Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15367 [phplist] Command Line major N/A 18-11-09 20:06 18-11-09 20:06
Reporter: marxarelli Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Command-line access control is insecure
Description: In index.php, the USER environment variable is checked against the global $commandline_users to determine the process owner's access to invocation of PHPList scripts from the command line. This method is insecure as environment variables are easily spoofed.

If you really want to implement this type of access control, you can check for the process user with posix_getpwuid(posix_getuid()). However, these functions are only available through the POSIX extension which is not always loaded.

This access control seems unnecessary anyway, as POSIX permissions and ACLs are sufficient.
Steps To Reproduce:
Additional Information: $ USER=notme php -r 'print_r($_SERVER["USER"]."\n");'
notme
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15366 [phplist] Template Management feature always 16-11-09 20:16 16-11-09 20:16
Reporter: adrian15 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Add basic template ownership
Description: This patch adds template ownership to phplist.
It means that each admin can create their own templates and one admin cannot see another admin's template.

I copy and paste in "Additional information" field the basic instructions on how to use it.

I am very interested in this patch becoming part of the official phplist.

So I am ready to correct it as many times as it is needed so that it fits the way that you want things to be coded or if it needs to be improved somehow or whatever.

I think I have done a great job because I have also coded the database upgrade part but it's up to you to judge my work so that we can improve it a lot better and add it to official phplist upstream code.

Thank you very much for your attention.

adrian15
Steps To Reproduce:
Additional Information: Patch instructions

This patch applies for phplist 2.10.10.

Here there are some generic instructions to apply it:

 Instrucciones

In any pc:

Save .diff file on phplist_patrones folder.
Save/Download phplist-2.10.10.tgz (Available at phplist.com webpage)

Inside phplist_patrones folder we make desde_cero folder.
mkdir desde_cero
We enter inside it and untar
cd desde_cero
tar xvzf ../phplist-2.10.10.tgz
Let's apply the patch
patch -p1 < ../phplist_basic_template_ownership_support.diff
We rename the folder :
mv phplist-2.10.10 phplist-2.10.11

We create another tgz file:
tar cvzf phplist-2.10.11.tgz phplist-2.10.11

Now we are going to be able to work with phplist-2.10.11.tgz file.

Now we go to the machine where we want to install or upgrade our new improved with template ownership support phplist.

Optional: With phpmyadmin or a similar tool we can make a database backup in order to recreate it if something fails.

Let's rename the folder /var/www/lists/ (where we can see admin,config,dl.php,... folders/files))and we rename it to lists_old (Do not remove it yet!).
mv /var/www/lists /var/www/lists_old

Let's untar phplist-2.10.11.tgz (Let's suppose that we have saved a copy in the /tmp folder)

cd /tmp
tar xvzf phplist-2.10.11.tgz
cp -r phplist-2.10.11/public_html/lists /var/www

Now we are going to recover our old config file:

cd /var/www/lists/config
cp ../../lists_old/config/config.php config.php

We visit:
http://url/lists/admin/ [^]

We login as a super admin (usually admin).

As we are requested we click "upgrade" link.
And we click on "here" link.

We should see: Information: Success

If we already had patterns we should assign them an admin in order to use them.

We can use phpmyadmin for this task. We will check admin table first.
In the admin table we can identify each one of the admin ids (We will use this data later).

We go to template table.

In each one of its rows we will edit the column adminid and we will set it to the id value that we had already seen in the admin table so that each template gets associated an admin.


Note: As you might think if you have too many data you can try to speed things with an appropiated SQL sentence.

Optional: Now it is safe to delete /var/www/lists_old/ but, as always, the best way of doing things is saving a copy of this folder, just in case.
And, of course, remove it from /var/www folder so that the folder cannot be accessed from outside the server.

