View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000860 | Main CAcert Website | my account | public | 2010-09-04 11:58 | 2013-03-21 07:20 |
| Reporter | Uli60 | Assigned To | BenBE | ||
| Priority | normal | Severity | tweak | Reproducibility | have not tried |
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2012 Q4 | ||||
| Summary | 0000860: someone accessed your password and secret questions page, plz change pwd translation mixed and garbled, text is tanslated in TL | ||||
| Description | Hallo Name 1st block ok: Sie erhalten .... für ein vergessenes Passwort. 2nd block ok: Wenn Sie die Daten ... .. diese Nachricht ignorieren 3rd block not ok: Wenn Sie aber diese Nachricht ohne erkennbaren Grund erhalten, besteht die Gefahr, daß eine unauthorisierte Person Zugriff hatte auf ihr account, and you should promptly change your password and your hello geheime Fragen und Antworten. 4th block ok: Freundliche Grüsse CAcert Support | ||||
| Steps To Reproduce | message rcvd by user | ||||
| Additional Information | blocks 1, 2, 4 are ok block 3 is mixed despite the fact, the text is translated. the word "hello" cannot be found in translingo and its not one of the secret questions and answers by a user | ||||
| Tags | No tags attached. | ||||
| Reviewed by | NEOatNHNG, BenBE | ||||
| Test Instructions | |||||
| related to | 0000816 | closed | NEOatNHNG | language encoding not correct for non-english pages |
| related to | 0001092 | needs work | NEOatNHNG | Mail is not send on Menue Click when Support Engineer ist looking at it |
| related to | 0001129 | needs review | janmaco | When SE reveals the five secred questions and answers no warning is sent to the member |
| related to | 0000408 | confirmed | Improve the 5 QA warning message sent to the user on 5 QA set access | |
| related to | 0001135 | closed | egal | Extend database table AdminLog et al |
|
|
> Sie erhalten diese Nachricht, weil Sie selber oder id 12429 https://translingo.cacert.org/searchproject.php?edit=12429&pid=1&start=0&l ang=de_DE&search=Sie%20erhalten%20diese%20Nachricht&searchlang=0&fuzzy=2&t ranslated=2#edit Base: You receive this automatic mail since you yourself or Translated: Sie erhalten diese Nachricht, weil Sie selber oder Comment: #: pages/account/13.php:28 soweit korrekt > jemand anderes hat Ihre geheimen Fragen und Antworten abgefragt ??? => results in: No translations for this project have been made. ok, 0000002 id 12433 https://translingo.cacert.org/searchproject.php?edit=12433&pid=1&start=0&l ang=de_DE&search=Ihre%20geheimen%20Fragen&searchlang=0&fuzzy=2&translated= 2#edit Base: someone else looked up your secret questions and answers Translated: jemand anderes Ihre geheimen Fragen und Antworten abgefragt hat Comment: #: pages/account/13.php:29 > für ein vergessenes Passwort. ??? => results in: No translations for this project have been made. manuelle Suche nach "Passwort" (ca 40 Eintraege) 0 results Das beste uebereinstimmende Ergebnis => "nach einem vergessenen Passwort." "Passwort" => "Pass Phrase" => id 3768 "vergessenes" => 0 results ???? Keine Ahnung wo das herkommen soll ...... > Wenn Sie die Daten gesucht oder geändert haben, oder Sie geklickt haben auf id 12427 https://translingo.cacert.org/searchproject.php?edit=12427&pid=1&start=0&l ang=de_DE&search=Wenn%20Sie%20die%20Daten%20gesucht&searchlang=0&fuzzy=2&t ranslated=2#edit Base: If it was you who looked up or changed that data, or clicked Translated: Wenn Sie die Daten gesucht oder geändert haben, oder einen Klick Comment: #: pages/account/13.php:31 > durch das Menü in ihrem Account, dann ist alles korrekt und id 12435 https://translingo.cacert.org/searchproject.php?edit=12435&pid=1&start=0&l ang=de_DE&search=durch%20das%20Men%C3%BC%20in%20ihrem%20Account&searchlang =0&fuzzy=2&translated=2#edit Base: through the menu in your account, everything is in best order and Translated: durch das Menü in Ihrem Account gemacht haben, dann ist alles korrekt und Comment: #: pages/account/13.php:32 > Sie können diese Nachricht ignorieren. id 12436 https://translingo.cacert.org/searchproject.php?edit=12436&pid=1&start=0&l ang=de_DE&search=Sie%20k%C3%B6nnen%20diese&searchlang=0&fuzzy=2&translated =2#edit Base: you can ignore this mail. Translated: Sie können diese Nachricht ignorieren. Comment: #: pages/account/13.php:33 > Wenn Sie aber diese Nachricht ohne erkennbaren Grund