Please disregard the 'View article...' shown at the bottom of many posts as this is the result of restoring old forum posts from a backup.



After upgrading from 2.3.7 to 2.3.9 p1, the form doesn't work.
Error reporting gives me:
Warning: strrpos(): Offset is greater than the length of haystack string in /home/XXX/domains/XXX/public_html/framework/core/subsystems/expRouter.php on line 212
Warning: escapeshellarg() has been disabled for security reasons in /home/XXX/domains/XXX/public_html/external/swiftmailer-5.4.3/lib/classes/Swift/Transport/MailTransport.php on line 252

I'm using simplified php mail
Any ideas?


  • These are both 'warnings' about bad coding and are basically benign.
    • The first is already fixed in the pre-release code for patch 2 (which may become 2.4.0?).
    • The second is an attempt to 'escape' quotes in an argument to clean it up, but has been disabled on your web server php.ini. Below is a recommendation I found from Google
    1. Remove the escapeshellarg string from the disable_functions at php.ini* file

    2. Ask your hosting provider to remove the string above if you don't have an access to the php.ini* file

    3. Change hosting provider which allows the running of the escapeshellarg function.

    from this website:

  • But are these the reasons the form doesn't send?
  • Sorry, I missed that aspect of this post. I can duplicate the warnings, but my test system (configured for disable functions and use simplefied email) still sends the email. Is it possible there are odd/illegal characters in the 'email' field entry (not a single legal email address)?  Couple questions:
    • Was this working before? I assume it was
    • Are we talking about the 'Email Form Submissions' email (to the site admin?) or the 'Submission Response' email (to the submitter)
  • Yes, it was working before :-)
    After Submit, I get:
    Unable to Send Mail to - my emailaddress (in this case) in the red background.

  • Is it possible the server has changed in regards to the 'sendmail' command or the php.ini file? Here's a link to some things to check if the php simplefied email is not working. In particular, look at the php.init settings section of that page and there is a sample script you might be able to edit, upload, and run on the server for a test.
  • As a note, the Exponent CMS mail subsystem was last edited on May 25th which corresponds with the v2.3.8patch2 release and we issued a total of 6 patches to v2.3.8, then v2.3.9, and most recently v2.3.9patch1 (with a patch2 on the way)
  • I've checked the samplemail and I've contacted the hosting provider. There, they say that mail isn't even offered to the server. I've tried making a new form, that also didn't do the job. Any other suggestions?
  • Well that's why simple mail fails (since it slaves off the server's mail server). You'll need access to a mail server (SMTP), it can be any domain/server, then set up the site configuration mail server settings.
  • Tried that already: then I get:
    Sending Mail Failed! - Failed to authenticate on SMTP server with username "" using 2 possible authenticators

  • I would think the username (and password) are an actual email account on the smtp server...above implies you entered the server address as a username? Most mail servers run without an Encrypted Connection, but you might try any of the 3 settings. You might also 'Turn On SMTP Debugging' to get more output, then after saving the Site Configuration settings, run the 'Test SMTP Mail Server Settings' command under the Super Admin menu.
  • Yes
    I tried the 3 settings. I get: Sending Mail Failed! - Connection could not be established with host [Connection timed out #110] Log data:

    Nothing in log data. As the host said: it seems i cannot connect to the server, with simplified php mail or smtp...

  • If the connection is timing out, perhaps your server is blocking some outbound ports to prevent it being used to spam? Also, some mail servers do NOT use port 25, but have another specific port they monitor...and/or a specific sign-in (full email address, not just a user name) again to help prevent spam.
  • Ok, I've got some more info: The simplified php mail doesn't work because the host has: escapeshellarg() has been disabled for security reasons in /home/XXX/domains/ on line 252 disabled for security reasons.
    And for SMTP the say the authentication needs to be turned idea how or where..? (SSL or TLS dousn't do the job) The SMTP test gives nothing more than a time out

  • SSL and TLS are methods to encrypt the connection and have nothing to do with most cases the encryption should be set to 'None'. Authentication on the other hand is set by entering the correct user name and password for the SMTP server you have in the address line. Some SMTP servers want simply a user name, but most require an email address. Also some servers use a non-standard port (not 25) for the smtp connection or may block it either the outbound server (your web server) or the inbound server (mail server?).
  • I've checked with the host: they use port 25 and require an emailaddress. Both are in place.
  • Could there be another explanation for the Sending Mail Failed! - Connection could not be established with host [Connection timed out #110] Log data:

  • Have you tried using a mail client on a device to test the SMTP server settings above? (e.g., the same client used to check your email)
  • Ok, did that: i get a request from Google to verify..
  • Don't want to follow through without asking my client to agree with me loading his email..
Sign In or Register to comment.