View Issue Details

IDProjectCategoryView StatusLast Update
0000602Main CAcert Websitewebsite contentpublic2013-09-04 20:56
ReporterUli60 Assigned To 
PrioritynormalSeveritytweakReproducibilityalways
Status closedResolutionfixed 
Product Version2013 Q1 
Target Version2013 Q2Fixed in Version2013 Q2 
Summary0000602: navigation bar - About CAcert.org Menu section missing if logged in
DescriptionOnce logged in the "About CAcert.org" menu section is missing:
i.e. you want to see the CAcert statistics, you have to
logout to see the "About CAcert.org" menu choice.
This relates to all submenu selections
i.e. Policy, Wiki and other links:
About CAcert.org
    * CAcert News http://blog.cacert.org/
    * Howto Information https://www.cacert.org/help.php
    * Wiki Documentation http://wiki.cacert.org/
    * Policies https://www.cacert.org/policy/
    * Point System https://www.cacert.org/index.php?id=19
    * Disclaimer https://www.cacert.org/policy/NRPDisclaimerAndLicence.php
    * Bug Database http://bugs.cacert.org/
    * CAcert Statistics https://www.cacert.org/stats.php
    * RSS News Feed http://blog.cacert.org/feed/
    * CAcert Board https://www.cacert.org/index.php?id=8
    * Mailing Lists https://lists.cacert.org/cgi-bin/mailman/listinfo
    * Sourcecode https://www.cacert.org/src-lic.php

TagsNo tags attached.
Reviewed byNEOatNHNG, BenBE
Test Instructions

Relationships

related to 0000671 solved?Uli60 cms pages in online website need review for deprecation 
related to 0000940 closedTed Outsource Webdb text pages help.php?id=0..9 to wiki 

Activities

Uli60

2011-04-16 00:48

updater   ~0001926

principle solution is to add
    <? include("about_menu.php"); ?>
into /includes/account_stuff.php
after "Disputes/Abuses" and before "Advertising", but adding makes no sense as the links mostly goes onto "external" websites. return to the main site ends in "logged out" mode, but logged-in state still active.
entering a link like <website>/wot.php?id=10 (my points), the system switches back to logged-in mode state.

So there is a general logical problem between logged-out and logged-in state and available menu options. By adding "About" menu section within the account_stuff.php doesn't change anything on returning from the visited links - it shows everytime the logged-off state

Uli60

2013-01-15 08:40

updater   ~0003657

Last edited: 2013-01-15 08:57

View 3 revisions

2013-01-15 the problem still persists !
All About CAcert.org links are only available, once you logout
eg Policies, CAcert Board link and other links that are under Main Menu section About CAcert.org (that is available in logged-out state) are not available
whole Main Menu section About CAcert.org is missing

Logged-In
----------
CAcert.org
    Go Home
    Logout
+ My Details
+ Email Accounts
+ Client Certificates
+ GPG/PGP Keys
+ Domains
+ Server Certificates
+ CAcert Web of Trust
+ CAP Forms
+ Disputes/Abuses

Logged-Out
------------
Join CAcert.org
 Join
 Community Agreement
 Root Certificate
My Account
 Password Login
 Lost Password
 Net Cafe Login
 Certificate Login
+ About CAcert.org
+ Translations
Advertising


Logged-In to become
Logged-In
----------
CAcert.org
    Go Home
    Logout
+ My Details
+ Email Accounts
+ Client Certificates
+ GPG/PGP Keys
+ Domains
+ Server Certificates
+ CAcert Web of Trust
+ CAP Forms
+ Disputes/Abuses
+ About CAcert.org <===== !!!!!!!

Uli60

2013-01-15 09:18

updater  

account_stuff.php (13,111 bytes)   
<? /*
    LibreSSL - CAcert web application
    Copyright (C) 2004-2008  CAcert Inc.

    This program is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; version 2 of the License.

