View Issue Details

IDProjectCategoryView StatusLast Update
0000795Main CAcert Websiteaccount administrationpublic2013-05-01 01:11
Reporteriang Assigned ToNEOatNHNG  
PrioritynormalSeverityminorReproducibilityalways
Status closedResolutionfixed 
Product Version2009 Q1 
Fixed in Version2013 Q1 
Summary0000795: contact form does not signal whether filed request is senstive or open
Descriptionhttp://www.cacert.org/index.php?id=11 has two post boxes for sending information to support; one for open info, and one for sensitive info.

The result that turns up at support@ has no clues to indicate which is which, ruining the use of the separation.
Additional InformationThe subject line should be adjusted to include a keyword such as SENSITIVE.

The text should be surrounded by both a header & footer with the keyword as above or somesuch, with some drawn lines to differentiate the text.
TagsNo tags attached.
Reviewed byTed, BenBE
Test Instructions

Relationships

related to 0001021 closedINOPIAE test.cacert.org contact form on testserver redirects to www.cacert.org 
related to 0001019 closedNEOatNHNG Main CAcert Website Contact form does not work when logged in! 
related to 0000524 new Main CAcert Website Send email of 'contact assurer' dialog to submitter too 
related to 0001125 closed Main CAcert Website Testsystem main page, contact form, better text 
related to 0000797 closed Main CAcert Website Email form on contact us page lacks format validation 

Activities

iang

2009-12-02 12:17

developer   ~0001529

One confusion in the above is that the sensitive box only goes to support@, the other box goes to cacert-support@lists.c.o

Uli60

2012-11-29 22:00

updater   ~0003373

Last edited: 2012-11-29 22:09

View 2 revisions

proposal:

only display 1 form
under the free text field
add optionbox [ ] with red warning message
                    check only if text includes no sensitive data
                    and text is intended to become public

-or-

option box { PRIVATE | PUBLIC } after subject line
 * PRIVATE to be the default

Subj: ........................ [PRIVATE|V]
Text: .....................................
      .....................................

INOPIAE

2012-12-08 05:51

updater   ~0003379

I add the fix to the github https://github.com/INOPIAE/CAcert/tree/bug-795.

Changed contact form to just one form with two different send buttons and added a hidden field robotest for honeypot.

in styles/default.css a new style ".robotic" is added for the robotest

INOPIAE

2012-12-12 01:20

updater   ~0003400

From the contact forms account/40.php and index/11.php
I send each a mail to support and to the support mailing list.

All 4 mails arrived at their destinations =>ok

=>ok

MartinGummi

2012-12-12 01:21

updater   ~0003401

Last edited: 2012-12-12 01:22

View 2 revisions

* Test Contact form with login (account 40) to support and mailinglist
 * Test Contact form without login (account 11) to support and mailinglist
 * use a browser without CSS

All 4 mails arrived at their destinations =>ok

Uli60

2012-12-12 01:40

updater   ~0003402

logged-off
https://cacert1.it-sls.de/index.php?id=11
logged-in
https://cacert1.it-sls.de/account.php?id=40

contact form

logged-off:

Test 795#1
to public list

Test 795#2
to private
send to support@c.o


logged-in:
Test 795#3
to public list

Test 795#4
to private
send to support@c.o

=> ok

verification impossible
will be directed to account
with email support@c.o

Werner Dworak

2012-12-14 20:24

updater   ~0003432

Logged out and logged in each sent to support and mailing list. All 4 mails arrives correctly => Ok.

INOPIAE

2012-12-18 23:08

updater   ~0003468

The typo fix shows in the textes above the send buttons the description of the buttons in quotation marks. => ok

Uli60

2012-12-19 01:10

updater   ~0003473

re-tested
logged-out, contact form
writing to support@c.o (private)
received by support@c.o (info from inopiae)

INOPIAE

2012-12-19 01:11

updater   ~0003474

please do second review and move to production

Werner Dworak

2012-12-19 03:44

updater   ~0003476

I again sent 4 mails, each logged in and logged out, to Support and to mailing list. All 4 mails arrived where and how they should.

