Anonymous Login
2019-12-08 18:02 PST

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0000801v2.4 Release (Closed)[All Projects] Generalpublic2011-08-16 23:37
Reporternimbus 
Assigned Tocaseydk 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionfixed 
Product Version 
Target VersionFixed in Version2.4 
Summary0000801: Update key do not store in Database
DescriptionWhen edit contact, If select "Waiting Update?" then W2P will send email with a link to allow that person to edit his own information.

But when click on that link there will be permission deny.

"You are not authorized to use this page. If you should be authorized please contact ..."

I remember I raised this issue once but I forgot to have it in bug log. :( So in this version it still exists.
Additional InformationMy solution:

I found out that in "do_contact_aed.php" the updatekey token is generated after Contact is stored (line 23-34).

My solution at the moment is, move the generating block of updatekey to before store/del is called.

//moved block
if (!$del) {
        $updatekey = $obj->getUpdateKey();
        $notifyasked = w2PgetParam($_POST, 'contact_updateask', 0);
        if ($notifyasked && !$updatekey) {
            $rnow = new CDate();
            $obj->contact_updatekey = MD5($rnow->format(FMT_DATEISO));
            $obj->contact_updateasked = $rnow->format(FMT_DATETIME_MYSQL);
            $obj->contact_lastupdate = '';
        // $obj->updateNotify();
        }
    }
//end moved block

$action = ($del) ? 'deleted' : 'stored';
$result = ($del) ? $obj->delete($AppUI) : $obj->store($AppUI);

if (is_array($result)) {
    $AppUI->setMsg($result, UI_MSG_ERROR, true);
    $AppUI->holdObject($obj);
    $AppUI->redirect('m=contacts&a=addedit');
}
if ($result) {
    $AppUI->setMsg('Contact '.$action, UI_MSG_OK, true);

        if ($notifyasked && !$updatekey) {
        $obj->updateNotify();
    }
}
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0001956

caseydk (administrator)

tweaked the store to happen a second time to pick up the key;
not great but sufficient;
resolved in r1940;
+Notes

-Issue History
Date Modified Username Field Change
2011-05-10 20:22 nimbus New Issue
2011-05-11 05:29 caseydk Status new => assigned
2011-05-11 05:29 caseydk Assigned To => caseydk
2011-05-21 22:27 caseydk Project v2.3 Release (Closed) => v2.4 Release (Closed)
2011-05-30 21:21 caseydk Note Added: 0001956
2011-05-30 21:21 caseydk Status assigned => resolved
2011-05-30 21:21 caseydk Fixed in Version => 3.0
2011-05-30 21:21 caseydk Resolution open => fixed
2011-08-16 23:37 caseydk Status resolved => closed
2011-08-16 23:37 caseydk Fixed in Version => 2.4
+Issue History