- Posts: 8
- Thank you received: 1
- Home
- /
- Forum
- /
- Securitycheck Pro
- /
- Bug report
- /
- View Log Window Stuck
Emails Sending Randomly to Users
- BGould
-
Topic Author
- Offline
- New Member
-
Less
More
2 years 11 months ago #5601
by BGould
Emails Sending Randomly to Users was created by BGould
I recently reported an issue with the Track Actions Plugin, now another issue.
Since 3 days ago another issue, random users have been emailed from the plugin with the Subject: Latest User Actions
and the email body
PLG_SYSTEM_USERLOGS_EMAIL_SUBJECT
PLG_SYSTEM_USERLOGS_EMAIL_DESC
COM_USERLOGS_MESSAGE
COM_USERLOGS_DATE
COM_USERLOGS_EXTENSION
COM_USERLOGS_USER
COM_USERLOGS_IP_ADDRESS
They are receiving emails every 20 minutes, if I disable plugin the whole site crashes.
Please Help!
Since 3 days ago another issue, random users have been emailed from the plugin with the Subject: Latest User Actions
and the email body
PLG_SYSTEM_USERLOGS_EMAIL_SUBJECT
PLG_SYSTEM_USERLOGS_EMAIL_DESC
COM_USERLOGS_MESSAGE
COM_USERLOGS_DATE
COM_USERLOGS_EXTENSION
COM_USERLOGS_USER
COM_USERLOGS_IP_ADDRESS
They are receiving emails every 20 minutes, if I disable plugin the whole site crashes.
Please Help!
Please Log in or Create an account to join the conversation.
- Jose
-
- Offline
- Moderator
-
Less
More
- Posts: 4136
- Thank you received: 319
2 years 11 months ago #5602
by Jose
Replied by Jose on topic Emails Sending Randomly to Users
Hi BGould,
I have just published a new version of Track Actions disabling the option to send emails. Please, update it and tell me if it works.
Regards,
Jose
I have just published a new version of Track Actions disabling the option to send emails. Please, update it and tell me if it works.
Regards,
Jose
Please Log in or Create an account to join the conversation.
- BGould
-
Topic Author
- Offline
- New Member
-
Less
More
- Posts: 8
- Thank you received: 1
2 years 10 months ago #5643
by BGould
Replied by BGould on topic Emails Sending Randomly to Users
Hi Jose,
I updated plugin and the emails then stopped sending to users so thank you for fixing.
4 user email addresses were included in the To address for notifications and I have no idea why these specific users were mailed as there seems to be no pattern. The email had the plugin tags included and unfortunately included a separate users name and IP address with the email sent.
Unfortunately I had not realised how many emails were being automatically sent by plugin and it seems as though these users had received hundreds of emails.
This incident has triggered a data protection review with a client and I now need to explain why this happened. Can you please assist me in determining the cause, I understand it may be coding bug but I need to know why these specific users were issued email. The plugin had been installed for 3 weeks.
I had experienced an earlier problem with mail function code which was causing an major error to site which I reported on 16th March 2018 via forum and you confirmed bug updated trackactions plugin to version 1.0.2. I installed the plugin update via joomla admin and it fixed the issue whereby the plugin was causing the site to crash.
From the 16th March and presumably when plugin was updated and mail function was fixed, these 4 users started receiving repeated emails with the following body below and another users name and IP address with data edited for which I really need to determine why these users were mailed, and how is was fixed.
Sent: 26 March 2018 13:19
To: This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Latest User Actions
PLG_SYSTEM_USERLOGS_EMAIL_SUBJECT
PLG_SYSTEM_USERLOGS_EMAIL_DESC
COM_USERLOGS_MESSAGE
COM_USERLOGS_DATE
COM_USERLOGS_EXTENSION
COM_USERLOGS_USER
COM_USERLOGS_IP_ADDRESS
User “Another Users Name“ data edited
2018-03-26 13:19:13
xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>
Many Thanks
I updated plugin and the emails then stopped sending to users so thank you for fixing.
4 user email addresses were included in the To address for notifications and I have no idea why these specific users were mailed as there seems to be no pattern. The email had the plugin tags included and unfortunately included a separate users name and IP address with the email sent.
Unfortunately I had not realised how many emails were being automatically sent by plugin and it seems as though these users had received hundreds of emails.
This incident has triggered a data protection review with a client and I now need to explain why this happened. Can you please assist me in determining the cause, I understand it may be coding bug but I need to know why these specific users were issued email. The plugin had been installed for 3 weeks.
I had experienced an earlier problem with mail function code which was causing an major error to site which I reported on 16th March 2018 via forum and you confirmed bug updated trackactions plugin to version 1.0.2. I installed the plugin update via joomla admin and it fixed the issue whereby the plugin was causing the site to crash.
From the 16th March and presumably when plugin was updated and mail function was fixed, these 4 users started receiving repeated emails with the following body below and another users name and IP address with data edited for which I really need to determine why these users were mailed, and how is was fixed.
Sent: 26 March 2018 13:19
To: This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.; This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Latest User Actions
PLG_SYSTEM_USERLOGS_EMAIL_SUBJECT
PLG_SYSTEM_USERLOGS_EMAIL_DESC
COM_USERLOGS_MESSAGE
COM_USERLOGS_DATE
COM_USERLOGS_EXTENSION
COM_USERLOGS_USER
COM_USERLOGS_IP_ADDRESS
User “Another Users Name“ data edited
2018-03-26 13:19:13
xxx.xxx.xxx.xxx<xxx.xxx.xxx.xxx>
Many Thanks
Please Log in or Create an account to join the conversation.
- Jose
-
- Offline
- Moderator
-
Less
More
- Posts: 4136
- Thank you received: 319
2 years 10 months ago #5644
by Jose
Replied by Jose on topic Emails Sending Randomly to Users
Hi BGould,
There was a bug in the Track Actions plugin causing this issue; users to be notified where selected using this query:
So, in theory, nobody should have been notified because I don't add a "logs_notification_option" in users account. The explanation for this could be that other plugin added something like this and this is why users where notified in this site and not in other sites.
After receiving your report I fixed the bug disabling the email function, so nobody will be notified anymore.
Regards,
Jose
I really apologize about this. Privacy is one of the most important things for me, so I'm really disgusting about this incident. Of course I will you assist on everything on my hand.This incident has triggered a data protection review with a client and I now need to explain why this happened. Can you please assist me in determining the cause, I understand it may be coding bug but I need to know why these specific users were issued email. The plugin had been installed for 3 weeks.
There was a bug in the Track Actions plugin causing this issue; users to be notified where selected using this query:
$query->select('a.email, a.params')
->from($this->db->quoteName('#__users', 'a'))
->where($this->db->quoteName('params') . ' LIKE ' . $this->db->quote('%"logs_notification_option":"1"%'));So, in theory, nobody should have been notified because I don't add a "logs_notification_option" in users account. The explanation for this could be that other plugin added something like this and this is why users where notified in this site and not in other sites.
After receiving your report I fixed the bug disabling the email function, so nobody will be notified anymore.
Regards,
Jose
Please Log in or Create an account to join the conversation.
- BGould
-
Topic Author
- Offline
- New Member
-
Less
More
- Posts: 8
- Thank you received: 1
2 years 10 months ago #5645
by BGould
Replied by BGould on topic Emails Sending Randomly to Users
Hi Jose,
Thanks for coming back so quickly really appreciate. I understand these things happen so thank you also for your concern regarding security and privacy.
The code snippet you sent really helped me to narrow down issue and I can see that these users had the log notification = 1
I am going to try and work out why these 5 users had this option selected but understand this will not be related to plugin and you have also fixed the issue with plugin regarding notifcations.
Securitycheck Pro is excellent component and has greatly helped securing site after some other security issues we had experienced. Please let me offer my gratitude in what you have developed and also thanks again for responding so quickly!
Kind Regards
Thanks for coming back so quickly really appreciate. I understand these things happen so thank you also for your concern regarding security and privacy.
The code snippet you sent really helped me to narrow down issue and I can see that these users had the log notification = 1
I am going to try and work out why these 5 users had this option selected but understand this will not be related to plugin and you have also fixed the issue with plugin regarding notifcations.
Securitycheck Pro is excellent component and has greatly helped securing site after some other security issues we had experienced. Please let me offer my gratitude in what you have developed and also thanks again for responding so quickly!
Kind Regards
The following user(s) said Thank You: chrishall57
Please Log in or Create an account to join the conversation.
- Jose
-
- Offline
- Moderator
-
Less
More
- Posts: 4136
- Thank you received: 319
2 years 10 months ago #5646
by Jose
Replied by Jose on topic Emails Sending Randomly to Users
You're welcome BGould.
I'm glad to hear you like my extensions; that's why I workd hard every day.
Regards,
Jose
I'm glad to hear you like my extensions; that's why I workd hard every day.
Regards,
Jose
Please Log in or Create an account to join the conversation.
Time to create page: 0.092 seconds