Session log — First name and surname split, and sign-in repair

InternalView platform →
← All session logs

Session log — First name and surname split, and sign-in repair

12 June 2026, evening · Medilearn · Hasmukh with Claude · auto-published from the local journal entry. A polished narrative version can be requested in any future Claude session.

Summary

Hasmukh asked for the doctor sign-up to capture First Name and Surname separately (instead of one Full name box), since the HPCSA register is searched by surname, with email and MP number as before, and approval continuing to unlock the recordings. While making the change it emerged that the platform update of 10 June (PageMotor 0.9.4) had quietly broken every doctor action on the live site: sign-in, sign-up, sign-out and the Approve and Decline buttons all stopped working the day after they were built. The new platform routes plugin requests through a registry with access levels and structured results, and the plugin was written for the older style. Both things were done together: the name split and a full repair of the plugin for the new platform. Everything was tested end to end on the live site and works.

Changes made (ML Doctors 0.2.0 → 0.3.0, live on medilearn.africa, served from /var/www/medistage)

  • Sign-up form now asks for First name and Surname separately. Both are required. They are stored separately and also combined for greetings and emails. Older single-name records split sensibly for display.
  • The admin approval list now shows First name, Surname, Email and MP number as separate columns, in the pending, approved and declined tables.
  • The plugin now registers its five actions with the new platform router: sign-in, sign-out and register are open to the public; Approve and Decline are admin-only at the router level (defence in depth on top of the plugin's own admin check).
  • Handler results were updated to the platform's new structured result format, fixing sign-in and registration responses that were reporting failure even when they had succeeded.
  • A timestamped backup of the previous plugin version was kept on the server at user-content/backups/ml-doctors-20260612-020230, and a working copy of the current code is in the "Doctor Verification" folder on Hasmukh's Mac.

Tested on the live site

  • Registration creates a pending doctor with first name, surname, MP number and consent timestamp recorded. Confirmed in the user records.
  • Registering the same email twice is politely refused. Missing surname is refused.
  • Sign-in works; a pending doctor sees the "Almost there, awaiting approval" page and cannot watch recordings.
  • Anonymous attempts to call Approve are refused by the router (403).
  • Home, Past events, Doctors and Speakers pages all load normally. Test accounts created during testing were removed.

Discovered, not yet fixed

  • EP Audit Log is also broken by the 10 June platform update (PHP warning: PM_User::$username undefined; "Column 'user' cannot be null"). It fails to record admin actions. No update is available yet via the updates checker, so this is one for Kenn.
  • The error log shows an email sending certificate mismatch from 11 June (server certificate *.domains.co.za did not match smtp.medilearn.africa). The EP Email settings now point at cp70.domains.co.za which should match, but outgoing email has not been dry-run tested since. The approval email test remains outstanding.
  • The Approve button itself still needs one click-test by Hasmukh in the admin (Dr Jane Smith is waiting in the list for exactly this).

Update later the same night: passwordless sign-in (ML Doctors 0.4.0)

Hasmukh registered himself on the live form (hasmukh@os.org.za, approved by himself at 00:20) and found the approval email never arrived. Two causes: the plugin was posting mail through the server's raw mailer instead of EP Email's authenticated SMTP, and the sample applicant Dr Jane Smith has a made-up address that can never receive mail. Hasmukh then chose a redesign: doctors should never set a password.

Built and deployed ML Doctors 0.4.0, fully passwordless:

  • Sign-up asks only first name, surname, email, MP number and consent. An internal random password satisfies the platform; nobody ever sees or uses it.
  • Sign-in: the doctor enters their email, receives a 6-digit code plus a one-click sign-in link (both work once, expire in 15 minutes, max 5 attempts, 60-second resend cooldown, only fingerprints stored). The emailed link lands on a confirm page so email scanners cannot consume it.
  • Approval now emails a sign-in link that lasts 7 days and signs the doctor straight in.
  • New acknowledgement email on application ("we verify by hand, usually within two working days").
  • All emails now go through EP Email's authenticated SMTP (confirm@medilearn.africa), with raw mail() only as a fallback.
  • The form never reveals whether an email address is registered. Sessions last 7 days per device (platform-enforced).
  • Backup of 0.3.1 kept at user-content/backups/ml-doctors-v031-*.