And that's all.
Attached Files: phplist_basic_template_ownership_support.diff (11 KB) 16-11-09 20:16
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15283 [phplist] Message Send Process minor always 11-05-09 16:18 16-11-09 09:32
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: Date criteria does not work
Description: Using Date attributes as criteria does not seem to work anymore.

This issue is reported by Aidan:
==== START QUOTE ====
On the Criteria tab, I try to add a criterion based on the date attribute - I choose the date attribute from the dropdown and enter the date in the format specified, dd-mm-yyyy, and click 'Add Criterion'. But it replaces the date I entered with 0. I get the message 'Adding Submission Date isbefore 0' and it adds a line to the 'Existing Criteria' table which also has '0' in the values column.

Running the Calculate function shows that this criterion has no effect on the number of results returned.
=== END QUOTE ===
Source: http://forums.phplist.com/viewtopic.php?f=17&t=24512#p61910 [^]

Issue confirmed on my installation too.
Steps To Reproduce:
Additional Information: Had a quick look at the code and it seems to me that the use of the cleanCommaList function in send_core.php causes problems when Date type attibutes are used as criteria.

This is a possible fix which seems to work, though I haven't tested it thoroughly. It basically reverts two code lines back to what it was in the previous version:

In lists/admin/send_core.php
1. change line 495
from this: $values = cleanCommaList($values);
to this: // $values = cleanCommaList($values);

2. change line 859
from this: $where_clause .= cleanCommaList($crit_data["values"]) . ") )";
to this: $where_clause .= $crit_data["values"] . ") )";

NOTE: I think the cleanCommaList function was applied to fix this issue: http://mantis.phplist.com/view.php?id=15211 [^]
Removing cleanCommaList did not produce any query errors, so the workaround solution suggested by davideg in 15211 wasn't needed.
Attached Files:
Notes
(0050714)
h2b2   
25-08-09 05:51   
I wonder whether this issue might be related to other issues involving the
cleanCommaList() function, like for instance http://mantis.phplist.com/view.php?id=15301 [^]
(0050728)
h2b2   
29-08-09 15:26   
A patched send_core.php file with my suggested fix is available on the forum: http://forums.phplist.com/viewtopic.php?f=17&t=24512#p67532 [^]

This file includes taydeko's suggested fix for issue 15287 ("FCKeditor doesn't load when opening the 'send a message' page"). See http://mantis.phplist.com/view.php?id=15287 [^]
(0050782)
h2b2   
16-11-09 09:32   
---
The cleanCommaList() function also appears to affect criteria based on radio buttons.

guyshomenet reported this scenario results in the following error message:

"Database error 1064 while doing query You have an error in your SQL syntax. Check the manual that corresponds to your MySQL server version for the right syntax to use near 'and table1.value in ()' at line 1"

The solution mentioned above appears to fix this issue too.

Related forum thread: http://forums.phplist.com/viewtopic.php?f=17&t=29190 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15359 [phplist] Authentication System major always 03-11-09 00:25 14-11-09 02:41
Reporter: rrrrob Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: User Specific Authentication Pages Loose Formatting
Description: when the phplis driven site directs a user to a user specific login page (one that needs a password) the formatting of the page becomes generic causing the user to think they have left the current site. This is causing some users to think they have been redirected under false pretenses. It happens when ever they are asked for their password.

There is a complete list of what has been found and done to this point at the following link in the forums

http://forums.phplist.com/viewtopic.php?f=17&t=28879 [^]
Steps To Reproduce:
Additional Information: Have compared the index files of versions 2.10.9 and 2.10.10 and noticed that most of the changes between the two relate to the unsubscribe function. going to post current findings to the forum as well in more detail.
Attached Files: patch-15359.diff (0 KB) 11-11-09 18:56
Notes
(0050775)
neffets   
11-11-09 18:56   
The pagedata is not initialised for normal newsletter preferences links, because in this state there is no list known.

