1. SARS eFiling course built from the S2L SARS August21 folder

You asked for a course explaining SARS eFiling, with the videos sourced from a specific Vimeo folder named “S2L SARS August21”. I queried the Vimeo API by folder name, found the seven lessons inside (Course Trailer, Introduction, Download & Setup, Registration, Resolving Registration Errors, Income Tax Return, Paying SARS), and built the course in their original sequence.

• Course title: Filing Tax with SARS eFiling, free, 7 lessons, 16 minutes total.
• All seven videos authorised for embedding on s2l.online via the Vimeo API in the same script that did the build.
• Landing page created at /sars-efiling/.

2. SARS course added to s2l home page

You asked me to add it to the home page. Unlike the wifi course (where we swapped one of the placeholder cards), this one was appended as a new seventh card at the end of the courses grid. I flagged that the existing “How to Use the Revenue Services App” placeholder card now overlaps topically and offered to remove it if you wanted — you didn't ask me to, so it stayed.

3. Registration and login flow finally wired up

You reported that learners couldn't log in or take free courses after registering. Investigation found the root cause was simpler than expected:

• The /register page on s2l said “You are in the right place” with no actual form.
• The /login page said “Accounts are coming soon. We are building the login system right now.”
• The site already had the EP Membership plugin installed and configured, providing
  Full Name

  Email Address

  Preferred Language English

  Password

  Confirm Password

  I agree to the privacy policy and consent to my data being processed.

  Register

  Already have an account? Log in

  ,
  Email Address

  Password

  Remember me

  Log in

  Forgot your password?

  Don't have an account? Register

  ,
  Email Address

  Password

  Remember me

  Log in

  Forgot your password?

  Don't have an account? Register

  , and

  Please log in to view your dashboard.

  shortcodes — but nobody had ever wired them into the public pages.

Email verification was already off (the relevant setting wasn't in the saved options, which the plugin treats as off). Welcome emails were enabled and SMTP was working through Ionos, so I left that on.

What I changed

• Replaced /register page content with a friendly intro plus the real
  Full Name

  Email Address

  Preferred Language English

  Password

  Confirm Password

  I agree to the privacy policy and consent to my data being processed.

  Register

  Already have an account? Log in

  shortcode.
• Replaced /login page content similarly with
  Email Address

  Password

  Remember me

  Log in

  Forgot your password?

  Don't have an account? Register

  .
• Created a new /profile page using
  Email Address

  Password

  Remember me

  Log in

  Forgot your password?

  Don't have an account? Register

  and so logged-in learners have somewhere to land that shows their courses and lets them continue.
• Updated the membership settings: registration redirects to home (/), after-login redirects to /profile/.

4. Email identity migrated from Kenn's domain to mobilearn.africa

You asked which email address the site was sending from. Inspection showed it was info@hasmukh.elmspark.com (on Kenn's domain). You asked me to swap the entire email setup over to hello@mobilearn.africa and replace the credentials at the same time.

The mobilearn.africa domain's mail is on Google Workspace (confirmed by checking the MX records, which point at Google).

What I changed

• Updated the email identity fields: From, Reply-to, Default recipient, and the contact form recipient all switched to hello@mobilearn.africa.
• Updated SMTP host to smtp.gmail.com:587 (TLS), with username hello@mobilearn.africa.
• Cleared the old Ionos password from the settings.
• Backed up the previous email configuration to a root-only file on the server.

5. New SMTP credentials via Google Workspace app password

For the swap to actually send, I needed an app password for the new mailbox. I gave you the steps:

1. Make sure hello@mobilearn.africa exists in Google Workspace.
2. Sign in to that account, turn on 2-Step Verification.
3. Go to myaccount.google.com/apppasswords, create one called “Something to Learn Online”.
4. Paste the 16-character code into the EP Email admin SMTP Password field, save.

You hit Google's “The setting you are looking for is not available for your account” error initially — this happens when 2-Step Verification isn't on yet, since Google only exposes app passwords once 2SV is enabled. Once you turned 2SV on, the App Passwords page worked and you saved the code through the EP Email admin.

6. Test message confirmed delivery

I sent a test message from hello@mobilearn.africa to hasmukh@os.org.za using the EP Email plugin's own SMTP transport (so we tested the real path, not a synthetic one). Two-step:

1. SMTP authentication test: passed.
2. Real send: accepted by Google for delivery.

You confirmed it landed in your inbox (not spam). Email migration done.

7. SPF record added for mobilearn.africa

Inbox-on-day-one is not a guarantee of inbox-forever, especially for a fresh sender domain. I walked you through adding an SPF record at domains.co.za (your registrar). The existing record was extended to authorise Google's mail servers:

Old: v=spf1 +a +mx include:_spf.tld-mx.com ~all

New: v=spf1 include:_spf.google.com include:_spf.tld-mx.com ~all

You made the change, I verified it was live on both Google's and Cloudflare's public DNS within seconds.

DKIM was queued as the next step but parked for a later session.

8. Lesson drawer fix — the long one

You signed in as a real learner to test the new flow and reported that clicking the “Lessons (6)” button on a lesson page did nothing. The drawer that should slide in from the right was silent. This took multiple attempts because there were three layered problems, not one.

Layer 1: the link from enrol button was a 404

The “Enrol Free” button sent learners to /learn/, which didn't exist as a content page. Your course viewer lived at /watch/. I created a /learn/ page with the same

No course selected. Browse our courses

Layer 2: the trailing-slash redirect dropped query params

Even with /learn/ existing, the URL the plugin emitted was /learn?course=X&lesson=Y (no trailing slash). PageMotor's router 302-redirected to /learn/ but stripped the query string in the process. I edited the ep-courses plugin (on s2l only) to emit /learn/?course=X&lesson=Y in all four places it generated those URLs.

Layer 3: the drawer styles were missing from the compiled stylesheet, and direct event handlers were being stripped

This was the deep one. Two interlocking issues:

• PageMotor's content sanitiser strips inline onclick attributes and inline <script> bodies from shortcode output as a safety measure. So my first attempt — adding onclick attributes directly to the toggle button — was silently wiped before reaching the browser.
• The drawer's own CSS rules (sidebar position, slide-in transform) lived in the courses plugin's stylesheet but weren't bundled into the compiled theme stylesheet. So even if the JS toggle had worked, the sidebar would still have been invisible.

To fix the CSS I tried to bundle the plugin CSS into the theme's custom CSS option and recompile. The recompile script itself was broken (it tried to use the PageMotor engine without instantiating it), so I patched that first. Then on the first bundling attempt I overwrote the theme custom CSS instead of appending to it, which removed your site styling entirely — the homepage rendered as plain unstyled HTML.

After the CSS was bundled correctly the drawer styles were present, but clicking still did nothing. The Mark as Complete button on the same page DID work, which proved the courses JavaScript file was loading and running — only the drawer toggle specifically was failing. As a final layer I added a direct-binding JS fallback that attaches click handlers straight to the toggle button on page load, sidestepping any document-level interference.