landing on incorrect page after clicking a link in notification in an email
Bug #640152 reported by
Dirk Meyer
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Mahara |
Fix Released
|
Low
|
Ruslan Kabalin |
Bug Description
1.3.0
MySQL
Linux
A user sends a message to another user. The recipient gets an email, saying that 'you have received a message.....to view this message click here etc...'
Upon clicking the link in the email, the next screen presented will be the 'Write a message to ...screen' and not the message that was sent.
Clarification: This only happens if the recipient is not logged into Mahara. Then, he/she will be presented with the login screen and upon logging in the 'Write a message to ...screen' will appear
description: | updated |
description: | updated |
Changed in mahara: | |
assignee: | nobody → Ruslan Kabalin (ruslan-kabalin) |
status: | New → Confirmed |
Changed in mahara: | |
status: | Confirmed → Fix Committed |
Changed in mahara: | |
importance: | Undecided → Low |
milestone: | none → 1.3.1 |
Changed in mahara: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
This is caused by running special chars encoding over the string which is already encoded. Original URI is used as action in loginform if user is not logged in at the time of clicking on the link in email. When $action is formed, ampersands are hard-coded as "&" (auth_get_ login_form( ), auth/lib.php), then at the form generation action string is passed through Peiform::hsc (get_form_tag()), so as result we have:
loginbox.innerHTML = '<form class="pieform" name="login" method="post" action= "?id=2& amp;amp; replyto= 1204& amp;returnto= inbox" ...