    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with this program; if not, write to the Free Software
    Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
*/

	$id = 0; if(array_key_exists("id",$_REQUEST)) $id=intval($_REQUEST['id']);
	$expand="";

	function showheader($title = "CAcert.org", $title2 = "")
	{
		global $id, $PHP_SELF;
	$expand="";
	$tmpid = $id;
	if($PHP_SELF == "/wot.php")
		$tmpid = $id + 500;
	if($PHP_SELF == "/gpg.php")
		$tmpid = $id + 1000;
	if($PHP_SELF == "/disputes.php")
		$tmpid = $id + 1500;
	if($PHP_SELF == "/advertising.php")
		$tmpid = $id + 2000;

	switch($tmpid)
	{
		case 1:
		case 2: $expand = " explode('emailacc');"; break;
		case 3:
		case 4:
		case 5:
		case 6: $expand = " explode('clicerts');"; break;
		case 7:
		case 8:
		case 9: $expand = " explode('domains');"; break;
		case 10:
		case 11:
		case 12:
		case 15: $expand = " explode('servercert');"; break;
		case 13:
		case 14:
		case 36:
		case 41:
		case 507:
		case 508:
		case 513: $expand = " explode('mydetails');"; break;
		case 16:
		case 17:
		case 18:
		case 19: $expand = " explode('clientorg');"; break;
		case 20:
		case 21:
		case 22:
		case 23: $expand = " explode('serverorg');"; break;
		case 24:
		case 25:
		case 26:
		case 27:
		case 28:
		case 29:
		case 30:
		case 31:
		case 32:
		case 33:
		case 34:
		case 35: $expand = " explode('orgadmin');"; break;
		case 42:
		case 43:
		case 44:
		case 45:
		case 46:
		case 47:
		case 48:
		case 49:
		case 50:
		case 54:
		case 53: $expand = " explode('sysadmin');"; break;
		case 500:
		case 501:
		case 502:
		case 503:
		case 504:
		case 505:
		case 506:
		case 509:
		case 510:
		case 511:
		case 512: $expand = " explode('WoT');"; break;
		case 1000:
		case 1001:
		case 1002:
		case 1003:
		case 1004:
		case 1005:
		case 1006:
		case 1007:
		case 1008:
		case 1009:
		case 1010: $expand = " explode('gpg');"; break;
		case 1500:
		case 1501:
		case 1502:
		case 1503:
		case 1504:
		case 1505:
		case 1506:
		case 1507:
		case 1508:
		case 1509:
		case 1510: $expand = " explode('disputes');"; break;
		case 2000:
		case 2001:
		case 2002:
		case 2003:
		case 2004:
		case 2005:
		case 2006:
		case 2007:
		case 2008:
		case 2009: $expand = " explode('advertising');"; break;
	}

?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title><?=$title?></title>
<? if(array_key_exists('header',$_SESSION) && $_SESSION['_config']['header'] != "") { ?><?=$_SESSION['_config']['header']?><? } ?>
<link rel="stylesheet" href="/styles/default.css" type="text/css" />
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<script language="JavaScript" type="text/javascript">
function explode(e) {
    if (document.getElementById(e).style.display == 'none') {
        document.getElementById(e).style.display = 'block';
    } else {
        document.getElementById(e).style.display = 'none';
    }
}