Patch

--- phplist-2.10.10/public_html/lists/index.php 2009-05-05 15:13:14.000000000 +0200
+++ lists/index.php 2009-11-11 18:05:35.065632639 +0100
@@ -199,6 +199,7 @@
 }
 
 if ($login_required && empty($_SESSION["userloggedin"]) && !$canlogin) {
+ $data = PageData(0);
   print LoginPage($id,$userid,$emailcheck,$msg);
 } elseif (isset($_GET['p']) && preg_match("/(\w+)/",$_GET["p"],$regs)) {
   if ($id) {
(0050777)
rrrrob   
12-11-09 13:52   
In my index.php file this code comes up at line 201. I replaced the current code with this code and gave it a try. I am now getting a completely blank page when the user submits their email address to unsubscribe. Also when the user selects the link to unsubscribe, from the email message sent at signup, they get the same blank page. Could someone please confirm.
(0050780)
rrrrob   
14-11-09 02:31   
Noticed another report similar to this one
http://mantis.phplist.com/view.php?id=15320 [^]

Our needs for the current situation call for an immediate answer that will work smoothly and look professional for the customer and user. Stepping back and rethinking the process has driven the following.

The individual that wants to unsubscribe is one whom is receiving the messages.
If one is not getting the messages why would one be needing to unsubscribe. These very same messages have a link to the unsubscribe page which passes threw the validation page and works. Thus why have an unsubscribe link on the sign up page. Instead remove the unsubscribe link, which does not work, and simply redirect the user to the unsubscribe link in the messages they are already getting that do work.

So...
index.php approximately line 273

  # printf('

./?p=unsubscribe

',$strUnsubscribeTitle); # Bug Fix remove unsubscribe link
  print $strUnsubscribeMsg;


language file (english.inc) added new line 31

$strUnsubscribeMsg = 'If you would like to unsubscribe from the message system please use the unsubscribe link at the bottom of one of you messages.

';
(0050781)
rrrrob   
14-11-09 02:41   
Code in last not did not look right, see this link for proper code.

http://forums.phplist.com/viewtopic.php?f=17&t=28879&p=70067#p70067 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15320 [phplist] Subscribe Process feature always 11-08-09 11:11 13-11-09 20:57
Reporter: Thorsten Albrecht Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Unsubscription should only be possible by a subscriber himself and not by a third person
Description: It's possible to unsubscribe somebody else just with the knowledge of his email address (e.g. with mydomain.com/lists/?unsubscribe). One does not have to know his personal preference/unsubscribe link. The unsubscribed user is _immediately_ put on the blacklist which is probably not what he want's to.

I think that this should not be possible. This is an inconsitent behaviour related to the procedure of suscribing where a confirmation mail is needed. Also, this is an security issue.

Unsubscribing should only be possible using one's personal preference link which is normally included in every mailing or which can be sent to the user by mail upon request. If the unsubscribe process should be possible using the unsubscribe link as described above (without any userid), there should be sent a confirmation link to the user.

This functionality should be provided without the need of enabling user passwords.

Thorsten
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050749)
spiro   
06-10-09 19:17   
I'm also experiencing this issue so wanted to add a bit more detail...

The main issue here is that even with settings in config set to request a password from a user;

define("ASKFORPASSWORD",1);
define("UNSUBSCRIBE_REQUIRES_PASSWORD",1);

When using the uid version of the unsubscribe url this almost works with the exception of the login screen presented without any css styling. Secondly and more importantly, only works properly providing a valid uid is parsed in via the unsubscribe url otherwise only an email unsubscribe form is presented allowing any email to be unsubscribed.

