however this is not affecting the verification code as this is still working for me.
Thanks,
Chad
|
|
|
|
|
Stephane Peyroutet
skipping stones
Posts:4
|
| 11-06-2012 01:37 AM |
|
Hi guys, sorry for the late reply.
For testing, I've just installed a brand new version of DNN 06.02.04 and installed the DR_04_20_20_TrialEdition. Then, I created a new page, visible by all users, with DR module on it. I ran the standard wizard and added a completion event on New/Update Registration : DynamicEmail with VerificationCode and some other info.
Finally, I just filled the Smtp server to receive emails (Host Settings) + change the user registration to Verified under Admin Settings.
I registered a few users with standard DNN registration and then went right away to the DR page and clicked on UpdateRegistration.
I'm sending you an attached file with the complete results.
Bottom line is DNN Standard Registration gives for example .Uf4M55GwqE_ and DR gives %2bUf4M55GwqE%3d. And you have to replace %2b and %3d with the correct ascii code (%2f='.' and %5f='_') for the DR code to work.
Chad, can you confirm this issue (you said this works for you, under what version of DNN ?). Do you think I have a problem with the trial version ?
I hope this can be solved quickly now so I can buy and install the module for my website.
Please let me know if can be of any help. I didnt' have the time to check or test the code you sent.
Best Regards, Stephane |
 VerificationCode.zip
|
|
|
|
Stephane Peyroutet
skipping stones
Posts:4
|
| 11-06-2012 04:36 AM |
|
A little update on myself...and a big news for Chad !!!
This is actually working as I mismatch DNN versions during testing.
So if you do exactly as above (I tried this on two installations just to be sure) and use DNN 06.02.04 and DR 04.20.20, the verification code is working, even though special characters always seem to be sort of encoded.
FIY, you can either use the DR code as is or replace the special characters with the corresponding ascii code from DNN registration : both do work (meaning, you can either use %3d or %5f for example).
I still have the problem on my DNN 06.02.03 version but I don't really know if this comes from the DNN version or from a parameter on DNN / DR as I tried a lot of stuff on this test site.
Okay, I go buy my DR module and proceed, hoping not to bump on this "bug" again when playing around.
Stephane
|
|
|
|
|
Jason Padgett
going with the flow
Posts:29
|
| 11-06-2012 05:45 PM |
|
I am experiencing this behavior as well.
DNN Version: 6.2.4
Dynamic Registration Version: 4.20.20
It would appear this issue has been going on for quite some time. Is there a patch available?
|
|
|
|
|
Stephane Peyroutet
skipping stones
Posts:4
|
| 11-22-2012 07:03 AM |
|
Okay guys, Chad, I bumped into this "bug" again and here is what I found and tested fully before writing this post.
This is happening if you create your own Login page.
To sum up and reproduce easily the problem : - Create your default site using DNN 06.02.04 - Set the necessary Host Settings (Host User, Host Details, SMTP) - Create and define your own RegisterPage, using DR module and setup a CompletionEvent using DynamicEmail containing the VerificationCodeLink - Set the Verified option in User Account Settings (Admin > Site Settings)
Okay, until now everything should work fine and you can register and verify/login your users as a charm.
- Create and define your own LoginPage, using DNN Account Login module.
You'll have the bug defined in this post (with the link only working if you change the special characters).
So I don't explain this behavior and I can only suggest to double check with DNN guys.
But if your VerificationCode is made identical to DNN's (which should be the case anyway ??) without this special characters differences, everything should work fine.
|
|
|
|
|