My members pay dues through a CRED form. I keep the posts as a history of their payments.
When they initially submit the form, it triggers a CRED notification which comes to me and a copy goes to the member.
This morning - I was inundated by emails (which also went to the members) of this email notifications for really old posts - some of them going back several years.
The only way I could think to stop them was by going into my CRED forms and disabling the notifications - but that is not a long term solution because it will also stop the notifications for the legitimate new posts.
It seems clear to me that some kind of internet virus/bug is getting into my account, and "submitting" old posts that trigger notifications.
Have you heard of this happening? Do you know of any way to stop it from happening?
I have changed the password to my website account ... but I don't know if that will stop the issue.
Any thoughts you have would be greatly appreciated!
Hello. Thank you for contacting the Toolset support.
This could be an edge case or there could be conflict with another plugin or theme.
Toolset Form's notification sent based on the Unix timestamp saved as the date value and once the CRON is set to run as per your selected time (hourly, daily, weekly...) - it should trigger the notification.
If you can share the step to reproduce with problem URL and send me access details I would be happy to check this further.
*** Please make a FULL BACKUP of your database and website.***
I would also eventually need to request temporary access (WP-Admin and FTP) to your site. Preferably to a test site where the problem has been replicated if possible in order to be of better help and check if some configurations might need to be changed.
I have set the next reply to private which means only you and I have access to it.
Hello, as Minesh is on vacation, I'll continue on this ticket with you.
From what I gathered so far, maybe the option to send notification "only if the field has been changed" is causing these emails. I suspect that another plugin is updating a custom field and that Toolset Forms is considering it a condition to resend the notification.
Unfortunately, I did not receive Minesh's test results, I'll need to perform the test myself. If I am not able to reproduce the same issue, I'll need to take a copy of your website to debug it locally. Let me know if that would be ok with you.
In the meantime, I am creating a new installation to check if updating a custom field, for example from Yoast plugin, will trigger the notification email. I'll get to you as soon as possible.
My apologies for the late reply. I was able to partially reproduce the issue.
I created an edit form that should send the notification when a custom field changes to a certain value. Then I updated the post on the backend. The notification is sent there too, but only when the conditions are met, check this screenshot hidden link:
- Custom field value equals a certain value.
- Custom field value has changed.
I would not expect the notification to be sent when the update is performed on the backend. I am approaching our 2nd Tier to get a confirmation about this or another opinion. I'll get back to you as soon as possible.
According to our 2nd Tier, the notification will be sent regardless of whether the post is updated from the front end or the back end.
That is expected and intended. It would also be sent if, say, you had a cron job that updated the custom field value, it is part of the usefulness of this feature.
As an aside, note that if you were to publish such a post from the backend the notification wouldn’t get set up, that only occurs when you publish the post via the form that sets up the notification.
But, you said, that the notification is sent on your server when you save the post on the backend without changing anything, right? To analyze that, I would need to take a copy of your website and check it locally, let me know if you authorize me to take it. I'll install the Duplicator plugin and I'll prepare a copy.
Yes - I am most happy to give you that permission! Please go ahead!
I just got hit again this morning - with about 50 emails from 2017 going to from another one of my forms. This is getting really embarassing for me as my clients are getting bombarded with old emails that went out long ago and shouldn't be triggered again because nobody is changing the criteria of the conditional field!
It also just happened with a form from my other website - writingmusicaltheatre.com
Any help you can provide would be so greatly appreciated!
Thank you Elise, I took a copy of your website and managed to build it locally, at least with only the Toolset plugins and a default theme(2020).
Then I installed a plugin to catch the sent emails.
An email was sent/caught after I opened the example product and clicked on save. But then, no emails are sent when only updating the post from the backend. To trigger the email, I needed to change the value of the custom field, and save, then change it back and save. Additional save actions do not trigger the email.
I would suspect something with the server, probably a cache layer. But that will not explain, why the first email was sent.
Let me get another opinion from our 2nd Tier and get back to you.
I would recommend (and I give you permission) to review this through my other website - hidden link - which is my primary account.
The same problem is happening there - BUT that website is far simpler and has far fewer plugins - so it might be easier to diagnose the problem.
I just got hit last night and about 50 old emails were triggered from this site - all from only one Toolset Form: AssignmentResult Edit Form (ID 704).
I have temporarily disabled the two notifications that are currently being sent by that form because I had to stop the bombardment of my old students with old emails from years ago.
So please have a look at this site - which is simpler - where it might be easier to diagnose what on earth is going on.
I'm happy to send you the access info for that website if you send me one of those private forms that I can fill out.
Unfortunately, I was not able to take a Duplicator copy of this website hidden link
And our 2nd Tier is still investigating the issue with the first website. Let me approach him and tell him about this other one and I'll get back to you as soon as possible.
Our 2nd has identified a case where an update to any custom field can trigger the email notification. The developers provided a patch that should work for your website.
To apply the fix, unzip the package and upload the file to replace the one with the same name in /wp-content/plugins/cred-frontend-editor/application/controllers/notification_manager/
The package is available here hidden link
Please let us know if this fixes the issue for you.
We still do not know for sure what is triggering this custom fields update on your website. We suggest using an activity logging plugin that can find out where the update is done, such as https://wordpress.org/plugins/aryo-activity-log/
