View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0001019 | Main CAcert Website | my account | public | 2012-03-01 00:23 | 2013-01-15 18:10 |
Reporter | NEOatNHNG | Assigned To | NEOatNHNG | ||
Priority | high | Severity | major | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Fixed in Version | 2012 Q3 | ||||
Summary | 0001019: Contact form does not work when logged in! | ||||
Description | When using the contact form while logged in, the form doesn't show the success page and does not send an email to support@cacert.org (have not tried whether mailing list works). | ||||
Additional Information | This is a pretty critical issue as support requests, disputes, vulnerability reports etc. send via this form in logged in state gets lost without a trace! | ||||
Tags | No tags attached. | ||||
Reviewed by | dastrath, NEOatNHNG | ||||
Test Instructions | |||||
|
First preliminary fix to disable the form temporarily. Real fix will follow later on. Please review. |
|
open contact form, write some text send error message report: This seems like you have cookies or Javascript disabled, cannot continue. browser line in browser is: https://www.cacert.org/index.php untestable --- password login click to "contact us" link at bottom results in: Contact Us To contact us please log out and then use the contact form there or send us an email to support@cacert.org. We are working to fix this situation so you may contact us while staying logged in again. |
|
Login with certificate Use contact form - Error warning is displayed => OK Login with password Use contact form - Error warning is displayed => OK Use contact form logged out: Cannot be test as error message report: This seems like you have cookies or Javascript disabled, cannot continue. browser line in browser is: https://www.cacert.org/index.php [^] Mail seems to be send to support@cacert.org |
|
Did a quick test: - Certificate login - "Contact" linkk in footer Message is shown ==> OK - "Go Home" - Click "Contact Us" Contact form is shown ==> OK |
|
Did code review, 01c885f8fc88cd42c750890b9accf67adfbeee40 vs. 8a7611eb5e18a678f81721d6602b668c2e7bea52 Changes are acceptable. Sent patch request to critical admins, merged into release branch |
|
The fix (more correctly: a quick and dirty workaround) has been applied on the production server on March 8, 2012. |
|
OK, now that the deactivation is in place we have to solve the underlying problem. |
|
Did a quick test: - Password login - "Contact" link in footer Message to Support Mailing List ==> OK Message to Support ==> OK |
|
Login into account Go to contact Send a help request to the mailing list. Msg: Your message has been sent to the general support list. Mail was recieved from mailing list => OK Send a help request to support@c.o. Msg: Your message has been sent. Mail was recieved from support@c.o. => OK Test successful. |
|
The underlying issue was that the target where the data was sent was hard coded and it was wrongly hard coded when logged in. The last two tests took that already into account. Please review. |
|
Logged in to account, go to contact us at bottom Two forms: top and bottom. Mail with random number 4e 58 68 a6 sent through first form. Responds with: Your message has been sent to the general support list. Mail with random number a9 3c e9 70 sent through second form. Responds with: Your message has been sent. Both arrived (INOPIAE) Suggestion: label the two forms clearly, perhaps with "To: support@cacert.org" etc |
|
Dirk has reviewed the patch during the software assessment meeting |
|
Mail sent to critical admins |
|
The fix has been installed on the production server on September 17, 2012. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2012-09/msg00000.html |
|