For some reason the non uid or invalid uid with unsubscribe url is accessible in the form of an email only unsubscribe login when it doesn't seem to serve a purpose, i.e. it should at minimum check for the uid and not be available if the uid parsed in is not valid or not present.
(0050750)
spiro   
06-10-09 20:39   
Done some more investigation and found that the setting of "The default subscribe page when there are multiple" in the PHPList configure screen has an effect on this issue. With my set up I don't have any subscribe pages, as im using a joomla addon which feeds into the PHPList tables. What I found is if I change the value in the configure page of the default subscribe page to 0 (zero), then although the default subscribe page stops working it also now only allows the unsubscribe page to be accessed if a valid unsubscribe url with valid uid is used. As I have the password variables set to 1 in the main config.php file as described in previous note, then this seems to now screen out unauthorised users from unsubscribing other emails. It's not a pretty fix but maybe a solution if you don't mind locking down new subscriptions whilst a solution is found and want to protect the existing users from being unsubscribed. It suits those that aren't using the PHPList subscribe page better who want to close down this loophole that mischievous users might try and exploit.
(0050753)
lwc   
07-10-09 11:12   
Likewise for Subscription: Related to http://mantis.phplist.com/view.php?id=15337 [^]
(0050779)
rrrrob   
13-11-09 20:57   
I just stumbled onto this report, my report is basically on the same issue

http://mantis.phplist.com/view.php?id=15359 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15226 [phplist] User Management major always 02-02-09 20:39 12-11-09 23:42
Reporter: spiro Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: User updates preferrences and receives page error - Undefined Index & Variable (v.2.10.9)
Description: Error page occurring when user follows link in received mail to update their details. The correct userid is parsed and the user's details displayed ready for ammendment but when these have been changed and the update button clicked the error page appears as described in additional information.

Observations:
User still receives the email notification of an update taking place with the new updated details.

The email being referred to as an undefined index relates to the senders email not the users or the noreply one used for system messages.

(Could not specify version in Product Version drop down as 2.10.9 not available for selection.)
Steps To Reproduce:
Additional Information: Url as requested by error page:

http://www.mydomain.co.uk/mails/?p=preferences&uid=75b57a477d66c172260e1b1730fa7596 [^]


Sorry a software error occurred:
Please report a bug when reporting the bug, please include URL and the entire content of this page.

Notice: Undefined index: in /home/mydomain/public_html/myfolder/mails/admin/lib.php on line 316
phplist version 2.10.9

Sorry a software error occurred:
Please report a bug when reporting the bug, please include URL and the entire content of this page.

Notice: Undefined index: adminemail@mydomain.co.uk in /home/mydomain/public_html/myfolder/mails/admin/lib.php on line 316
phplist version 2.10.9
Thank you for your submission. We have updated your information.

Sorry a software error occurred:
Please report a bug when reporting the bug, please include URL and the entire content of this page.

Notice: Undefined variable: emailchanged in /home/mydomain/public_html/myfolder/mails/admin/subscribelib2.php on line 583
phplist version 2.10.9
You will receive an email with the changes
Attached Files:
Notes
(0050338)
spiro   
04-02-09 11:36   
Since reporting this I have removed gmail smtp from PHPMAILERHOST in the config file so that mail is sent via local smtp. This has stopped the error page appearing.
(0050778)
ericnl   
12-11-09 23:42   
The issue still persists in release 2.10.10
Once I specify a SMTP server with authentification my users get the same error (Notice: Undefined index: in /home/mydomain/public_html/myfolder/mails/admin/lib.php on line 316) when they try to subscribe or try to change their details.
The subscription mails are sent out correctly but my users get the suggestion that the operation failed.
When I switch back to the local SMTP server everything is ok but in that case I am very limited by the mail limitations of my shared hosting provided.
I tried to find out whether I could suppress the error messages but I have no clue....




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15365 [phplist] Documentation - Configuration text always 12-11-09 13:02 12-11-09 13:02
Reporter: Thorsten Albrecht Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Wrong description of MAILQUEUE_BATCH_PERIOD in config file
Description: The description of MAILQUEUE_BATCH_PERIOD is wrong.

It says: "MAILQUEUE_BATCH_PERIOD define the length of one batch processing period, in seconds (3600 is an hour)"

This is not true. Instead, it defines the waiting time between two batches.

