View Issue Details

WikiJump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0021809mantisbtauthenticationpublic2016-10-19 08:132016-10-30 03:38
Reporternebjanim Assigned Toatrol  
PriorityhighSeveritymajorReproducibilityalways
Status closedResolutionno change required 
Product Version1.3.2 
Summary0021809: Password reset email text includes addtional characters which prevent the included link from functioning
Description

Here is an example for this issue in German and English:

1.
Danke für Ihre Registrierung. Ihr Konto hat den Benutzernamen = testtest2“.Um die Registrierung abzuschließen, besuchen Sie die folgende URL (ste= llen Siesicher, dass sie in einer einzigen Zeile eingegeben wurde) und setzen Sie i= hreigenes Zugangskennwort:http://ls1/mantis/verify.php?id=227&confirm_hash=UFDIPAWWfpT7NhKLhaYyQa=
Wv5KzV9EGg87bBxYc96IUR4cAMRRMR3Fa_0bn4-xF-LawieJ2wmaFGYe4kKKI-Wenn Sie sich nicht registriert haben, ignorieren Sie diese Nachricht, es w= irdnichts passieren.NICHT AUF DIESE NACHRICHT ANTWORTEN

2.
Someone (presumably you) requested a password change through e-mailverification. If this was not you, ignore this message and nothing will hap= pen.If you requested this verification, visit the following URL to change yourpassword: http://ls1/mantis/verify.php?id=227&confirm_hash=uKTLucEXwIVXrpeOSsmOLn=
xB3YZ1wVc5ZqApqWuGuBd_kbKfPGga7LxXS_tiIPw3x4Jj7gc8nesc-gys3o8PUsername: testtest2 Remote IP address: 10.1.20.255 Do not reply to this message

Steps To Reproduce
  • Upgrade from mantis 1.18 to 1.32.
  • Reset password with button "forgotten password"
  • config_inc.php has been attached
Additional Information

Please do not hesitate to contact me if you have any further questions.

TagsNo tags attached.
Attached Files
config_inc.php (7,023 bytes)    
<?php
# MantisBT - A PHP based bugtracking system

# MantisBT is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.

/**
 * @package MantisBT
 * @copyright Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
 * @copyright Copyright (C) 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net
 * @link http://www.mantisbt.org
 */

# This sample file contains the essential files that you MUST
# configure to your specific settings.  You may override settings
# from config_defaults_inc.php by uncommenting the config option
# and setting its value in this file.

# Rename this file to config_inc.php after configuration.

# In general the value OFF means the feature is disabled and ON means the
# feature is enabled.  Any other cases will have an explanation.

# Look in http://www.mantisbt.org/docs/ or config_defaults_inc.php for more
# detailed comments.

# --- Database Configuration ---
$g_hostname 					= ***** deleted
$g_db_username 					= ***** deleted
$g_db_password 					= ***** deleted
$g_database_name 				= ***** deleted
$g_db_type 						= ***** deleted

# --- Security ---
$g_crypto_master_salt = ***** deleted

# --- Anonymous Access / Signup ---
$g_allow_signup				= ON;
$g_allow_anonymous_login	= OFF;
$g_anonymous_account		= 'Anonym';

# --- Email Configuration ---
$g_phpMailer_method		= PHPMAILER_METHOD_MAIL; # or PHPMAILER_METHOD_SMTP, PHPMAILER_METHOD_SENDMAIL
$g_smtp_host 					= ***** deleted
$g_smtp_username		= ***** deleted
$g_smtp_password		= ***** deleted
$g_webmaster_email      		= ***** deleted
$g_from_email           		= ***** deleted
$g_return_path_email    		= ***** deleted
$g_from_name					= 'Bug Tracker';
$g_email_receive_own 			= ON;
# $g_email_send_using_cronjob = OFF;

# --- Attachments / File Uploads ---
$g_allow_file_upload	= ON;
$g_file_upload_method			= DISK;
$g_absolute_path_default_upload_folder = '/l1/mantis/';
$g_max_file_size		= 5000000;	# in bytes
$g_preview_attachments_inline_max_size = 256 * 1024;
# $g_allowed_files		= '';		# extensions comma separated, e.g. 'php,html,java,exe,pl'
# $g_disallowed_files		= '';		# extensions comma separated

# --- Branding ---
$g_window_title			= 'MantisBT';
$g_logo_image			= ***** deleted

# --- Real names ---
$g_show_realname 				= ON;
$g_show_user_realname_threshold = REPORTER;	# Set to access level (e.g. VIEWER, REPORTER, DEVELOPER, MANAGER, etc)

# --- Others ---
# $g_default_home_page = 'my_view_page.php';	# Set to name of page to go to after login
$g_enable_email_notification 	= ON;
$g_show_product_version 			= ON;
$g_summary_category_include_project	= ON;
$g_enable_profiles 			= OFF;
$g_signup_use_captcha 		= OFF;
$g_view_summary_threshold 		= UPDATER;
$g_tag_create_threshold 		= REPORTER;
$g_tag_detach_threshold 		= REPORTER;
$g_tag_edit_threshold 		= REPORTER;
$g_tag_edit_own_threshold 		= REPORTER;
$g_tag_attach_threshold 		= REPORTER;
$g_tag_detach_own_threshold 	= REPORTER;
$g_show_user_email_threshold 	= REPORTER;
$g_create_permalink_threshold 	= REPORTER;
$g_create_short_url 			= '';
$g_email_ensure_unique = OFF;
$g_limit_email_domain = ***** deleted



