BUM module aims to offer a basic and simple way to manage users.

It offers:

    • signUp page with email confirmation link and resend email confirmation;
    • logIn page;
    • My Profile page with:

         view profile, view private profile, update profile for regular users
         view profile, view private profile, update profile, delete profile, manage users, create user and view all users for admin user
  • multiple email addresses for a user

In the installation page of these module, installation steps are presented clear and default roles and users (admin; demo) are automatically created.

For better user authorization management, modules that use the default yii auth DB structure can be used. (like RBAM)

Well that’s it; enjoy it and please leave your feedback.


You still have a couple of bugs at installation:


Line 245

<li><?php echo BumDefaultInstallData::getDefalutSuperAdminUserData()['user_name']; ?></li>

<li><?php echo BumDefaultInstallData::getDefalutDemoUserData()['user_name']; ?></li>

Should be:

<li><?php echo BumDefaultInstallData::getDefalutSuperAdminUserData('user_name'); ?></li>

<li><?php echo BumDefaultInstallData::getDefalutDemoUserData('user_name'); ?></li>

Good luck with your extension :)

oh, 10x,

Well technically they are now quite bugs, because from php 5.4 it’s allowed to do something like:



but yes, for older versions this is not allowed, I’ll modify them.

Demo page can be found at http://bum.infoprofessional.ro

Keep in mind, that because it is a demo, no operations are allowed; so by default: insert, update and delete are disabled.

Does this module a password recovery system? I don’t see it in the login page of the demo.

No, it doesn’t have a password recovery system, but as soon as I have some free time to spare I’ll implement one… (let’s say in 4-5 weeks)…

I simply forgot about it…

Now it does have a password reset system! :)





P.S. In demo mode password can’t be reset, so there is nothing to see as demo…

hello, im trying to install sql but back me some errors

Query SQL:

CREATE UNIQUE INDEX settings_name_UNIQUE ON settings(



Messaggio di MySQL: Documentazione

#1061 - Duplicate key name 'settings_name_UNIQUE' 


i fixed!!

some corrections:


Function: getActive()

    function getActive(){


	    	$user = $this->loadUser(Yii::app()->user->id);

	    	return $user->active;



other ways is not possible visit the profile for not logged users

Function: actionViewProfile

// I want and I need see the url with or without "id"

// eg. index.php?r=bum/users/viewProfile -> my profile

// or index.php?r=bum/users/viewProfile&id -> my profile


// or index.php?r=bum/users/viewProfile&id=2 -> my or other user profile

// the last one with id is for every kind of user, guest or not

	public function actionViewProfile($id = "")


		if(!$id && !Yii::app()->user->isGuest)


                        // If i have not id inside the url,

                        // and i am not guest i will show my personal profile

			$id = Yii::app()->user->id; 


		else if(!$id && Yii::app()->user->isGuest)


                       // else if i have not id inside the url and i am guest,

                       // i will br redirect in index page




the last up change it is for the next step

function: actionLogIn and actionSignUp

// in the first row i check if i am logged





if i am logged inside the website i have not to see the login and signup page.

I hope help you.

Well if I try to access a page and there is no id, an CHttpException(400,‘Your request is invalid.’); error is throw. If the id is wrong, CHttpException(404,‘The requested page does not exist.’); error is throw.

What you suggest here is that if I am try to access a profile with no id, and I am logged in I should be redirected to my profile, else to the front page.


I thinking is always better have not ID in the url for visit personal profile.

I am feeling more free under developer, like in the code below


in that redirect i didn’t need ID profile.

The ID is useful for visit the others profile.

Then i fixed login and registration action who was visible if the user was not guest

Now you may test how password reset system works on:


also here you may test social(facebook for now) logIn button.

CDbCommand error on initial load after install.

I installed the module (bum.v3.02.zip) and then the yii-mail extension per the instructions, on a fresh Yii installation. I ran the mySQL scripts. After modifying protected/config/main.php and protected/views/layouts/main.php as prescribed by the instructions, and then trying to load the page, I get the following error:

CDbCommand failed to execute the SQL statement: SQLSTATE[HY000]: General error: 1366 Incorrect string value: ‘\xE2\x80\x8F’ for column ‘subject’ at row 1. The SQL statement executed was: INSERT INTO site_emails_content (name, subject, body, available_variables, version) VALUES(:name, :subject, :body, :available_variables, :version)

p.s. I still get the same error setting ‘install’ to either true or false.

Is this coming from the yii-mail extension or the bum module? I’ve run out of ideas on what to try next. Any help is appreciated.

Thanks, Mike K.