function hideall() {
        var Nodes = document.getElementsByTagName('ul')
        var max = Nodes.length
        for(var i = 0;i < max;i++) {
                var nodeObj = Nodes.item(i)
		if (nodeObj.className == "menu") {
	                nodeObj.style.display = 'none';
		}
        }
}
</script>
</head>
<body onload="hideall(); explode('home');<?=$expand?>">
 <div id="pagecell1">
  <div id="pageName"><br>
    <div id="pageLogo"><a href="http://<?=$_SESSION['_config']['normalhostname']?>"><img src="/images/cacert4.png" border="0" alt="CAcert.org logo"></a></div>
    <div id="googlead"><h2><?=_("Free digital certificates!")?></h2></div>
  </div>
  <div id="pageNav">
    <div class="relatedLinks">
      <h3>CAcert.org</h3>
      <ul class="menu" id="home"><li><a href="/index.php"><?=_("Go Home")?></a></li><li><a href="account.php?id=logout"><?=_("Logout")?></a></li></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('mydetails')">+ <?=_("My Details")?></h3>
      <ul class="menu" id="mydetails"><li><a href="account.php?id=13"><?=_("Edit")?></a></li><li><a href="account.php?id=14"><?=_("Change Password")?></a></li><li><a href="account.php?id=41"><?=_("Default Language")?></a></li><li><a href="wot.php?id=8"><?=_("My Listing")?></a></li><li><a href="wot.php?id=13"><?=_("My Location")?></a></li><li><a href="account.php?id=36"><?=_("My Alert Settings")?></a></li><li><a href="wot.php?id=10"><?=_("My Points")?></a></li><?
	if($_SESSION['profile']['id'] == 1 || $_SESSION['profile']['id'] == 5897)
		echo "<li><a href='sqldump.php'>SQL Dump</a></li>";
	?></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('emailacc')">+ <?=_("Email Accounts")?></h3>
      <ul class="menu" id="emailacc"><li><a href="account.php?id=1"><?=_("Add")?></a></li><li><a href="account.php?id=2"><?=_("View")?></a></li></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('clicerts')">+ <?=_("Client Certificates")?></h3>
      <ul class="menu" id="clicerts"><li><a href="account.php?id=3"><?=_("New")?></a></li><li><a href="account.php?id=5"><?=_("View")?></a></li></ul>
    </div>
<? if($_SESSION['profile']['points'] >= 50) { ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('gpg')">+ <?=_("GPG/PGP Keys")?></h3>
      <ul class="menu" id="gpg"><li><a href="gpg.php?id=0"><?=_("New")?></a></li><li><a href="gpg.php?id=2"><?=_("View")?></a></li></ul>
    </div>
<? } ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('domains')">+ <?=_("Domains")?></h3>
      <ul class="menu" id="domains"><li><a href="account.php?id=7"><?=_("Add")?></a></li><li><a href="account.php?id=9"><?=_("View")?></a></li></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('servercert')">+ <?=_("Server Certificates")?></h3>
      <ul class="menu" id="servercert"><li><a href="account.php?id=10"><?=_("New")?></a></li><li><a href="account.php?id=12"><?=_("View")?></a></li></ul>
    </div>
<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('clientorg')">+ <?=_("Org Client Certs")?></h3>
      <ul class="menu" id="clientorg"><li><a href="account.php?id=16"><?=_("New")?></a></li><li><a href="account.php?id=18"><?=_("View")?></a></li></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('serverorg')">+ <?=_("Org Server Certs")?></h3>
      <ul class="menu" id="serverorg"><li><a href="account.php?id=20"><?=_("New")?></a></li><li><a href="account.php?id=22"><?=_("View")?></a></li></ul>
    </div>
<? } ?>
<? if(mysql_num_rows(mysql_query("select * from `org` where `memid`='".intval($_SESSION['profile']['id'])."'")) > 0 || $_SESSION['profile']['orgadmin'] == 1) { ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('orgadmin')">+ <?=_("Org Admin")?></h3>
      <ul class="menu" id="orgadmin"><? if($_SESSION['profile']['orgadmin'] == 1) { ?><li><a href="account.php?id=24"><?=_("New Organisation")?></a></li><li><a href="account.php?id=25"><?=_("View Organisations")?></a></li><? } ?><li><a href="account.php?id=35"><?=_("View")?></a></li></ul>
    </div>
<? } ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('WoT')">+ <?=_("CAcert Web of Trust")?></h3>
      <ul class="menu" id="WoT"><li><a href="wot.php?id=0"><?=_("About")?></a></li><li><a href="wot.php?id=12"><?=_("Find an Assurer")?></a></li><li><a href="wot.php?id=3"><?=_("Rules")?></a></li><li><? if($_SESSION['profile']['assurer'] != 1) { ?><a href="wot.php?id=2"><?=_("Becoming an Assurer")?></a><? } else { ?><a href="wot.php?id=5"><?=_("Assure Someone")?></a><? } ?></li><li><a href="wot.php?id=4"><?=_("Trusted ThirdParties")?></a></li><? if($_SESSION['profile']['points'] >= 500) { ?><li><a href="wot.php?id=11"><div style="white-space:nowrap"><?=_("Organisation Assurance")?></div></a></li><? } ?><li><a href="account.php?id=55"><?=_("Training")?></a></li></ul>
    </div>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('WoTForms')">+ <?=_("CAP Forms")?></h3><?
        $name = $_SESSION['profile']['fname']." ".$_SESSION['profile']['mname']." ".$_SESSION['profile']['lname']." ".$_SESSION['profile']['suffix'];
        while(strstr($name, "  "))
                $name = str_replace("  ", " ", $name);
        $extra = "?name=".urlencode($name);
	$extra .= "&amp;dob=".urlencode($_SESSION['profile']['dob']);
        $extra .= "&amp;email=".urlencode($_SESSION['profile']['email']);

