phplist

NOTE:: Before reporting an issue, make sure you are running the latest version, currently 3.3.1


View Issue Details Jump to Notes ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0018345phplist applicationClick Trackingpublic23-09-16 11:3513-10-16 22:41
Reporterduncanc 
PrioritynormalSeverityminorReproducibilitysometimes
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version3.3-RC2 
Target Version3.2.6Fixed in Version3.2.6 
Summary0018345: Link clicking in test messges is restricted to admins
DescriptionIn 3.2.6 RC1 there is some new processing that restricts clicking links in test messages to admins who are currently logged-in to phplist.

This looks to be a significant break of how phplist currently works and I expect it will surprise many people. One scenario is that an admin composes a message and then sends a test message to several subscribers for review. Suddenly clicking a link in the test email will give a 404 error.

What's the reason for the change? Possibly it can be controlled by a config setting, with the default to work as it currently does.
TagsNo tags attached.
Attached Files

- Relationships Relation Graph ] Dependency Graph ]
related to 0018369new test messages when a sent campaign is edited may not work correctly 

-  Notes
(0058321)
michiel (manager)
02-10-16 14:48

The change is part of general hardening. But I can see your point. I will review the change and think of a way to handle it.
(0058335)
michiel (manager)
06-10-16 12:49

Reminder sent to: michiel


We should update the check and only disallow the personalised links
(0058349)
michiel (manager)
10-10-16 22:24

I've now updated it, so that only the "unsubscribe" and "preference" links are blocked.
(0058350)
duncanc (developer)
11-10-16 10:25

The $allowPersonalised is set incorrectly. it should be true instead of false.

The validation of whether a campaign has been sent at all could cause a problem. Consider a campaign being sent, then edited and a test email sent to a new subscriber. That would currently fail with a 404 error.

See https://github.com/phpList/phplist3/pull/88 [^]
(0058353)
michiel (manager)
11-10-16 12:40

We may want to encode the "test message" status in the links, instead of reading it from the DB. I've merged your PR.
(0058372)
gingerling (administrator)
13-10-16 17:12

M, can you push these changes to the HOSTED6 and HOSTED6 plus, we still have tests failing with this issue
(0058373)
michiel (manager)
13-10-16 22:39

Personalised links are disallowed, but other links will work.

I will open a new ticket to review this for a sent campaign being re-edited and then test emails being created.


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker