View Issue Details

IDProjectCategoryView StatusLast Update
0000193Main CAcert Websitesource codepublic2006-08-17 03:01
ReporterbluecAssigned Tobluec 
PrioritynormalSeveritytweakReproducibilityalways
Status needs workResolutionopen 
Summary0000193: Need for more race condition warnings
DescriptionIn wot.php line 182 there is a race condition warning that is supposed to warn an assurer if a user modified his data between the time the verification website for the assurer is generated and the time the assurer confirms the assurance (I'm sure of myself).

This is implemented using a md5 hash sum over name+mname+lname+suffix+dob.

If it happens that the assurer forgets to check any of the checkboxes ('User appeared in person', 'I understand the rules', ...) the site displays a warning and asks the assurer to check the checkbox. If it also happens that a user changed his details a new md5 hash will be calculated and his new name/DoB will be displayed.

As an assurer doesn't expect any changes to the details and no warning about the race condition is displayed it might be possible that he just checks the checkbox and submits the form again.

A possible solution would be to perform the race condition checking several times. Once before anything else will be checked and once shortly before the assurance is stored into the database. It would even make sence to check again after the assurance and print a big warning that support should be informed immediatly.

This would also remove the small time frame between the race condition check and the actuall assurance call as a theoretical race condition might be possible there.
TagsNo tags attached.
Reviewed by
Test Instructions

Relationships

related to 0000197 closed in simultaneous operation of assurer and applicant, changed deta can be confirmed 

Activities

duane

2006-08-17 03:01

developer   ~0000585

Patch suggestions?

Issue History

Date Modified Username Field Change
2006-04-04 02:45 bluec New Issue
2006-04-04 20:22 bluec Relationship added related to 0000197
2006-08-17 03:01 duane Status new => needs work
2006-08-17 03:01 duane Assigned To => bluec
2006-08-17 03:01 duane Note Added: 0000585