phplist

NOTE:: Before reporting an issue, make sure you are running the latest version, currently 3.3.1


View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0015359phplist applicationAuthentication Systempublic03-11-09 00:2506-05-11 23:21
Reporterrrrrob 
PrioritynormalSeveritymajorReproducibilityalways
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version2.10.10 
Target VersionFixed in Version2.10.14 
Summary0015359: User Specific Authentication Pages Loose Formatting
Descriptionwhen the phplis driven site directs a user to a user specific login page (one that needs a password) the formatting of the page becomes generic causing the user to think they have left the current site. This is causing some users to think they have been redirected under false pretenses. It happens when ever they are asked for their password.

There is a complete list of what has been found and done to this point at the following link in the forums

http://forums.phplist.com/viewtopic.php?f=17&t=28879 [^]
Additional InformationHave compared the index files of versions 2.10.9 and 2.10.10 and noticed that most of the changes between the two relate to the unsubscribe function. going to post current findings to the forum as well in more detail.
TagsNo tags attached.
Attached Filesdiff file icon patch-15359.diff [^] (408 bytes) 11-11-09 18:56 [Show Content]

- Relationships Relation Graph ] Dependency Graph ]
related to 0015320resolvedmichiel Unsubscription should only be possible by a subscriber himself and not by a third person 

-  Notes
(0050775)
neffets (reporter)
11-11-09 18:56

The pagedata is not initialised for normal newsletter preferences links, because in this state there is no list known.

Patch

--- phplist-2.10.10/public_html/lists/index.php 2009-05-05 15:13:14.000000000 +0200
+++ lists/index.php 2009-11-11 18:05:35.065632639 +0100
@@ -199,6 +199,7 @@
 }
 
 if ($login_required && empty($_SESSION["userloggedin"]) && !$canlogin) {
+ $data = PageData(0);
   print LoginPage($id,$userid,$emailcheck,$msg);
 } elseif (isset($_GET['p']) && preg_match("/(\w+)/",$_GET["p"],$regs)) {
   if ($id) {
(0050777)
rrrrob (reporter)
12-11-09 13:52

In my index.php file this code comes up at line 201. I replaced the current code with this code and gave it a try. I am now getting a completely blank page when the user submits their email address to unsubscribe. Also when the user selects the link to unsubscribe, from the email message sent at signup, they get the same blank page. Could someone please confirm.
(0050780)
rrrrob (reporter)
14-11-09 02:31

Noticed another report similar to this one
http://mantis.phplist.com/view.php?id=15320 [^]

Our needs for the current situation call for an immediate answer that will work smoothly and look professional for the customer and user. Stepping back and rethinking the process has driven the following.

The individual that wants to unsubscribe is one whom is receiving the messages.
If one is not getting the messages why would one be needing to unsubscribe. These very same messages have a link to the unsubscribe page which passes threw the validation page and works. Thus why have an unsubscribe link on the sign up page. Instead remove the unsubscribe link, which does not work, and simply redirect the user to the unsubscribe link in the messages they are already getting that do work.

So...
index.php approximately line 273

  # printf('

./?p=unsubscribe

',$strUnsubscribeTitle); # Bug Fix remove unsubscribe link
  print $strUnsubscribeMsg;


language file (english.inc) added new line 31

$strUnsubscribeMsg = 'If you would like to unsubscribe from the message system please use the unsubscribe link at the bottom of one of you messages.

';
(0050781)
rrrrob (reporter)
14-11-09 02:41

Code in last not did not look right, see this link for proper code.

http://forums.phplist.com/viewtopic.php?f=17&t=28879&p=70067#p70067 [^]
(0051288)
michiel (manager)
06-05-11 23:21

seems resolved in svn


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker