Error after one-time login

Sorry, wanted to say:

i get this error!!

Thank you for this bug report. Strange that no one noticed this before. I'll have a look at it as soon as I can.

@ easyfit,

Thanks for your rapid reply, i indeed think it's strange nobody noticed this before. I also think it's not from myside. Will wait for your answer.

Cheers!!

Password Reset, gives this error:

mcrypt_generic() [<a href='function.mcrypt-generic'>function.mcrypt-generic</a>]: An empty string was passed in ****/public_html/sites/all/modules/aes/aes.module on line 494.

So something should be done with:

Good luck,
Thanq

N.B.: This time, on the user's page, i didn't get the error message but i saw it on admin/reports/dblog as php error. This time i indeed could see the user's password, but the other way i get empty password (as mentioned above).

I've done some testing now and I can't seem to replicate your problem. Could you explain exactly what you are doing and in what order you are doing it?

And what user registration policy do you use? Do you use "Visitors can create accounts and no administrator approval is required." or one of the others?

Thank you so much easyfit for your reply.

What i exactly have is:
-Drupal 6.6 running on Apache 2.2.9 (Unix), PHP 5.2.6, MySQL 5.0.51a-community, operating under Linux
-AES encryption 6.x-1.3
-Legal 6.x-2.2-beta4 for Terms and Conditions
-Login Destination 6.x-2.1 (with no problems at all for users already created their first password)
-Other modules of course :)
-"Visitors can create accounts but administrator approval is required", with the "Require e-mail verification when a visitor creates an account"

Also, very important for you to know, under admin/settings/aes:
-"Create AES passwords" checked
-"Method for viewing passwords" is "Collapsible box"
-"Cipher" is "Rijndael 256"
-"Key storage method" is "File"
-"Path to keyfile" is out from public_html

All working great with no problem (i can see all passwords when users login, after enabling your module) except that when a user first create the account and uses his/her one-time login to set password, or when a user send for "Password Reset" and again use the one-time login to set password. But after they again login, i can see their passwords.

What do you think?

If you need more info from me please tell me.

Thx mil,
:))

News!!!

Hi again, i discovered today after a new user created her account, waiting for admin to activate her account (me) that AES has set a default password for her.

Is this strange? or is it normal?
I tried to create new demo users and it does same always.

When user click on one-time login to create first password, the old password created (while creating new account) by AES is been changed to the new password set by user.

What do you think?

Check for my AES settings, on the above post.

Thank you so much,
Cheers!

I've tested it now with your user policy setting and the Legal and Login Destination modules, but I still can't reproduce your bug. And it's virtually impossible for me to hunt down a bug which I don't have...

To be honest I'm also suspecting that the bug is somewhere in another module that you have enabled, since no one else has reported this. If another module is - for some reason - unsetting the "pass" variable in the $edit array in hook_user then an empty string would be passed to aes_encrypt, which would produce this error. But I don't know which module might do that, I've glanced at the Legal and Login Destination modules but they don't seem to be at fault.

So, since I can't reproduce this bug and since I suspect the cause of the problem lies elsewhere than in this module, I'm gonna close this issue if you don't mind. I'm sorry I couldn't be of more help.

@easyfit,

I don't know how to thank you for your time and help trying to solve that wierd error for me, it's strange but i could give you a list of which modules i have active. Maybe (or sure) it's another module cosing this error like you said. If i could help finding which one, please advise me with what should i do. I have installed the devel module, so i could make some testing if you like me to.

Thank you so much for your great help.

N.B.: I am closing this issue (very saddly) as you asked me but, if you wish me to (and of course you have free extra time) search using devel, i'll be glad to help resolving that error. Thx.

Thank YOU for being so helpful :)

If you would really like to get to the bottom of this, I would recommend simply disabling each module you have one by one and repeating the process until the problem no longer occurs, that way you should be able to find out which module is causing the problem. This is a tedious thing to do of course, and it's assuming that the problem really lies in another module, but I think it does.

If you do find out what the problem is, I would love to hear about it, even if it's unrelated to this module. Thanks for taking the time to report the issue anyway.

@ easyfit,

Again, i don't know how to thank you for your time, responding and trying your best on helping me with this issue. I will try to find out which module, but for me now is practically impossible. My site is made for my students, and i have a lot of work still to do for them!

I will try it soon, with a copy of it on my local computer and check one by one --i have for now, active, 25 modules-- ;)

Will keep this for later, and am changing status to postponed if you don't mind, and of course agree.

Thank you so much for your time and for all,

Cheers!!
:))

Hi - great work with the module!

I seem to have the same problem per above, and I guess the conflicting module is mail_api (see below). I am too new to Drupal development and PHP to resolve the problem myself now, but will come back to it later.

http:// .../admin/settings/mail_api/add
Referrer https:// .../admin/settings/mail_api/add
Message mcrypt_generic() [function.mcrypt-generic]: An empty string was passed in .../sites/all/modules/aes/aes.module on line 494.

Best,
Erik

Hi Ringan

Alright, let's have another go at this then. I'll test it with the mail_api module as soon as I have time.

Also just saw this error in the dblog. Subscribing.

I'm working on a new version which will sort of 'fix' this error since empty strings will be ignored silently. I'm pretty sure this will be an okey solution since this error doesn't actually result in anything bad happening (no data is lost etc, as far as I can tell).

New version is out, would be great if someone could give it a try and let me know if you still get any errors.