If a contact hash is empty and a mail is sent with multiple checksum urls all but the last will be invalid

The CRM_Contact_Utils::generateChecksum function is called once for each time the checksum token is used in the body of the mail. These multiple calls do not work as expected since the 2nd, 3rd calls etc do not receive a value from the database and therefore a different checksum will be generated for each url.

Here are the results of adding dpm calls into the code and sending an email with 4 checksum tokens:

static function generateChecksum($contactID, $ts = NULL, $live = NULL, $hash = NULL) {
// return a warning message if we dont get a contactID
// this typically happens when we do a message preview
// or an anon mailing view - CRM-8298
if (!$contactID)

{ return 'invalidChecksum'; }

if (!$hash)

{ $hash = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $contactID, 'hash' ); dpm($hash, 'retrieved hash'); }

if (!$hash)

{ $hash = md5(uniqid(rand(), TRUE)); CRM_Core_DAO::setFieldValue('CRM_Contact_DAO_Contact', $contactID, 'hash', $hash ); dpm($hash, 'generated hash'); }

if (!$ts)

{ $ts = time(); }

if (!$live)

{ $days = CRM_Core_BAO_Setting::getItem(CRM_Core_BAO_Setting::SYSTEM_PREFERENCES_NAME, 'checksum_timeout', NULL, 7 ); $live = 24 * $days; }

$cs = md5("{$hash}{$contactID}{$ts}_{$live}");
dpm(array(
$hash, $cs, $ts, 'tsdate' => date(DATE_ATOM, $ts), 'days' => $days, 'live' => $live,
"{$cs}{$ts}{$live}")
);

return "{$cs}{$ts}{$live}";
}

retrieved hash =>

generated hash => 60745814a3f5c69ad2e7e8bc1003aaab

... (Array, 7 elements)
0 (String, 32 characters ) 60745814a3f5c69ad2e7e8bc1003aaab
1 (String, 32 characters ) de663a415a12442c20dd880c0e8b29ff
2 (Integer) 1391877099
tsdate (String, 25 characters ) 2014-02-08T11:31:39-05:00
days (String, 2 characters ) 14
live (Integer) 336
3 (String, 47 characters ) de663a415a12442c20dd880c0e8b29ff_1391877099_336
Krumo version 0.2.1a

retrieved hash =>

generated hash => 277ae8b9747346d010791e0098dc5255

... (Array, 7 elements)
0 (String, 32 characters ) 277ae8b9747346d010791e0098dc5255
1 (String, 32 characters ) 04ee3c0370e948770c8c7c720f9bc3f7
2 (Integer) 1391877099
tsdate (String, 25 characters ) 2014-02-08T11:31:39-05:00
days (String, 2 characters ) 14
live (Integer) 336
3 (String, 47 characters ) 04ee3c0370e948770c8c7c720f9bc3f7_1391877099_336
Krumo version 0.2.1a

retrieved hash =>

generated hash => 4321366af4f9ef9284154e479f08cf34

... (Array, 7 elements)
0 (String, 32 characters ) 4321366af4f9ef9284154e479f08cf34
1 (String, 32 characters ) f43e58738b6fd477cbbdf328ba252903
2 (Integer) 1391877099
tsdate (String, 25 characters ) 2014-02-08T11:31:39-05:00
days (String, 2 characters ) 14
live (Integer) 336
3 (String, 47 characters ) f43e58738b6fd477cbbdf328ba252903_1391877099_336
Krumo version 0.2.1a

retrieved hash =>

generated hash => 3759c10691be230e822de070c686e9b6

... (Array, 7 elements)
0 (String, 32 characters ) 3759c10691be230e822de070c686e9b6
1 (String, 32 characters ) 068d6c12eabfbcc9b3791c843acb394c
2 (Integer) 1391877099
tsdate (String, 25 characters ) 2014-02-08T11:31:39-05:00
days (String, 2 characters ) 14
live (Integer) 336
3 (String, 47 characters ) 068d6c12eabfbcc9b3791c843acb394c_1391877099_336
Krumo version 0.2.1a

AFAIK, this should be regarded as having minor impact as normally there should not be any contacts with empty hash fields. We are not sure how it happened but about 2% of the contacts in one client database had NULL in the hash field. In those cases the first few links using a checksum in the sent email were invalid.

I am wondering if a scheduled task to set the contact hash field if any are found to be null would be prudent?