@jasnon
You can replace current code snippet with this new code snippet
for additional display of time, posted field values, username, IP, browser and current user ID.
if ( ! isset( $args['user_id'] )) {
$trace = '<div>' . date_i18n( 'Y-m-d H:i:s ', current_time( 'timestamp' )) . '</div>';
if ( is_array( $_POST )) {
$trace .= '<div>POST field values by the UM Form:</div>';
foreach ( $_POST as $key => $value ) {
if ( is_array( $value )) {
$value = 'array: ' . implode( ', ', $value );
}
if ( strpos( $key, 'password' ) !== false ) {
$value = '***************';
}
$trace .= '<div>' . esc_html( $key ) . ' => ' . esc_html( $value ) . '</div>';
}
}
$trace .= '<div>form_id: ' . $form_id . '</div>';
$trace .= '<div>mode: ' . $mode . '</div>';
$trace .= '<div># fields: ' . count( $fields ) . '</div>';
if ( isset( $args['username'] )) $trace .= '<div>username: ' . $args['username'] . '</div>';
$trace .= '<div>IP: ' . um_user_ip() . '</div>';
if ( ! class_exists( '\Browser' ) ) require_once um_path . 'includes/lib/browser.php';
$browser = new \Browser();
$trace .= '<div>User Agent String: ' . $browser . '</div>';
global $current_user;
if ( isset( $current_user->ID )) $trace .= '<div>current user ID: ' . $current_user->ID . '</div>';
if ( ! empty( get_current_user_id() )) $trace .= '<div>get_current_user_id(): ' . get_current_user_id() . '</div>';
$e = new \Exception;
$trace .= '<div><pre>' . $e->getTraceAsString() . '</pre><div>';
file_put_contents( WP_CONTENT_DIR . '/um_trace_log.html', $trace, FILE_APPEND );
}
Thread Starter
jasnon
(@jasnon)
@missveronicatv I think I may have finally been able to re-create the issue. Steps that were taken:
- Open a browser tab on the registration page (don’t fill any fields out)
- Open a second browser tab on the login page
- Log into an existing account
- Go back to the first tab and attempt to register a new account
- After submitting the form you’re taken back to the registration page with the message “You’re already registered”
- The following is also appended to the end of the URL: ?err=invalid_nonce&um-hash=5ec446
- And the following notice is added to the log: PHP Notice: Undefined index: user_id in /wp-content/plugins/ultimate-member/includes/core/um-actions-form.php on line 433
Thread Starter
jasnon
(@jasnon)
@missveronicatv @andrewshu some additional information on the issue as I’ve seen more occurrences over the weekend:
Some (not all) registrations trigger the php notice 5 times.
- 3 times on the registration page (form mode = register)
- And 2 times on the login page (form mode = register)
These 5 notices all occur for the same user id within a matter of seconds.
Looking at my users database, the new registrations that trigger the notice appear to possibly be bot signups as the username is just a log string of characters and numbers. Is it possible that bot signups who automatically fill registration fields to sign up may be the culprit for triggering these error notices? And if so, is there a fix for that?
@jasnon
In the third code snippet I added the IP address
which you can use to find the geo location of the user or bot
https://www.maxmind.com/en/geoip-demo
@jasnon
Try to add the free UM reCAPTCHA plugin for your Login and Registration pages.
Get Google API Keys for version 3 of the reCAPTCHA.
https://ww.wp.xz.cn/plugins/um-recaptcha/
Thread Starter
jasnon
(@jasnon)
@missveronicatv thanks will do. I’ll install now and monitor to see if that helps.
Thread Starter
jasnon
(@jasnon)
@missveronicatv @andrewshu adding reCAPTCHA to my registration form looks like it did the trick! I’m no longer seeing those Undefined index: user_id errors show up in my log. Feel free to close the ticket, and thanks again for all the support!
