View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0000795 | Main CAcert Website | account administration | public | 2009-12-01 23:48 | 2013-05-01 01:11 |
Reporter | iang | Assigned To | NEOatNHNG | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | fixed | ||
Product Version | 2009 Q1 | ||||
Fixed in Version | 2013 Q1 | ||||
Summary | 0000795: contact form does not signal whether filed request is senstive or open | ||||
Description | http://www.cacert.org/index.php?id=11 has two post boxes for sending information to support; one for open info, and one for sensitive info. The result that turns up at support@ has no clues to indicate which is which, ruining the use of the separation. | ||||
Additional Information | The subject line should be adjusted to include a keyword such as SENSITIVE. The text should be surrounded by both a header & footer with the keyword as above or somesuch, with some drawn lines to differentiate the text. | ||||
Tags | No tags attached. | ||||
Reviewed by | Ted, BenBE | ||||
Test Instructions | |||||
related to | 0001021 | closed | INOPIAE | test.cacert.org | contact form on testserver redirects to www.cacert.org |
related to | 0001019 | closed | NEOatNHNG | Main CAcert Website | Contact form does not work when logged in! |
related to | 0000524 | new | Main CAcert Website | Send email of 'contact assurer' dialog to submitter too | |
related to | 0001125 | closed | Main CAcert Website | Testsystem main page, contact form, better text | |
related to | 0000797 | closed | Main CAcert Website | Email form on contact us page lacks format validation |
|
One confusion in the above is that the sensitive box only goes to support@, the other box goes to cacert-support@lists.c.o |
|
proposal: only display 1 form under the free text field add optionbox [ ] with red warning message check only if text includes no sensitive data and text is intended to become public -or- option box { PRIVATE | PUBLIC } after subject line * PRIVATE to be the default Subj: ........................ [PRIVATE|V] Text: ..................................... ..................................... |
|
I add the fix to the github https://github.com/INOPIAE/CAcert/tree/bug-795. Changed contact form to just one form with two different send buttons and added a hidden field robotest for honeypot. in styles/default.css a new style ".robotic" is added for the robotest |
|
From the contact forms account/40.php and index/11.php I send each a mail to support and to the support mailing list. All 4 mails arrived at their destinations =>ok =>ok |
|
* Test Contact form with login (account 40) to support and mailinglist * Test Contact form without login (account 11) to support and mailinglist * use a browser without CSS All 4 mails arrived at their destinations =>ok |
|
logged-off https://cacert1.it-sls.de/index.php?id=11 logged-in https://cacert1.it-sls.de/account.php?id=40 contact form logged-off: Test 795#1 to public list Test 795#2 to private send to support@c.o logged-in: Test 795#3 to public list Test 795#4 to private send to support@c.o => ok verification impossible will be directed to account with email support@c.o |
|
Logged out and logged in each sent to support and mailing list. All 4 mails arrives correctly => Ok. |
|
The typo fix shows in the textes above the send buttons the description of the buttons in quotation marks. => ok |
|
re-tested logged-out, contact form writing to support@c.o (private) received by support@c.o (info from inopiae) |
|
please do second review and move to production |
|
I again sent 4 mails, each logged in and logged out, to Support and to mailing list. All 4 mails arrived where and how they should. |
|
Reviewed 7baaa9a0ac611329539a43031ca3d0e81bba2b5f vs. e44a741615163837f120eea43d474e85136a1d60 Checked in two minor typos. Though I don't like the layout and the texts themselves it's probably not the topic of this bug. Changes are acceptable. Please could anyone else hand this off to critical admins? If noone does, maybe I can do it tomorrow evening... |
|
The patch has been installed on the production server on January 17, 2013. See also: https://lists.cacert.org/wws/arc/cacert-systemlog/2013-01/msg00009.html |
Date Modified | Username | Field | Change |
---|---|---|---|
2009-12-01 23:48 | iang | New Issue | |
2009-12-02 12:17 | iang | Note Added: 0001529 | |
2012-11-29 22:00 | Uli60 | Note Added: 0003373 | |
2012-11-29 22:09 | Uli60 | Note Edited: 0003373 | |
2012-12-04 07:20 | Uli60 | Relationship added | related to 0001021 |
2012-12-04 07:20 | Uli60 | Relationship added | related to 0001019 |
2012-12-04 19:51 | Ted | Relationship added | related to 0000524 |
2012-12-08 05:51 | INOPIAE | Note Added: 0003379 | |
2012-12-08 05:51 | INOPIAE | Assigned To | => BenBE |
2012-12-08 05:51 | INOPIAE | Status | new => fix available |
2012-12-10 21:05 | BenBE | Source_changeset_attached | => cacert-devel testserver 10c90774 |
2012-12-10 21:05 | INOPIAE | Source_changeset_attached | => cacert-devel testserver ad569591 |
2012-12-10 21:05 | INOPIAE | Source_changeset_attached | => cacert-devel testserver 002a2f12 |
2012-12-10 21:05 | INOPIAE | Source_changeset_attached | => cacert-devel testserver 31ce1742 |
2012-12-12 01:20 | INOPIAE | Note Added: 0003400 | |
2012-12-12 01:21 | MartinGummi | Note Added: 0003401 | |
2012-12-12 01:22 | MartinGummi | Note Edited: 0003401 | |
2012-12-12 01:40 | Uli60 | Note Added: 0003402 | |
2012-12-12 08:16 | INOPIAE | Status | fix available => needs review & testing |
2012-12-14 20:24 | Werner Dworak | Note Added: 0003432 | |
2012-12-15 08:49 | INOPIAE | Relationship added | related to 0001125 |
2012-12-18 22:40 | BenBE | Reviewed by | => BenBE |
2012-12-18 23:08 | INOPIAE | Note Added: 0003468 | |
2012-12-19 01:10 | Uli60 | Note Added: 0003473 | |
2012-12-19 01:11 | INOPIAE | Note Added: 0003474 | |
2012-12-19 01:11 | INOPIAE | Assigned To | BenBE => NEOatNHNG |
2012-12-19 01:11 | INOPIAE | Status | needs review & testing => needs review |
2012-12-19 03:44 | Werner Dworak | Note Added: 0003476 | |
2012-12-23 01:04 | Werner Dworak | Relationship added | related to 0000797 |
2013-01-03 22:09 | Ted | Note Added: 0003587 | |
2013-01-03 22:09 | Ted | Status | needs review => ready to deploy |
2013-01-03 22:10 | Ted | Reviewed by | BenBE => Ted, BenBE |
2013-01-15 23:17 | BenBE | Source_changeset_attached | => cacert-devel testserver-stable a52aa808 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable e44a7416 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 05101320 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable f0da20b3 |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 3d71cded |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable f8beb300 |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable eb10111c |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable ce73bc4d |
2013-01-15 23:17 | INOPIAE | Source_changeset_attached | => cacert-devel testserver-stable 203fbe7f |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable fd09d5e3 |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable ceec8f65 |
2013-01-15 23:17 | NEOatNHNG | Source_changeset_attached | => cacert-devel testserver-stable 24114620 |
2013-01-16 04:30 | BenBE | Source_changeset_attached | => cacert-devel release 82dbce51 |
2013-01-17 15:41 | wytze | Note Added: 0003690 | |
2013-01-17 15:41 | wytze | Status | ready to deploy => solved? |
2013-01-17 15:41 | wytze | Fixed in Version | => 2013 Q1 |
2013-01-17 15:41 | wytze | Resolution | open => fixed |
2013-01-17 15:43 | Werner Dworak | Product Version | => 2009 Q1 |
2013-05-01 01:11 | INOPIAE | Status | solved? => closed |