Solved more than 3 months ago and no complaints. |
Date Modified | Username | Field | Change |
---|---|---|---|
2012-03-01 00:23 | NEOatNHNG | New Issue | |
2012-03-01 00:23 | NEOatNHNG | Assigned To | => NEOatNHNG |
2012-03-01 00:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver bdfd7be8 |
2012-03-01 00:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 9422c4b9 |
2012-03-01 00:55 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 734ad35d |
2012-03-01 00:55 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 01c885f8 |
2012-03-01 00:56 | NEOatNHNG | Note Added: 0002867 | |
2012-03-01 00:56 | NEOatNHNG | Assigned To | NEOatNHNG => Ted |
2012-03-01 00:56 | NEOatNHNG | Status | new => needs review & testing |
2012-03-01 00:57 | NEOatNHNG | Reviewed by | => NEOatNHNG |
2012-03-06 21:26 | Uli60 | Note Added: 0002869 | |
2012-03-06 21:36 | INOPIAE | Note Added: 0002870 | |
2012-03-06 21:37 | Uli60 | Note Edited: 0002869 | |
2012-03-07 18:57 | Ted | Note Added: 0002871 | |
2012-03-07 18:58 | Ted | Reviewed by | NEOatNHNG => Ted, NEOatNHNG |
2012-03-07 18:58 | Ted | Note Added: 0002872 | |
2012-03-07 18:58 | Ted | Status | needs review & testing => ready to deploy |
2012-03-07 19:16 | Ted | Note Edited: 0002872 | |
2012-03-07 21:21 | Ted | Assigned To | Ted => |
2012-03-08 09:58 | wytze | Note Added: 0002873 | |
2012-03-08 09:58 | wytze | Status | ready to deploy => solved? |
2012-03-08 09:58 | wytze | Resolution | open => fixed |
2012-03-08 09:58 | wytze | Assigned To | => wytze |
2012-03-08 10:31 | NEOatNHNG | Note Added: 0002874 | |
2012-03-08 10:31 | NEOatNHNG | Assigned To | wytze => NEOatNHNG |
2012-03-08 10:31 | NEOatNHNG | Status | solved? => needs work |
2012-03-08 10:31 | NEOatNHNG | Reviewed by | Ted, NEOatNHNG => |
2012-03-08 12:45 | NEOatNHNG | Priority | immediate => high |
2012-03-08 12:45 | NEOatNHNG | Severity | block => major |
2012-05-22 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver ab972aa7 |
2012-05-22 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver c15aa191 |
2012-05-22 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 1da58648 |
2012-05-22 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 2e6b80c1 |
2012-05-22 22:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 5de1cb4e |
2012-05-22 23:10 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver eb9ed889 |
2012-05-22 23:10 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver 89c0c15f |
2012-05-22 23:28 | MartinGummi | Note Added: 0003001 | |
2012-05-22 23:29 | INOPIAE | Note Added: 0003002 | |
2012-05-22 23:40 | NEOatNHNG | Reviewed by | => NEOatNHNG |
2012-05-22 23:40 | NEOatNHNG | Note Added: 0003004 | |
2012-05-22 23:40 | NEOatNHNG | Status | needs work => needs review & testing |
2012-05-27 15:07 | JonathanL | Note Added: 0003009 | |
2012-05-27 15:09 | JonathanL | Note Edited: 0003009 | |
2012-05-27 15:14 | INOPIAE | Note Edited: 0003009 | |
2012-08-21 21:26 | NEOatNHNG | Status | needs review & testing => needs review |
2012-09-04 22:44 | NEOatNHNG | Reviewed by | NEOatNHNG => dastrath, NEOatNHNG |
2012-09-04 22:44 | NEOatNHNG | Note Added: 0003181 | |
2012-09-04 22:44 | NEOatNHNG | Status | needs review => ready to deploy |
2012-09-11 20:56 | NEOatNHNG | Note Added: 0003183 | |
2012-09-13 16:50 | NEOatNHNG | Source_changeset_attached | => cacert-devel release 7400caae |
2012-09-17 08:49 | wytze | Note Added: 0003198 | |
2012-09-17 08:49 | wytze | Status | ready to deploy => solved? |
2012-12-04 07:18 | Uli60 | Relationship added | related to 0001021 |
2012-12-04 07:20 | Uli60 | Relationship added | related to 0000795 |
2012-12-26 16:44 | Werner Dworak | Note Added: 0003569 | |
2012-12-26 16:44 | Werner Dworak | Status | solved? => closed |
2013-01-15 18:10 | Werner Dworak | Fixed in Version | => 2012 Q3 |