erhalten, id 12424 https://translingo.cacert.org/searchproject.php?edit=12424&pid=1&start=0&l ang=de_DE&search=Wenn%20Sie%20aber%20diese%20Nachricht&searchlang=0&fuzzy= 2&translated=2#edit Base: But if you received this mail without a recognisable reason, Translated: Wenn Sie aber diese Nachricht ohne erkennbaren Grund erhalten, Comment: #: pages/account/13.php:34 > besteht die Gefahr, daß eine unauthorisierte Person Zugriff hatte auf Ihr id 12434 https://translingo.cacert.org/searchproject.php?edit=12434&pid=1&start=0&l ang=de_DE&search=besteht%20die%20Gefahr&searchlang=0&fuzzy=2&translated=2# edit Base: there is a danger that an unauthorised person accessed your Translated: besteht die Gefahr, daß eine unauthorisierte Person Zugriff hatte auf Ihr Comment: #: pages/account/13.php:35 > account, and you should promptly change your password and your id 12430 https://translingo.cacert.org/searchproject.php?edit=12430&pid=1&start=0&l ang=de_DE&search=account%2C%20and%20you%20should&searchlang=1&fuzzy=2&tran slated=2#edit Base: account, and you should promptly change your password and your Translated: Account, und Sie sollten sofort Ihr Passwort ändern und Ihre Comment: #: pages/account/13.php:36 > hello not found > geheime Fragen und Antworten. id 12432 https://translingo.cacert.org/searchproject.php?edit=12432&pid=1&start=0&l ang=de_DE&search=Fragen&searchlang=0&fuzzy=2&translated=2#edit Base: secret questions and answers. Translated: geheimen Fragen und Antworten. Comment: #: pages/account/13.php:37 > Freundliche Grüsse id 12428 https://translingo.cacert.org/searchproject.php?edit=12428&pid=1&start=0&l ang=de_DE&search=Freundliche%20Gr%C3%BCsse&searchlang=0&fuzzy=2&translated =2#edit Base: With kind regards, Translated: Freundliche Grüsse Comment: #: pages/account/13.php:39 > CAcert Support id 12425 https://translingo.cacert.org/searchproject.php?edit=12425&pid=1&start=0&l ang=de_DE&search=CAcert%20Support&searchlang=0&fuzzy=2&translated=2#edit Base: CAcert Support Translated: CAcert Support Comment: #: pages/account/13.php:39 |
|
|
See also ticket [s20110517.91] [CAcert.org] Email Mitteilung stating the same problem |
|
|
I have corrected this and some other translations. Please test and review. Changed places: - when changing the primary email address - when changing the password - SE changes password - Look at secret questions - when the assuree has more than 100 points after an assurance |
|
|
Hi <membername>, You receive this automatic mail since you yourself or someone else looked up your secret questions and answers for a forgotten password. If it was you who looked up or changed that data, or clicked through the menu in your account, everything is in best order and you can ignore this mail. But if you received this mail without a recognisable reason, there is a danger that an unauthorised person accessed your account, and you should promptly change your password and your secret questions and answers. Best regards CAcert Support => ok sidenote: message doesn't appear if support-engineer opens account, goes to details |
|
|
I can confirm this bug report from Uli60. The same issue. |
|
|
tested by 2, needs 2nd review, transfer to production |
|
|
The sentence in www/wot.php (lines 336-338): Sentence is missing trailing dot to finish the sentence after closing brackets. Somehow the whole paragraph is a bit borked and should get some better wording. The block in pages/account/13.php should be split into 3 parts, i.e. the individual sentences/paragraphes. Even though they somehow belong together they should be split by their special topic (information, reasoning, warning). Also a word on wrapping long lines in the patch: Please don't. It looks horrible. Especially as some lines are wider than 80 characters and thus there's no reason to enforce anything less. |
|
|
I have worked in the changes requested in 0000860:0003277. Please retest |
|
|