Tested live: passwordless registration, neutral answers for unknown emails, wrong code refused, correct code signs in (single use), emailed-link sign-in works, wrong link refused, lockout after 5 attempts holds even with the correct code, pending doctors see "awaiting approval", all pages healthy, test data removed. A live sign-in code was sent to hasmukh@os.org.za through the new path with no sending errors logged.

Update, 12 June morning: the twelve improvements (ML Doctors 0.5.0)

Hasmukh asked to run all twelve improvement items. Built, deployed and tested ML Doctors 0.5.0:

  • MP numbers are tidied at entry (uppercase, spaces stripped, bare digits get the MP prefix) and must look like a real MP number.
  • One account per MP number, enforced at sign-up, case and spacing insensitive.
  • The operator gets an instant "new doctor application" email (address set in the new Notifications settings, currently hasmukh@gajjar.co.za). A weekly Monday reminder endpoint exists, guarded by a secret key stored in settings; the server schedule line is ready but needs Hasmukh's explicit approval to install.
  • Declining a pending applicant now emails them politely and invites a corrected resubmission; resubmitting with the same email reopens the application as pending. Declines stamp who and when. Revoking an approved doctor stays silent by design.
  • The pending list gained a Check on HPCSA button (copies the MP number, opens the iRegister), an optional verification note saved with each approval, and gentle warning flags (throwaway email service, same internet address as another application, odd MP format). Registration IP is now recorded for this purpose and disclosed in the privacy notice.
  • Privacy Notice page written and published at /privacy (content id 20), fixing the consent link that had pointed at Page not found.
  • Email reputation checked: SPF, DKIM (default selector) and DMARC p=none all present on the domain; deliverability already proven to me.com.
  • Test cleanup: the run's own test accounts removed. Deleting drtest and janesmith was blocked pending Hasmukh's explicit word.
  • Operator one-pager saved as "Doctor Approvals Checklist.md" in the Doctor Verification folder.
  • Annual HPCSA re-check: yearly recurring event created in Hasmukh's calendar (12 June, 09:00 SAST).
  • Vimeo lock-down attempted via the browser; Vimeo wants a login, so this remains with Hasmukh (log in and Claude clicks through, or DIY per the plan).

All pages healthy after deployment; no new errors. Backup of 0.4.1 kept at user-content/backups/ml-doctors-v041-*.

Update, 12 June afternoon: audit log repaired, Doctors in the menu

  • EP Audit Log fixed (Hasmukh asked for it directly rather than waiting for Kenn). The 10 June platform update renamed the signed-in user object's username property to name; the audit plugin still read the old one, so every admin-context request logged warnings and the plugin disabled itself ("Column 'user' cannot be null"). Patched with a small compatibility helper that reads whichever property exists (works on old and new platform versions, and survives if a future EP update restores the old name). Backup kept at user-content/backups/ep-audit-log-*. Verified: admin requests run clean since the patch, registrations are recorded, and logins/changes will now carry the username again. NOTE: if Kenn ships an official EP Audit Log update it may overwrite this patch; if the same errors return after an update, re-apply the helper (also saved locally in the Doctor Verification folder as ep-audit-log-plugin.php).
  • "Doctors" added to the site's main menu (theme instance Header_Nav, between Contact and the Register button), visible on every page. Vimeo lock-down verified the same day: all recordings were already hidden from Vimeo and embeddable only on medilearn.africa, with account defaults Private/Nowhere; the morning's "publicly watchable" finding was wrong and is corrected in the plan.

Follow-ups (carried from the 12 June plan in the Doctor Verification folder)

  • Lock the Vimeo videos so they only play embedded on medilearn.africa (currently watchable by anyone with the link on vimeo.com).
  • Publish the privacy notice at /privacy (the consent tick box links to it; currently Page not found).
  • Email dry run: register, approve, confirm the email arrives.
  • Polish: forgot password, acknowledgement email on sign-up, new-doctor-waiting alert, stay signed in, one account per MP number.
  • Remove the test accounts drtest and janesmith before go-live.
  • Tell Kenn about the EP Audit Log breakage.