View Issue Details

IDProjectCategoryView StatusLast Update
0020893mantisbtauthenticationpublic2020-03-10 17:23
Reportersanil Assigned Todregad  
PriorityurgentSeverityblockReproducibilityalways
Status closedResolutionno change required 
Product Version1.2.19 
Summary0020893: Redirection Loop on Signup link [already saw the bug 0010930]
Description

Mantis version 1.2.19
Clicking on signup link, we get there error
This webpage has a redirect loop

ERR_TOO_MANY_REDIRECTS

Steps To Reproduce
  1. Anonymous login enabled
  2. Login as admin
  3. Create a new user
  4. We receive the link for sign up for the user to set the new password
  5. When you click - it gives the error of redirect as above

This webpage has a redirect loop

ERR_TOO_MANY_REDIRECTS

ERR_TOO_MANY_REDIRECTS

TagsNo tags attached.

Relationships

related to 0010930 closedjreese User verification results in redirection loop 

Activities

sanil

sanil

2016-05-10 06:51

reporter   ~0053109

Update:
1) If I comment, the portion of # force logout on the current user if already authenticated from verify.php, the issue has been disappeared.
The below code is commented:
if( auth_is_user_authenticated() ) {
auth_logout();

    # reload the page after logout
    print_header_redirect( "verify.php?id=$f_user_id&confirm_hash=$f_confirm_hash" );
}

2) I checked whether it creates any issue of new signup verification, if I am already logged in. However, it did not give any issues and was able to signup. After sign up, once you save the info, it logs out. At this time, the earlier logged in session also logs out. I think, this is expected and acceptable behavior

Please share your views.

sanil

sanil

2016-05-10 07:04

reporter   ~0053111

$g_login_anonymous = false; is also commented from verify.php.

sanil

sanil

2016-05-10 07:11

reporter   ~0053112

With same changes, verified the following:
a) New user creation by Admin and sign up from mail link - Passed
b) New user registration from login page and sign up from mail link - Passed
c) Lost password link from login page and change password from mail link - Passed (One observation is that, during this, even another user login, he will remain logged in, means both the users will be logged in. Will this cause any issues?)

dregad

dregad

2020-02-25 11:11

developer   ~0063690

We are resolving this issue as "no change required", because it was reported against an old version of MantisBT which is no longer supported.

We recommend that you upgrade to the latest stable version [1]; if after doing so the problem still exists, do not hesitate to reopen the issue.

[1] http://www.mantisbt.org/download.php

Issue History

Date Modified Username Field Change
2016-05-10 05:36 sanil New Issue
2016-05-10 06:30 dregad Relationship added related to 0010930
2016-05-10 06:30 dregad Status new => acknowledged
2016-05-10 06:51 sanil Note Added: 0053109
2016-05-10 07:04 sanil Note Added: 0053111
2016-05-10 07:11 sanil Note Added: 0053112
2020-02-25 11:11 dregad Assigned To => dregad
2020-02-25 11:11 dregad Status acknowledged => resolved
2020-02-25 11:11 dregad Resolution open => no change required
2020-02-25 11:11 dregad Note Added: 0063690
2020-03-10 17:23 atrol Status resolved => closed