	$extra2 = "?assurer=".urlencode($name)."&amp;date=now&amp;maxpoints=".maxpoints();
?>
      <ul class="menu" id="WoTForms">
         <li><a href="/cap.php<?=$extra?>">A4 - <?=_("WoT Form")?></a></li>
	 <li><a href="/cap.php<?=$extra?>&amp;format=letter">US - <?=_("WoT Form")?></a></li>
	<? /* <li><div style="white-space:nowrap"><a href="/ttp.php<?=$extra?>">A4 - <?=_("TTP Form")?></a></div></li>
	 <li><div style="white-space:nowrap"><a href="/ttp.php<?=$extra?>&amp;format=letter">US - <?=_("TTP Form")?></a></div></li> */
	?>
	 <? if($_SESSION['profile']['points'] > 100) { ?><li><div style="white-space:nowrap"><a href="/cap.php<?=$extra2?>">A4 - <?=_("Assurance Form")?></a></div></li>
	 <li><div style="white-space:nowrap"><a href="/cap.php<?=$extra2?>&amp;format=letter">US - <?=_("Assurance Form")?></a></div></li>
	 <? } ?>
	 <? /*
	  <li><div style="white-space:nowrap"><a href="/ttp.php">A4 - <?=_("Blank TTP Form")?></a></div></li>
	  <li><div style="white-space:nowrap"><a href="/ttp.php?&amp;format=letter">US - <?=_("Blank TTP Form")?></a></div></li>
	 */ ?>
	 <li><div style="white-space:nowrap"><a href="/cap.php">A4 - <?=_("Blank CAP Form")?></a></div></li>
	 <li><div style="white-space:nowrap"><a href="/cap.php?&amp;format=letter">US - <?=_("Blank CAP Form")?></a></div></li></ul>
    </div>
<? if($_SESSION['profile']['admin'] == 1 || $_SESSION['profile']['locadmin'] == 1) { ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('sysadmin')">+ <?=_("System Admin")?></h3>
      <ul class="menu" id="sysadmin"><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="account.php?id=42"><?=_("Find User")?></a></li><li><a href="account.php?id=48"><?=_("Find Domain")?></a></li><? } if($_SESSION['profile']['locadmin'] == 1) { ?><li><a href="account.php?id=53"><?=_("Location DB")?></a></li><? } ?></ul>
    </div>
<? } ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('disputes')">+ <?=_("Disputes/Abuses")?></h3>
      <ul class="menu" id="disputes"><li><a href="disputes.php?id=0"><?=_("More Information")?></a></li><li><a href="disputes.php?id=1"><?=_("Email Dispute")?></a></li><li><a href="disputes.php?id=2"><?=_("Domain Dispute")?></a></li><? if($_SESSION['profile']['admin'] == 1) { ?><li><a href="disputes.php?id=3"><?=_("Abuses")?></a></li><? } ?></ul>
    </div>
<? if($_SESSION['profile']['adadmin'] >= 1) { ?>
    <div class="relatedLinks">
      <h3 class="pointer" onclick="explode('advertising')">+ <?=_("Advertising")?></h3>
      <ul class="menu" id="advertising"><li><a href="advertising.php?id=1"><?=_("New Ad")?></a></li><li><a href="advertising.php?id=0"><?=_("View Ads")?></a></li></ul>
    </div>
<? } ?>
  </div>
    <? include("about_menu.php"); ?>
  <div id="content">
    <div class="story">
      <h3><?=$title2?></h3>
<? if($_SESSION['_config']['errmsg'] != "") { ?>
<p><font color="#ff0000" size="+2"><? echo $_SESSION['_config']['errmsg']; $_SESSION['_config']['errmsg'] = ""; ?> </font></p>
<? } ?>
<?
	}

	function showfooter()
	{
?>
      </div>
    </div>
  <div id="siteInfo"><a href="//wiki.cacert.org/FAQ/AboutUs"><?=_("About Us")?></a> | <a href="account.php?id=38"><?=_("Donations")?></a> | <a href="http://wiki.cacert.org/wiki/CAcertIncorporated"><?=_("Association Membership")?></a> |
	<a href="/policy/PrivacyPolicy.html"><?=_("Privacy Policy")?></a> | <a href="account.php?id=40"><?=_("Contact Us")?></a>
		| &copy;2002-<?=date("Y")?> <?=_("by CAcert")?></div>
</div>  
</body>             
</html><?
	}
account_stuff.php (13,111 bytes)   