Try to set UTF-8 collation for your tables in database. Check database default collation (should be UTF8), then table collation and collation of column "subject" in table "site_emails_content".

I hope this helps…


Thank you for the reply about Integrating BUM and for posting the “How-to”, however I am looking for something different. I would like to put this issue on hold for a bit. I’m going to do some experimenting on my own and I’ll give you feedback later. I don’t know how fast that will come – might be a while.

In the meantime, I ran into some errors and I thought I might share them. I tried to use the Resend Confirmation Email (on the SignUp form) and Reset Password (on the Login form) buttons. Both are giving unexpected results:

When I request a Resend Confirmation Email, I get the following message, with both a valid email address or valid user name:

[html]Please fix the following input errors:

No data found![/html]

When I request a password reset, an email is sent (sometimes) and received with an embedded link, but on both the

request reset AND a click on the embedded link, an error is reported:

[html]Error 404

The requested page does not exist.


And . . . now no email is being sent at all.

Are these bugs or did I miss something in the setup? I will try to do some debugging myself when I can get to it.

I might try rebuilding the database and reinstalling the default users. I’ll let you know.

You can try for yourself at:


(Note: I enabled admin/admin and demo/demo users login, however the profile edit option for those users and the admin delete functions are disabled.)

SignUp works (I think). If you like, I can turn on the "show errors on web page".

Thanks again, Mike K.

When you request to Resend Confirmation Email first a check is made to see if the user exists and if the user is or is not active. If the user does not exists, or the user is already active, the message(error): "No data found!" is displayed. Please mark one of your users as not active and try again; (I have tried with your user: [color="#555555"][font="Arial, Helvetica, sans-serif"]davedemo[/font][/color] - that user is not active - and no error message is displayed)

As for “[size=“2”]The requested page does not exist.[/size][size=“2”]” error, form [/size] [size=“2”]password reset, I haven’t have time yet to check it, but if you would try on the [/size]http://social-test.infoprofessional.ro you see that is working… I’ll create an email address and test your application to see if I can spot the problem as soon as I have some free time… ;)

Well there are a number of possibilities:

1 maybe you don’t have the permission to write (insert data in) table password_recovery - I suppose that this is the problem; because first thing that it do, the application searches for an existing password recovery request, if it can’t be found error: “[color=”#555555"][font=“Arial, Helvetica, sans-serif”][size=“2”]The requested page does not exist.[/size][/font][/color][size=“2”]" [/size][size=“2”]is displayed…[/size]

2 There is again an encoding problem in table [size="2"]password_recovery… try to set collation to UTF-8 to both table [/size][size="2"]password_recovery[/size][size="2"] and fields…[/size]

3 [color="#555555"][font="Arial, Helvetica, sans-serif"]How many hours the password recovery request is active?[/font][/color] maybe the time expired; but this is not likely…

There really should be a more graceful flash message or some other notification that says exactly what you said above, i.e., "ReConfirmation email will not be sent to an already active user.", or "Invalid User - Please sign up before continuing". The current message alarms a naive user into thinking the site is broken.

1 - I would think that permissions is not the issue - New users are created and existing users can log in and perform operations - however those are different tables. I will check further on this. A call to the hosting site administrator may be in order.

2 - I verified that UTF-8 collation is employed on all tables and columns.

3 - An expired time shouldn’t give a “page not found” error. (Here is another place where better user feedback should be employed.) Besides, the replies are being invoked well within the time window.

The log is indicating that the controller can’t locate a file, but I can’t tell which file it’s missing. I’ve reinstalled the bum module itself, but the error persists. It may be related to the password_recovery table. I will contact the hosting administrator for some help. Let me work on this. I’ll give more feedback later.

[quote name=mikeklon]When I request a password reset, an email is sent and received with an embedded link, but on both the

request reset AND a click on the email embedded link, an error is reported:

Error 404

The requested page does not exist.


It turns out that my hosting company disallows triggers. Therefore the password_reset table wasn’t being populated at the time of the request, which subsequently led to a bad URL formation, which then caused the 404 - Page Doesn’t Exist response. I had forgotten that the triggers were left out when I installed the tables.

My solution was to disable triggers (as prescribed by firefly in post #13515) in the config/main.php.

Request password reset functionality now works as expected.

I would still like to see more graceful user feedback when using Resend Confirmation.

I’v change some error messages, as follow:

  • for resending SignUp confirmation email: "No data found or user is already active!"

  • for resending password: "The requested page does not exist! Your password reset code is expired, has been used or does not exists!"

The changes are available only on github (for now)…

@firefly, great extension. However, I need to add a friendship system.

Can you point me in the right direction to get started?

Thanks and cheers.