logged in to SE admin account search for a user (Find user) open user in admin console open show secret passwords https://cacert1.it-sls.de/account.php?id=43&userid=171044&showlostpw=yes to trigger an email to user no email received => should probably trigger an email trigger change password ... doesn't trigger an email notfication => should probably trigger an email login to user account my details edit https://cacert1.it-sls.de/account.php?id=13 triggers email support@cacert.org gerhard@w.d [CAcert.org] Email Notification text received --------------------------------------------------------------------------- Hi Gerhard, You receive this automatic mail since you yourself or someone else looked up your secret questions and answers for a forgotten password. If it was you who looked up or changed that data, or clicked through the menu in your account, everything is in best order and you can ignore this mail. But if you received this mail without a recognisable reason, there is a danger that an unauthorised person accessed your account, and you should promptly change your password and your secret questions and answers. Best regards, CAcert Support --------------------------------------------------------------------------- => ok |
|
|
Log into account My points Edit Recieved this mail You receive this automatic mail since you yourself or someone else looked up your secret questions and answers for a forgotten password. If it was you who looked up or changed that data, or clicked through the menu in your account, everything is in best order and you can ignore this mail. But if you received this mail without a recognisable reason, there is a danger that an unauthorised person accessed your account, and you should promptly change your password and your secret questions and answers. Best regards, CAcert Support When looking at the password questions over the SE console no mail is send. |
|
|
tested by 2 if review is passed, good to go |
|
|
The patch has been installed on the production server on November 1, 2012. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2012-11/msg00004.html |
|
|
More than 3 month solved |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2010-09-04 11:58 | Uli60 | New Issue | |
| 2010-12-13 09:31 | Uli60 | Note Added: 0001816 | |
| 2010-12-13 10:09 | NEOatNHNG | Status | new => needs work |
| 2010-12-13 10:09 | NEOatNHNG | Assigned To | => NEOatNHNG |
| 2011-04-30 11:27 | NEOatNHNG | Relationship added | related to 0000816 |
| 2011-05-22 05:38 | INOPIAE | Note Added: 0001978 | |
| 2011-07-26 23:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel master ca081187 |
| 2012-08-24 22:10 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 9bcb765b |
| 2012-08-24 22:10 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 985d0184 |
| 2012-08-24 22:14 | NEOatNHNG | Note Added: 0003146 | |
| 2012-08-24 22:14 | NEOatNHNG | Status | needs work => needs review & testing |
| 2012-08-25 22:42 | NEOatNHNG | Reviewed by | => NEOatNHNG |
| 2012-08-26 15:05 | Uli60 | Note Added: 0003156 | |
| 2012-08-26 15:09 | FabianKnopf | Note Added: 0003157 | |
| 2012-08-26 15:12 | Uli60 | Note Added: 0003158 | |
| 2012-08-26 15:12 | Uli60 | Assigned To | NEOatNHNG => egal |
| 2012-08-26 15:12 | Uli60 | Status | needs review & testing => needs review |
| 2012-08-26 15:18 | Uli60 | Relationship added | related to 0001092 |
| 2012-10-23 21:24 | Uli60 | Assigned To | egal => BenBE |
| 2012-10-28 13:38 | BenBE | Note Added: 0003277 | |
| 2012-10-30 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 28754f9f |
| 2012-10-30 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver d8f6a816 |
| 2012-10-30 22:52 | NEOatNHNG | Note Added: 0003295 | |
| 2012-10-30 22:52 | NEOatNHNG | Status | needs review => needs review & testing |
| 2012-10-30 22:54 | BenBE | Reviewed by | NEOatNHNG => NEOatNHNG, BenBE |
| 2012-10-30 22:54 | BenBE | Status | needs review & testing => needs testing |
| 2012-10-31 00:23 | Uli60 | Note Added: 0003306 | |
| 2012-10-31 00:26 | INOPIAE | Note Added: 0003307 | |
| 2012-10-31 00:39 | Uli60 | Note Added: 0003308 | |
| 2012-10-31 00:39 | Uli60 | Status | needs testing => ready to deploy |
| 2012-10-31 18:45 | BenBE | Source_changeset_attached | => cacert-devel release 7baaa9a0 |
| 2012-11-01 15:51 | wytze | Note Added: 0003315 | |
| 2012-11-01 15:51 | wytze | Status | ready to deploy => solved? |
| 2012-11-01 15:51 | wytze | Resolution | open => fixed |
| 2013-01-07 23:11 | Werner Dworak | Relationship added | related to 0001129 |
| 2013-01-07 23:51 | Werner Dworak | Relationship added | related to 0000408 |
| 2013-01-09 10:42 | Werner Dworak | Relationship added | related to 0001135 |
| 2013-01-13 08:28 | INOPIAE | Fixed in Version | => 2012 Q4 |
| 2013-03-21 07:20 | Werner Dworak | Note Added: 0003830 | |
| 2013-03-21 07:20 | Werner Dworak | Status | solved? => closed |