Uli60

2013-01-15 09:19

updater   ~0003659

modified
/includes/account_stuff.php
that includes "About CAcert.Org"
inclusion -> include(about_menu.php)

INOPIAE

2013-01-15 23:41

updater   ~0003671

pushed fix to https://github.com/INOPIAE/CAcert/commit/bug-602

BenBE

2013-01-17 22:58

updater   ~0003695

Please test and review.

BTW: Shouldn't also the account menu be available while logged in; or at least an easy wa to return to the profile.

Werner Dworak

2013-01-18 08:22

updater   ~0003701

Last edited: 2013-01-19 07:51

View 3 revisions

Regarding the list in "Description" I can find

About CAcert.org
   * CAcert News
   * Wiki Documentation
   * Policies
   * Point System
   * Bug Database
   * CAcert Statistics
   * RSS News Feed
   * CAcert Board
   * Mailing Lists
   * Sourcecode

on the life system logged out
on the test system logged out
on the test system logged in

So far --> Ok

The entries CAcert News, Wiki Documentation, Point System, Bug Database, RSS News Feed, CAcert Board and Mailing Lists lead to external places, so no problem. Just hit "Back" or go to the previous window and you are where you was.

But the entries Policies, CAcert Statistics and Sourcecode show a logged out state. How is the real logged-in state? Even if the member stays logged in, the display is really mind-boggling, even if you could hit "Back" or go to the previous window. You should clearly stay in the logged-in menu.

This is --> NOT ok

Additionally, the entries

   * Howto Information
   * Disclaimer

I cannot find on any of the three places neither in the menu "About CAcert.org" nor at another spot on that page. Where should they be?

Besides that, the given link https://www.cacert.org/help.php leads to a non existent page. And the given link https://www.cacert.org/policy/NRPDisclaimerAndLicence.php leads to the NRP-DaL which is obsolete and replaced by the RDL. So I regard both entries as bogus.

This is --> NOT ok

INOPIAE

2013-01-18 08:37

updater   ~0003702

please use GitHub for your changes

Uli60

2013-01-22 22:09

updater   ~0003718

Last edited: 2013-01-22 22:30

View 3 revisions

* Howto Information
   * Disclaimer
is no longer in about section (has been removed for a while)
this has nothing to do with bug 602 nor
https://bugs.cacert.org/view.php?id=940

   * Howto Information https://www.cacert.org/help.php
has been replaced in bug#940 with wiki pages, so there is no more direct link in about section (ignore)
https://cacert1.it-sls.de/help.php is a backwards compatibility link (moved to wiki) this is as expected under bug 940
link may be used from other source code, external links, but no longer under About CAcert section
=> ok, as expected

same happens with link https://www.cacert.org/policy/NRPDisclaimerAndLicence.php
the NRP-DaL php still resides for backward compatibility (as its fixed in roots cert details or elsewhere) saying moved to RDL
see RDL replaces NRP-DaL bug
=> ok, as expected, and ok, thats no longer under About CAcert

remaining About CAcert subtops:
- CAcert News
- Wiki Documentation
- Policies
- Point System
- Bug Database
- CAcert Statistics
- RSS News Feed
- CAcert Board
- Mailing Lists
- Sourcecode

original bug reported 2008-08-26, that included some more links that are no longer available under About CAcert org, not in production, not on the testserver
about_menu.php probably outsourced/last modified in Sept 2011
=> ok

Uli60

2013-01-22 22:26

updater   ~0003719

Logged-Out
-----------
CAcert News links to http://blog.cacert.org/
=> ok

Wiki Documentation links to http://wiki.cacert.org/
=> ok

Policies links to https://cacert1.it-sls.de/policy/
=> ok
   from policies back to system is as expected, as Policies
   have no active scripting code (only pure html)
   and therefor handling of backlinks is not possible
   -> as expected