Ted

2013-01-03 22:09

administrator   ~0003587

Reviewed 7baaa9a0ac611329539a43031ca3d0e81bba2b5f vs. e44a741615163837f120eea43d474e85136a1d60

Checked in two minor typos.

Though I don't like the layout and the texts themselves it's probably not the topic of this bug.

Changes are acceptable.

Please could anyone else hand this off to critical admins? If noone does, maybe I can do it tomorrow evening...

wytze

2013-01-17 15:41

developer   ~0003690

The patch has been installed on the production server on January 17, 2013. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2013-01/msg00009.html

Issue History

Date Modified Username Field Change
2009-12-01 23:48 iang New Issue
2009-12-02 12:17 iang Note Added: 0001529
2012-11-29 22:00 Uli60 Note Added: 0003373
2012-11-29 22:09 Uli60 Note Edited: 0003373 View Revisions
2012-12-04 07:20 Uli60 Relationship added related to 0001021
2012-12-04 07:20 Uli60 Relationship added related to 0001019
2012-12-04 19:51 Ted Relationship added related to 0000524
2012-12-08 05:51 INOPIAE Note Added: 0003379
2012-12-08 05:51 INOPIAE Assigned To => BenBE
2012-12-08 05:51 INOPIAE Status new => fix available
2012-12-10 21:05 BenBE Source_changeset_attached => cacert-devel testserver 10c90774
2012-12-10 21:05 INOPIAE Source_changeset_attached => cacert-devel testserver ad569591
2012-12-10 21:05 INOPIAE Source_changeset_attached => cacert-devel testserver 002a2f12
2012-12-10 21:05 INOPIAE Source_changeset_attached => cacert-devel testserver 31ce1742
2012-12-12 01:20 INOPIAE Note Added: 0003400
2012-12-12 01:21 MartinGummi Note Added: 0003401
2012-12-12 01:22 MartinGummi Note Edited: 0003401 View Revisions
2012-12-12 01:40 Uli60 Note Added: 0003402
2012-12-12 08:16 INOPIAE Status fix available => needs review & testing
2012-12-14 20:24 Werner Dworak Note Added: 0003432
2012-12-15 08:49 INOPIAE Relationship added related to 0001125
2012-12-18 22:40 BenBE Reviewed by => BenBE
2012-12-18 23:08 INOPIAE Note Added: 0003468
2012-12-19 01:10 Uli60 Note Added: 0003473
2012-12-19 01:11 INOPIAE Note Added: 0003474
2012-12-19 01:11 INOPIAE Assigned To BenBE => NEOatNHNG
2012-12-19 01:11 INOPIAE Status needs review & testing => needs review
2012-12-19 03:44 Werner Dworak Note Added: 0003476
2012-12-23 01:04 Werner Dworak Relationship added related to 0000797
2013-01-03 22:09 Ted Note Added: 0003587
2013-01-03 22:09 Ted Status needs review => ready to deploy
2013-01-03 22:10 Ted Reviewed by BenBE => Ted, BenBE
2013-01-15 23:17 BenBE Source_changeset_attached => cacert-devel testserver-stable a52aa808
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable e44a7416
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 05101320
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable f0da20b3
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 3d71cded
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable f8beb300
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable eb10111c
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable ce73bc4d
2013-01-15 23:17 INOPIAE Source_changeset_attached => cacert-devel testserver-stable 203fbe7f
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable fd09d5e3
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable ceec8f65
2013-01-15 23:17 NEOatNHNG Source_changeset_attached => cacert-devel testserver-stable 24114620
2013-01-16 04:30 BenBE Source_changeset_attached => cacert-devel release 82dbce51
2013-01-17 15:41 wytze Note Added: 0003690
2013-01-17 15:41 wytze Status ready to deploy => solved?
2013-01-17 15:41 wytze Fixed in Version => 2013 Q1
2013-01-17 15:41 wytze Resolution open => fixed
2013-01-17 15:43 Werner Dworak Product Version => 2009 Q1
2013-05-01 01:11 INOPIAE Status solved? => closed