	$t_protocol = 'http';
	$t_host = 'ls1';

# --- Wiki Settings ---
	$g_wiki_enable 					= ON;
	$g_wiki_engine 					= 'dokuwiki';
	$g_wiki_root_namespace 			= 'mantis';
	$g_wiki_engine_url 				= $t_protocol . '://' . $t_host . '/dokuwiki/';

# --- Customization ---
	$g_default_language				= 'german';
	$g_fallback_language			= 'german';
	date_default_timezone_set('Europe/Berlin');
    $g_show_priority_text			= ON;
	$g_bug_report_page_fields = array(
		'category_id',
		'handler',
		'priority',
		'severity',
		'reproducibility',
		'product_version',
		'product_build',
		'summary',
		'description',
		'steps_to_reproduce',
		'attachments',
		'due_date',
	);
	$g_bug_view_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'reproducibility',
		'status',
		'resolution',
		'projection',
		'eta',
		'product_version',
		'product_build',
		'fixed_in_version',
		'summary',
		'description',
		'steps_to_reproduce',
		'tags',
		'attachments',
		'due_date',
	);
	$g_bug_print_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'reproducibility',
		'status',
		'resolution',
		'projection',
		'eta',
		'product_version',
		'product_build',
		'fixed_in_version',
		'summary',
		'description',
		'steps_to_reproduce',
		'tags',
		'attachments',
		'due_date',
	);
	$g_bug_update_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'reproducibility',
		'status',
		'resolution',
		'projection',
		'eta',
		'product_version',
		'product_build',
		'fixed_in_version',
		'summary',
		'description',
		'steps_to_reproduce',
		'attachments',
		'due_date',
	);
	$g_bug_change_status_page_fields = array (
		'id',
		'project',
		'category_id',
		'view_state',
		'date_submitted',
		'last_updated',
		'reporter',
		'handler',
		'priority',
		'severity',
		'reproducibility',
		'status',
		'resolution',
		'projection',
		'eta',
		'product_version',
		'product_build',
		'fixed_in_version',
		'summary',
		'description',
		'additional_info',
		'steps_to_reproduce',
		'tags',
		'attachments',
		'due_date',
	);


	$g_severity_enum_string				= '20:function,40:tweak,50:minor,60:major,70:crash,90:injury';

	# neuer deutscher String definiert in custom_strings_inc.php
	define( 'INJURY', 90 );
	define( 'function', 90 );

	$g_reproducibility_enum_string		= '10:always,30:sometimes,50:random,70:have not tried,90:unable to duplicate';
	$g_priority_enum_string				= '20:low,30:normal,40:high,50:urgent,60:immediate';

$g_resolution_enum_string			= '10:open,20:fixed,30:reopened,40:unable to duplicate,50:not fixable,60:duplicate,70:not a bug,80:test suspended,85:test not possible,90:wont fix';

	$g_severity_multipliers = array(        TRIVIAL => 2,
		                                 TEXT    => 3,
		                                 TWEAK   => 2,
		                                 MINOR   => 5,
		                                 MAJOR   => 8,
		                                 CRASH   => 8,
	                                 	 BLOCK   => 10,
	                                 	 INJURY  => 10);

  $g_view_filters = ADVANCED_ONLY;
?>
config_inc.php (7,023 bytes)   

Activities

nebjanim

nebjanim

2016-10-19 08:23

reporter   ~0054273

Steps for reproduction:

Upgrade from 1.2.18 to 1.3.2 is meant.
atrol

atrol

2016-10-19 14:40

developer   ~0054282

nebjanim,

I was not able to reproduce your problem with a fresh install of 1.3.2.
I was also not able to reproduce it on https://www.mantisbt.org/bugs
Try it yourself on https://www.mantisbt.org/bugs.
Do you see the issue?
If so, the issue is caused by the client you use to view the email.
If not, the following additional information may also be useful:

  • Exact version of PHP, Database, Web server, Browser and Operating System
  • Relevant customizations (e.g. changes in config_inc.php, etc)
  • Installed plugins or custom functions ?
  • Was the MantisBT source code modified in any way ?

BTW, settings like $g_smtp_password are useless, you can remove them as you have set $g_phpMailer_method = PHPMAILER_METHOD_MAIL
Smtp settings are just used if you have set $g_phpMailer_method = PHPMAILER_METHOD_SMTP
nebjanim

nebjanim

2016-10-25 09:03

reporter   ~0054338

atrol,

I've already checked if the issue also occurs on your system. But everything was fine there.
Thanks for your tip concerning my config_inc.php. I've changed the mailer method to smtp and now everything works fine. This came into my configuration during the latest upgrade when I took the sample-config to include my specific settings.
Anyway this is the information you've asked for:

config_inc.php: as attached

code changes: very few changes directly in html sections to add/change displayed text.

php: PHP 5.3.5 (cli)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies

database: mysql Ver 14.14 Distrib 5.1.71, for suse-linux-gnu (i686) using readline 6.1

linux: openSUSE 11.4 "Celadon" - Kernel \r (\l).
atrol

atrol

2016-10-25 09:16

developer   ~0054339

I've changed the mailer method to smtp and now everything works fine

Do I understand right, that your password reset email text is fine when setting $g_phpMailer_method = PHPMAILER_METHOD_SMTP; ?

If so, we can close this issue.
nebjanim

nebjanim

2016-10-25 09:22

reporter   ~0054340

Yes, that is correct.

Thanks again for your help.