E.g., I am using the following settings:

define("MAILQUEUE_BATCH_SIZE",10);
define("MAILQUEUE_BATCH_PERIOD",1);

What happens is that I am sending 10 mails per batch and the web interface waits for 1 second before reloading and sending the next 100 mails.

Thorsten
Steps To Reproduce:
Additional Information:
Attached Files: batch-phpList_arrows.gif (40 KB) 12-11-09 13:02
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15363 [phplist] HTML Email Support minor always 11-11-09 19:11 12-11-09 10:47
Reporter: neffets Platform: Suse SLES10  
Assigned To: OS: Linux x64  
Priority: normal OS Version: 2.2.10  
Status: new Product Version:  
Product Build: 2.2.10 Resolution: open  
Projection: none      
ETA: none  
Summary: addAbsoluteResources does not / or fails in matching schema
Description: function: addAbsoluteResources (lib.php line 533)

the preg_match cannot match because "[x|y|z]" is used instead of "(x|y|z)"
AND
after this it matched (a failure) on links to if "http" are in the link anywhere.

Imagine link:
   a href="/.bin/fwd.fcgi?http://www.b2b-deutschland.de/wirtschaftsnews/091110/duerftige-aussichten-fuer-arcandor-glaeubiger/index.php" [^]
It matched, but should not.

Result the url was not absolutized.

Attended result for website=www.b2b-deutschland.de should be:
  a href="http://www.b2b-deutschland.de/.bin/fwd.fcgi?http://www.b2b-deutschland.de/wirtschaftsnews/091110/duerftige-aussichten-fuer-arcandor-glaeubiger/index.php" [^]

Patch:
Steps To Reproduce: Take a link with relative path for own link tracking and give it a parameter with a fully qualified uri.
e.g.
 a href="http://www.b2b-deutschland.de/.bin/fwd.fcgi?http://www.b2b-deutschland.de/wirtschaftsnews/091110/duerftige-aussichten-fuer-arcandor-glaeubiger/index.php" [^]
Additional Information: Patch lib.php
533c533
< if (preg_match("#[http|javascript|https|ftp|mailto]:#i",$match)) {
---
> if (preg_match("#^(http|javascript|https|ftp|mailto):#i",$match)) {
System Description
Attached Files: patch_sts1.diff (1 KB) 11-11-09 19:11
Notes
(0050776)
neffets   
12-11-09 10:47   
ACHTUNG:
  version mentioned ist 2.10.10. the current release (not 2.2.10)




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15364 [phplist] Click Tracking minor always 11-11-09 19:19 11-11-09 19:19
Reporter: scheidell Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: minor issue with click tracking and anti-phishing software
Description: many versions of anti-phishing , either plugins, or built into mail clients, or via anti-spam systems will see non-matching url's when the a href (the local, trackable url, the domain) doesn't match the one that you are actually directed to.

I would not having the 'visible' url be the same as the real url.

Without something, it makes phplist emails with click tracing on seem like spam or phishing emails.

worse yet, would be if the target url (original one) was https.

(reason I know alot about this, is we produce anti-spam products that include anti-phishing functions)
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15362 [phplist] Internationalization (l18n) major always 10-11-09 11:51 10-11-09 11:51
Reporter: EdgarWahn Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: overall handling of charsets
Description: You can enter bits of text at several locations, ranging from config file (plain text email user name) to configuration (database). At no point (it seems) the charset of user input is been checked or converted to UTF-8. You might end up with a mixture of Charsets, depending on the browser settings of the PHPList users.
Additionally PHPList does not send an content-type HTTP header containing charset information, which will produce bad output depending on the users browser settings. You really should send something like "content-type: text/plain; charset=utf-8".
Steps To Reproduce:
Additional Information: * check & convert every single bit of input by utilizing mb_detect_encoding or equivalent
* generate content-type HTTP header containing a fixed charset (utf-8 preferred)
* adapt the i18n language files (as they contain an charset header as well, they need to be converted to utf-8 (which could be done automatically as you know the sites charset and the translations charset => iconv))
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15361 [phplist] Subscribe Process minor always 08-11-09 12:13 08-11-09 12:13
Reporter: Subhash Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Attribut value is not saved
Description: Havingh set an own table prefix the value of an attribute of the type select is not saved on subscription.

