View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0011272 | mantisbt | public | 2009-12-07 23:53 | 2010-02-22 14:34 | |
| Reporter | sdurkin | Assigned To | dhx | ||
| Priority | normal | Severity | minor | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | XAMPP for window @GridSense | OS | Windows Server 2003 | OS Version | Enterprise; SP2 |
| Product Version | 1.2.0a3 | ||||
| Target Version | 1.2.0 | Fixed in Version | 1.2.0 | ||
| Summary | 0011272: Account Registration Message | ||||
| Description | The Account Registration confirmation message that is e-mailed out to the applicant user has an incorrect link to the verification page. Because of this, new users cannot confirm thier registration. My version of Mantis is 1.2.0a3 2009-06-11-master-d9978e5 | ||||
| Steps To Reproduce | The confirmation message has the following format (with <Mantis> as a place-marker: ===================================== http://<Mantis>/verify.php?id=25&confirm_hash=537f94593d9c10b64c773f17a1b6bb09 If you did not request any registration, ignore this message and nothing will Do not reply to this messageYou see the & character in the link? It is URL encoded, but it should NOT be. This has been verified on Firefox. I have not tested it on other browsers. | ||||
| Additional Information | Proposed solution: Remove the URL encoding on the generation of this link. | ||||
| Tags | No tags attached. | ||||
 |
Umm, the editor for the "Steps to produce" messed with the link. I will try again with spaces. The incorrect link is ... http:// [RemoveThis] <Mantis>/verify.php? id=25& confirm_hash=537f94593d9c10b64c773f17a1b6bb09 [RemoveThis] |
 |
I should have fixed this problem with ampersands in commit http://git.mantisbt.org/?p=mantisbt.git;a=commit;h=0c9b5cd564309efb83fbcfe428ed0da56c3060fe Can you checkout the latest version of 1.2.x and see if that fixes your problem? |
|
|
Assuming it's now fixed due to lack of feedback (and lack of other users reporting the same problem). |
|
MantisBT: master 0c9b5cd5 2009-11-23 07:00 Details Diff |
Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. |
Affected Issues 0011272 |
|
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - bug_relationship_graph.php | Diff File | ||
| mod - login_select_proj_page.php | Diff File | ||
| mod - core/string_api.php | Diff File | ||
| mod - project_page.php | Diff File | ||
| mod - news_update.php | Diff File | ||
| mod - manage_user_delete.php | Diff File | ||
| mod - account_prefs_reset.php | Diff File | ||
| mod - login.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - query_view_page.php | Diff File | ||
| mod - core/relationship_api.php | Diff File | ||
| mod - adm_config_report.php | Diff File | ||
| mod - login_anon.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - bug_view_inc.php | Diff File | ||
| mod - manage_user_prune.php | Diff File | ||
| mod - view_filters_page.php | Diff File | ||
| mod - manage_proj_page.php | Diff File | ||
| mod - core/file_api.php | Diff File | ||
| mod - core/form_api.php | Diff File | ||
| mod - manage_proj_delete.php | Diff File | ||
| mod - roadmap_page.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - api/soap/mc_issue_api.php | Diff File | ||
| mod - print_all_bug_page.php | Diff File | ||
| mod - core/relationship_graph_api.php | Diff File | ||
| mod - core/rss_api.php | Diff File | ||
| mod - my_view_inc.php | Diff File | ||
| mod - tag_update_page.php | Diff File | ||
| mod - core/ajax_api.php | Diff File | ||
| mod - verify.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
| mod - manage_proj_edit_page.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - manage_user_page.php | Diff File | ||
| mod - print_bug_page.php | Diff File | ||
| mod - changelog_page.php | Diff File | ||
| mod - core/columns_api.php | Diff File | ||
| mod - main_page.php | Diff File | ||
| mod - login_page.php | Diff File | ||
| mod - bug_actiongroup_ext.php | Diff File | ||
| mod - set_project.php | Diff File | ||
| mod - excel_xml_export.php | Diff File | ||
|
MantisBT: master-1.2.x c59ad8a6 2009-11-23 07:21 Details Diff |
Cleanup use of ampersands in internally generated URLs This should fix a number of bugs related to invalid links (created by confusion about whether to use & or & in internal URLs). We should only apply htmlspecialchars() or similar at output time, assuming we want HTML output from Mantis. Internally, it is best to just use & to separate arguments in GET HTTP URLs. There are still a few ugly bits of code that haven't been updated because to do so would require extensive rewriting in some sections. And in time, the print_ and html_ API is probably going to be deprecated by use of a templating engine so there is little point rewriting something that'll only get overhauled later. This commit is the backport to the 1.2.x branch because it fixes a few bugs here and there. Conflicts: main_page.php |
Affected Issues 0011272 |
|
| mod - login_select_proj_page.php | Diff File | ||
| mod - api/soap/mc_issue_api.php | Diff File | ||
| mod - core/string_api.php | Diff File | ||
| mod - project_page.php | Diff File | ||
| mod - news_update.php | Diff File | ||
| mod - main_page.php | Diff File | ||
| mod - account_prefs_reset.php | Diff File | ||
| mod - login.php | Diff File | ||
| mod - core/user_api.php | Diff File | ||
| mod - api/soap/mc_project_api.php | Diff File | ||
| mod - core/print_api.php | Diff File | ||
| mod - query_view_page.php | Diff File | ||
| mod - manage_proj_delete.php | Diff File | ||
| mod - core/relationship_api.php | Diff File | ||
| mod - login_page.php | Diff File | ||
| mod - login_anon.php | Diff File | ||
| mod - core/html_api.php | Diff File | ||
| mod - manage_user_delete.php | Diff File | ||
| mod - manage_user_page.php | Diff File | ||
| mod - core/file_api.php | Diff File | ||
| mod - bug_view_inc.php | Diff File | ||
| mod - roadmap_page.php | Diff File | ||
| mod - manage_proj_page.php | Diff File | ||
| mod - bug_actiongroup_ext.php | Diff File | ||
| mod - manage_user_prune.php | Diff File | ||
| mod - adm_config_report.php | Diff File | ||
| mod - core/form_api.php | Diff File | ||
| mod - print_all_bug_page_word.php | Diff File | ||
| mod - print_all_bug_page.php | Diff File | ||
| mod - bug_relationship_graph.php | Diff File | ||
| mod - core/relationship_graph_api.php | Diff File | ||
| mod - core/rss_api.php | Diff File | ||
| mod - my_view_inc.php | Diff File | ||
| mod - tag_update_page.php | Diff File | ||
| mod - core/ajax_api.php | Diff File | ||
| mod - view_filters_page.php | Diff File | ||
| mod - verify.php | Diff File | ||
| mod - bugnote_view_inc.php | Diff File | ||
| mod - manage_proj_edit_page.php | Diff File | ||
| mod - changelog_page.php | Diff File | ||
| mod - print_bug_page.php | Diff File | ||
| mod - core/columns_api.php | Diff File | ||
| mod - core/tag_api.php | Diff File | ||
| mod - core/filter_api.php | Diff File | ||
| mod - set_project.php | Diff File | ||
| mod - excel_xml_export.php | Diff File | ||
