Closed (works as designed)
Project:
Notify
Version:
5.x-1.0
Component:
Code
Priority:
Critical
Category:
Bug report
Assigned:
Unassigned
Reporter:
Created:
10 Apr 2007 at 09:17 UTC
Updated:
3 Jun 2009 at 08:33 UTC
Since I've installed the Notify module, I noticed the cron job getting time outs: "Cron run exceeded the time limit and was aborted." When I accessed http://site/cron.php I was autmatically logged in as the admin user (id = 1) and redirected to this user's notify settings page (user/1/notify)!!! This is a big security risk and surely this can't be right... When I comment out the contents of the notify_cron function this doesn't happen, so it must be going wrong somewhere in there.
Has anyone else experienced this before?
Edgar
Comments
Comment #1
emeij commentedThis is actually caused by a single node, which has php redirect code as its body. As soon as this node is loaded to be sent, the redirect breaks the Notify "workflow"..
Comment #2
matt bI've just had this issue - my workaround was to edit the node with the redirect code so that the created date was too far in the past to be picked up by Notify (but I've also hacked how Notify selects nodes to suit my purposes).
Comment #3
helloanshul commentedyou should remove all the redirect code...
Comment #4
matt bUsually you would use redirect code for a very specific purpose, in my case I cannot see how else I would achieve the requirements - removing it is not the solution, and you have to allow for the fact that some sites need to have nodes that use PHP code. It would be better to have an option for Notify to ignore nodes that have PHP as the input type.