Point System links to https://wiki.cacert.org/FAQ/Privileges
=> ok

Bug Database links to http://bugs.cacert.org/
=> ok

CAcert Statistics links to https://cacert1.it-sls.de/stats.php
=> ok

RSS News Feed links to http://blog.cacert.org/feed/
=> ok

CAcert Board links to https://wiki.cacert.org/Board
=> ok

Mailing Lists links to https://lists.cacert.org/wws
=> ok

Sourcecode links to https://cacert1.it-sls.de/src-lic.php
   (confirmation page before download is possible)
=> ok

Logged-In
---------
same of above for all links under Logged-In
(same source /includes/about_menu.php)

Uli60

2013-01-22 22:54

updater   ~0003720

before fix:
to find the policy links, stats pages and so on requires logout
to reach the About CAcert menu

with the fix, the links are also available under logged-in state
under new About CAcert section
exit of the sublinks goes to logged-out state as before

Uli60

2013-01-22 23:19

updater   ~0003721

reported problems (missing links) are no longer subject to about cacert org section (see linked other bug#'s)
logged-out state is as expected
all links moves out of About CAcert org secured (webdb) areas (problems with session handling passthrough thru non-active html code, wiki pages and so on)
so therefor no addtl. session handling possible to the About CAcert org section
to prevent closure of session all sublinks can be opened in new window/new tab (whatever the user prefers)

Uli60

2013-01-23 00:53

updater   ~0003725

Last edited: 2013-01-23 00:58

View 4 revisions

old references moved:
Root Cert - Details - CA Cert Signing Authority - Netscape Cert CA-rules URL
http://www.cacert.org/index.php?id=10
info moved with link to http://www.cacert.org/policy/PrivacyPolicy.html

NRP-DaL document linked mainly in CCA, DRP just fixed, all COD4 references in CPS
(http://www.cacert.org/policy/CertificationPracticeStatement.php approx 5 links)

to get an idea on how many places probably links needs to be fixed in documents, sources, articels, presentations, forms and much more can be seen in documentation to the Class3 Subroot replacement project
https://wiki.cacert.org/Roots/Class3ResignProcedure/FingerprintSources

in www.cacert.org, wiki, svn, blog, and maybe more

Werner Dworak

2013-01-23 18:31

updater   ~0003727

The entries Policies, CAcert Statistics and Sourcecode still show a logged out state. Obviously there is nothing fixed in the meantime. Since the member stays logged in, the display is really misleading. You could hit "Back" or go to the previous window which shows the logged in state. But he member should clearly stay in the logged-in state and should therefore see the logged-in menu.

This is --> NOT ok

Uli60

2013-04-30 20:19

updater   ~0003927

sidenote by BenBE in SA telco 2013-04-30:
https://bugs.cacert.org/view.php?id=602#c3727
report behaviour is status quo of current production system

INOPIAE

2013-04-30 20:25

updater   ~0003928

All 10 Links
About CAcert.org
   * CAcert News
   * Wiki Documentation
   * Policies
   * Point System
   * Bug Database
   * CAcert Statistics
   * RSS News Feed
   * CAcert Board
   * Mailing Lists
   * Sourcecode
work when logged in => ok
work when logged out => ok
=>ok

MartinGummi

2013-04-30 20:33

updater   ~0003929

Last edited: 2013-04-30 20:35

View 4 revisions

Why different links wit // http:// and https://

i think better all with //

href="http://blog.cacert.org/">CAcert-Nachrichten</a>
href="http://wiki.CAcert.org/">Wiki-Dokumentation</a>
href="/policy/">Richtlinien</a>
href="//wiki.cacert.org/FAQ/Privileges">Punkte-System</a>
href="http://bugs.CAcert.org/">Fehler-Datenbank</a>
href="/stats.php">CAcert-Statistik</a>
href="http://blog.CAcert.org/feed/">RSS-Nachrichten-Feed</a>
href="//wiki.cacert.org/Board">CAcert-Vorstand</a>
href="https://lists.cacert.org/wws">Mailinglisten</a>
href="/src-lic.php">Quellcode</a>

MartinGummi

2013-04-30 20:40

updater   ~0003930

All 10 Links
About CAcert.org
   * CAcert News
   * Wiki Documentation
   * Policies
   * Point System
   * Bug Database
   * CAcert Statistics
   * RSS News Feed
   * CAcert Board
   * Mailing Lists
   * Sourcecode
work when logged in => ok
work when logged out => ok
=>ok

