Registration and comments

[rj]

Running into an old problem it seems. I am not sure if it is EVERYBODY, I sometimes think it is only those who have registered or commented in the past who canceled the or lost it, and try register again. With the same email or from the same ISP. But it could be everyone!
The problem is 99% of the people will just give up rather than email for a fix.
Registration, email response, added to account but login fails. Wrong username or password.
For the one or two who have complained, and me using different emails, if I go in and add new password to both fields and sent it to them, then it works. But the password they REGISTERED with their name and email does not work.

Is there some sort of invisible ISP email cookie dohickey or something at play here.
Could someone try to register and see if it works for new people? I deleted both garvin and don.
Reminds me, whatever happened to Judebert?

Thanx RJ

[sonichouse]

Registered with a username of ukstevef, eventually got the email confirming registration.
However, when I login using the password I registered, I get

You appear to have entered an invalid username or password

[Timbalu]

Yes, that sounds like a problem which just occured in the german forum too.
There the addUser Plugin has effects to other plugins.

I think Garvin needs to take a deep look into the addUser Plugin

[rj]

Thanks for verifying its everyone. I was doing several comments a day until I got in security trouble and started using only registered users comment, since then no comments buy me.
I remember having the same issue to get into this forum some time ago and had to have Garvin issue a new password, which then worked.
I tried comments with capcha and no registration but some spam got in, a few a day, and literally thousands a day tried and failed. I would get the emails. Is that usually, thousands of tries a day into comments? Or is everyone out to get me!

[Timbalu]

I tried comments with capcha and no registration but some spam got in, a few a day, and literally thousands a day tried and failed. I would get the emails. Is that usually, thousands of tries a day into comments? Or is everyone out to get me!

YES we are! see below!

I deleted both garvin and don.
Reminds me, whatever happened to Judebert?

Nobody will like it when doing any harm to them!

SCNR

[rj]

Meaning I deleted their old accounts in case they would like to try to register anew and see what the problem is.

[rj]

I tried OPEN comments with capthas for a few months. Thousands of spam attempts a day were thwarted, but some go every day. I also get too many foul ugly people.
Also I cannot check registration alerts. I have a folder for them and get well over a 100 a day from bots, almost impossible to discern any real person in the mess.

So I did some more testing on self registration 2.27

I have no plugin up top. I use the add user link in a nugget up in the nav header

I have the self registration plugin in events with Register to comment checked.
The process works until LOG IN and then fails. "wrong username or password"
If I as administrator go to manage users fill in the two fields for a new password, and forced to highlight STANDARD USER in the box and save, it then works for the new user to log in.
I thought perhaps the user could use "forgot password" to accomplish the same. NO, did not work.
So this is just way too much trouble for anyone to bother with comments on my blog, I know I wouldn't stick around for the pain of the process.

thanx, RJ

[garvinhicking]

Hi!

You are running s9y 1.5.x, yes? Can you use phpmyadmin and check if your serendipity_authors database table has a column called "hashtype"?

The recent version of the adduser plugin is 2.34. Use this.

Regards,
Garvin

[rj]

First question is YES there is a hashtype column. I am using 1.5.5

Updated the adduser to 1.34 and it seems to work!
Could some NEW person give it a try again and let me know please just to make sure? Though I did delete Garvin and Don so they will be new too. The problem was the process worked UNITL log in, which failed name or password.

Thanx, RJ

[sonichouse]

Could some NEW person give it a try again and let me know please just to make sure?

Worked for me using sonichouse, my old one ukstevef doesn't work still.
You can delete both if you want to tidy up.

Glad to see it is now working

[rj]

Thanks!

When I went in after applying this update and as ADMIN changed the password of a user and then tried logging in I got a blank screen saying somethign about NO LONGER ACCEPT HASH PASSWORDS WD SECURITY something or other.