Anonymous | Login | Signup for a new account | 2021-01-20 08:56 GMT | ![]() |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||
ID | Project | Category | View Status | Date Submitted | Last Update | ||||
0000607 | SiT! | other | public | 2009-03-25 19:30 | 2009-08-16 14:39 | ||||
Reporter | smelvin | ||||||||
Assigned To | ivan | ||||||||
Priority | normal | Severity | tweak | Reproducibility | always | ||||
Status | closed | Resolution | fixed | ||||||
Platform | OS | OS Version | |||||||
Product Version | 3.45 | ||||||||
Target Version | 3.50 | Fixed in Version | 3.50 | ||||||
Summary | 0000607: Forgot Password script uses HTTP_REFERER for URI in emails | ||||||||
Description | The forgotpwd.php file uses HTTP_REFERER for sending the reset password or forgot password URI. This is fine if your server is external and it uses FQDN, but it should use the $CONFIG['application_prefix'] variable to ensure consistancy throughout the system. Unfortunately the $CONFIG['application_prefix'] variable doesn't store the URI scheme ie. http or https. A workaround is to edit the forgotpwd.php file at lines 64 and 98 and replace {$url['scheme']}://{$url['host']} with http://{$CONFIG['application_prefix']} [^] | ||||||||
Tags | No tags attached. | ||||||||
Attached Files | |||||||||
![]() |
|
ivan (administrator) 2009-03-26 10:10 |
Thanks Scott. |
ivan (administrator) 2009-03-30 21:36 |
The config variable that should be used is: $CONFIG['application_uriprefix'] |
kieran (administrator) 2009-05-26 12:16 |
Following on from the forum thread about this, does $CONFIG['application_uriprefix'] contain the port too? If not, can it? |
kieran (administrator) 2009-05-26 12:23 |
After a bit of quick testing, $_SERVER['HTTP_HOST'] returns the port used so we can use that in building the url string. |
ivan (administrator) 2009-05-30 20:30 |
Fixed in trunk svn r5425 |
ivan (administrator) 2009-08-16 14:39 |
Released in 3.50rc1 |
![]() |
|||
Date Modified | Username | Field | Change |
2009-03-25 19:30 | smelvin | New Issue | |
2009-03-26 10:10 | ivan | Note Added: 0000837 | |
2009-03-26 10:10 | ivan | Status | new => confirmed |
2009-03-26 10:10 | ivan | Target Version | => 3.50 |
2009-03-30 21:36 | ivan | Note Added: 0000877 | |
2009-05-03 11:52 | paulh | Relationship added | related to 0000682 |
2009-05-26 12:16 | kieran | Note Added: 0001102 | |
2009-05-26 12:23 | kieran | Note Added: 0001103 | |
2009-05-30 20:04 | ivan | Status | confirmed => assigned |
2009-05-30 20:04 | ivan | Assigned To | => ivan |
2009-05-30 20:30 | ivan | Note Added: 0001158 | |
2009-05-30 20:30 | ivan | Status | assigned => resolved |
2009-05-30 20:30 | ivan | Resolution | open => fixed |
2009-05-30 20:30 | ivan | Fixed in Version | => Current SVN |
2009-08-16 13:16 | ivan | Fixed in Version | Current SVN => 3.50 |
2009-08-16 14:39 | ivan | Note Added: 0001652 | |
2009-08-16 14:39 | ivan | Status | resolved => closed |
Copyright © 2000 - 2021 MantisBT Team |