INOPIAE

2013-05-01 08:20

updater   ~0003945

please review as at least to positive test available

Uli60

2013-05-01 11:32

updater   ~0003952

comment on https://bugs.cacert.org/view.php?id=602#c3929

> Why different links wit // http:// and https://
> i think better all with //

1. this patch doesn't handle link corrections, the used links are status quo on production
2. we now move, having all links in 2 different areas: Logged-Out state, Logged-In state, so varies in http or https current state by the user


3. Links in detail
 a. href="http://blog.cacert.org/">CAcert-Nachrichten</a> [^]
    the blog is an "external" source in relation to the webdb system, w/o logging into the blog, the default access is via port 80
 b. href="http://wiki.CAcert.org/">Wiki-Dokumentation</a> [^]
    the wiki is an "external" source in relation to the webdb. common usage for readers is http (read/only)
 c. href="/policy/">Richtlinien</a>
    references an "internal" link within the webdb, so one user is logged-in,
    his main url is https://secure.cacert.org
    the next one clicks the link in the logged-out state, so the main url is http://www.cacert.org
    /policy/ takes care of these different usage sections
 d. href="//wiki.cacert.org/FAQ/Privileges">Punkte-System</a>
    this link follows an old recommendation, to remove the http: or https: so users gets there corrosponding
    main url by either http or https.
    In later SA telco we've decided to move to the strict https variant with full main url
    but this doesn't cover the general "About CAcert" section, where users w/o having the roots imported
    wants some infos
    not logged-in the link becomes -> http://wiki.cacert.org/FAQ/Privileges
    logged-in (pwd login, cacert1) -> https://wiki.cacert.org/FAQ/Privileges
    client cert logged-in (secure1) -> https://wiki.cacert.org/FAQ/Privileges
 e. href="http://bugs.CAcert.org/">Fehler-Datenbank</a> [^]
    bugs is another "external" system. Default access for new users is http (see d.)
 f. href="/stats.php">CAcert-Statistik</a>
    is an "internal" section, so either way users accesses this link, they'll get it, same as C.
 g. href="http://blog.CAcert.org/feed/">RSS-Nachrichten-Feed</a> [^]
    same as a.
 h. href="//wiki.cacert.org/Board">CAcert-Vorstand</a>
    dependend if the user has the roots installed and accesses the webdb via port 80 or port 443
    the user gets linked to the corrosponding port
 i. href="https://lists.cacert.org/wws">Mailinglisten</a> [^]
    there is no port 80 available for the listserver, there is only one access possible through 443
 j. href="/src-lic.php">Quellcode</a>
    same as C.

Werner Dworak

2013-05-01 18:24

updater   ~0003971

Retested: Menu item "About CAcert.org" available when logged out and logged in --> ok
The external links are correct anyway.
The internal links "Policies", "CAcert Statistics" and "Sourcecode" don't show the logged-in menu but the logged-out menu, but this is handled by another bug# (yet to enter)

NEOatNHNG

2013-05-07 21:06

administrator   ~0003977

Second review is OK. The remarks about the non-logged in view (especially no possibility to log out) in some pages while still being logged in is to be handled in a separate bug.

BenBE

2013-05-13 19:21

updater   ~0003988

Transferred to critical.

wytze

2013-05-14 09:41

developer   ~0003996

The patch has been installed on the production server on May 14, 2013. See also:
https://lists.cacert.org/wws/arc/cacert-systemlog/2013-05/msg00004.html

