マイサイトユーザーズ 2.0 - Ccenter 0.89 – Bug in onepass? - XOOPSモジュール

Ccenter 0.89 – Bug in onepass?

投稿日時 2009/5/30 7:44 msg# 1

First of all I would like to thank Nobuhiro Yasutomi for this great module!

I think I found a bug:

If there is a “+” (plus) in the onepass
you cannot connect to your quest as anonymous.

When you post a quest as anonymous, you receive a link to the quest like this:

URL/modules/ccenter/message.php?id=12&p=+uYSqDsX
The code after “id=” is your quest id
The code after “p=” allow you to see your quest online as anonymous. (onepass)

If the generated code contains a "+" (plus) the connection cannot be achieved (the site asks for identification)

It seems that the user does not receive the confirmation mail too.

It may be necessary to avoid the "+" at the creation of the code?
How to do that?

@+
Z

Re: Ccenter 0.89 – Bug in onepass?

投稿日時 2009/5/30 16:55 msg# 1.1

Well, where to found "+" in URL string?

Notification email url is encode string (use urlencode function), it will be "...&p=%2BuYSqDsX". Or not encode "+" some php versions?

But there is no need to use "+" or some other graphic chars.
It will be fix following patch.

--- functions.php	15  3月 2009 19:10:29 +0900	1.29
+++ functions.php	30  5月 2009 15:51:12 +0900	
@@ -585,7 +585,7 @@
 }
 
 function cc_onetime_ticket($genseed="mypasswdbasestring") {
-    return substr(base64_encode(pack("H*",md5($genseed.time()))), 0, 8);
+    return substr(preg_replace('/[^a-zA-Z0-9]/', '', base64_encode(pack("H*",md5($genseed.time())))), 0, 8);
 }
 
 function cc_delete_message($msgid) {

Thank you reporting.

Re: Re: Ccenter 0.89 – Bug in onepass?

投稿日時 2009/6/1 22:10 msg# 1.1.1

Hi Zorro87, Hi Nobu

Please, update this bugs in next release.

Thanks

--
http://portoalegre.myht.org/

Re: Ccenter 0.89 – Bug in onepass?

投稿日時 2009/6/2 6:35 msg# 1.1.2

@nobu
Your patch is perfect
Thank you!

パッチ最適です
ありがとうございました！

@+
Z

投稿ツリー