Issue History

Date Modified Username Field Change
2008-08-25 23:06 Uli60 New Issue
2011-04-16 00:48 Uli60 Note Added: 0001926
2011-04-16 00:48 Uli60 Status new => closed
2011-04-16 00:48 Uli60 Fixed in Version => production
2011-04-16 00:48 Uli60 Resolution open => fixed
2011-04-16 00:48 Uli60 Assigned To => Uli60
2013-01-15 02:54 Werner Dworak Fixed in Version => 2011 Q2
2013-01-15 08:40 Uli60 Note Added: 0003657
2013-01-15 08:40 Uli60 Status closed => needs work
2013-01-15 08:40 Uli60 Resolution fixed => reopened
2013-01-15 08:40 Uli60 Fixed in Version 2011 Q2 =>
2013-01-15 08:56 Uli60 Note Edited: 0003657 View Revisions
2013-01-15 08:57 Uli60 Note Edited: 0003657 View Revisions
2013-01-15 09:18 Uli60 File Added: account_stuff.php
2013-01-15 09:19 Uli60 Note Added: 0003659
2013-01-15 09:19 Uli60 Status needs work => fix available
2013-01-15 09:20 Uli60 Assigned To Uli60 => BenBE
2013-01-15 23:41 INOPIAE Note Added: 0003671
2013-01-17 22:58 BenBE Reviewed by => BenBE
2013-01-17 22:58 BenBE Note Added: 0003695
2013-01-17 22:58 BenBE Status fix available => needs review & testing
2013-01-17 22:58 BenBE Product Version => 2013 Q1
2013-01-17 23:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 30a1de6c
2013-01-17 23:00 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 770efff8
2013-01-18 00:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 4a942875
2013-01-18 00:00 BenBE Source_changeset_attached => cacert-devel testserver-stable 4e8d7d58
2013-01-18 08:22 Werner Dworak Note Added: 0003701
2013-01-18 08:37 INOPIAE Note Added: 0003702
2013-01-18 08:37 INOPIAE Assigned To BenBE => Uli60
2013-01-18 08:37 INOPIAE Status needs review & testing => needs work
2013-01-18 09:08 Werner Dworak Note Edited: 0003701 View Revisions
2013-01-19 07:51 Werner Dworak Note Edited: 0003701 View Revisions
2013-01-22 22:09 Uli60 Note Added: 0003718
2013-01-22 22:09 Uli60 Relationship added related to 0000671
2013-01-22 22:10 Uli60 Relationship added related to 0000940
2013-01-22 22:12 Uli60 Note Edited: 0003718 View Revisions
2013-01-22 22:26 Uli60 Note Added: 0003719
2013-01-22 22:30 Uli60 Note Edited: 0003718 View Revisions
2013-01-22 22:54 Uli60 Note Added: 0003720
2013-01-22 23:19 Uli60 Note Added: 0003721
2013-01-22 23:19 Uli60 Assigned To Uli60 => BenBE
2013-01-22 23:19 Uli60 Status needs work => needs review & testing
2013-01-23 00:53 Uli60 Note Added: 0003725
2013-01-23 00:56 Uli60 Note Edited: 0003725 View Revisions
2013-01-23 00:57 Uli60 Note Edited: 0003725 View Revisions
2013-01-23 00:58 Uli60 Note Edited: 0003725 View Revisions
2013-01-23 18:31 Werner Dworak Note Added: 0003727
2013-04-30 20:19 Uli60 Note Added: 0003927
2013-04-30 20:25 INOPIAE Note Added: 0003928
2013-04-30 20:33 MartinGummi Note Added: 0003929
2013-04-30 20:34 MartinGummi Note Edited: 0003929 View Revisions
2013-04-30 20:34 MartinGummi Note Edited: 0003929 View Revisions
2013-04-30 20:35 MartinGummi Note Edited: 0003929 View Revisions
2013-04-30 20:40 MartinGummi Note Added: 0003930
2013-05-01 08:20 INOPIAE Note Added: 0003945
2013-05-01 08:20 INOPIAE Assigned To BenBE => NEOatNHNG
2013-05-01 08:20 INOPIAE Status needs review & testing => needs review
2013-05-01 11:32 Uli60 Note Added: 0003952
2013-05-01 18:24 Werner Dworak Note Added: 0003971
2013-05-07 21:06 NEOatNHNG Reviewed by BenBE => NEOatNHNG, BenBE
2013-05-07 21:06 NEOatNHNG Note Added: 0003977
2013-05-07 21:06 NEOatNHNG Status needs review => ready to deploy
2013-05-13 19:21 BenBE Note Added: 0003988
2013-05-13 19:23 BenBE Target Version => 2013 Q2
2013-05-13 20:00 BenBE Source_changeset_attached => cacert-devel release 237698fa
2013-05-14 09:41 wytze Note Added: 0003996
2013-05-14 09:41 wytze Status ready to deploy => solved?
2013-05-14 09:41 wytze Fixed in Version => 2013 Q2
2013-05-14 09:41 wytze Resolution reopened => fixed
2013-09-04 20:56 INOPIAE Status solved? => closed
2013-09-04 20:56 INOPIAE Assigned To NEOatNHNG =>