The bug ist in "admin/commonlib/lib/userlib.php" from line 913 on.

WRONG:
      $curval = Sql_Fetch_Row_Query(sprintf('select id from phplist_listattr_%s
      where name = "%s"',$atttable,$data["displayvalue"]),1);
      if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
        Sql_Query(sprintf('insert into phplist_listattr_%s (name) values("%s")',$atttable,
        $data["displayvalue"]));

RIGHT:

      $curval = Sql_Fetch_Row_Query(sprintf('select id from ' . $usertable_prefix . 'listattr_%s
        where name = "%s"',$atttable,$data["displayvalue"]),1);
      if (!$curval[0] && $data['displayvalue'] && $data['displayvalue'] != '') {
        Sql_Query(sprintf('insert into ' . $usertable_prefix . 'listattr_%s (name) values("%s")',$atttable,
          $data["displayvalue"]));
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15309 [phplist] Interface - Frontend crash always 08-07-09 20:27 07-11-09 02:01
Reporter: flobee Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: get blacklisted and see the html output when tring to subscribe
Description: crash because its visible and customer in bad mood!

get blacklisted and see the html output when trying to subscribe to a list: dublicate html output. :-(
v2.10.10
Steps To Reproduce:
Additional Information: also: put css classes to input fields and a different to the submit input field to have a better controll for visual changes. customers nevver accept a standard way!

if you need help commiting bugs-fixes to svn let me know. i will not put any reports, no time for extras, but i'm willed to help to make this app better.

flobee
Attached Files: demo.sql.gz (128 KB) 07-11-09 01:58
bug.png (105 KB) 07-11-09 02:01
Notes
(0050741)
flobee   
25-09-09 12:37   
do you need more informations?
(0050762)
michiel   
29-10-09 17:18   

can you give the steps to follow to replicate this?

can be useful to do this on the demo site demo.phplist.com/lists/
(0050773)
flobee   
07-11-09 01:29   
Hello

pls. try to subscribe with: "test@testforbugreport.com"
fill the form and submit: http://demo.phplist.com/lists/?p=subscribe&id=4 [^]

Kind regards
florian
(0050774)
michiel   
07-11-09 02:00   

yes, great, thanks I can see it. I've attached the current dump of the demo, as it is restored every hour, so that this can be replicated easier in order to fix.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15357 [phplist] Message Send Process minor have not tried 28-10-09 18:16 06-11-09 18:35
Reporter: mike mckoy Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Develope Swift mailer pluggin that would allow phplist message sending to increase exponentionaly!
Description: Wants to find out where we are with possibly creating a swift mailer pluggin to be added to the defaiult phplist plugin. I have a dedicated server I can donate to development.

Swift mailer would allow load balancing between servers with phpmailer doesn't support. Load balancing would safely and effienctly increase phplist performance beyond 30,000 messages per hour. It may make things easier for those using shared hosting as well

Some of Swift Mailer Features:

* Send uses one single connection to the SMTP server or MTA
* Doesn't rely on mail()
* Custom Headers
* Multiple encoding options
* Unlimited redundant connections (can use mixed types too)
* Connection rotating/load balancing
* TLS Support - for Gmail servers
* Embedded Images or other file types
* Builds and sends Multipart messages
* Sends single-part emails as usual
* Fast Cc and Bcc handling
* Unicode UTF-8 support, with auto-detection
* Handles denied recipients in batch mailing whilst still delivering to the others
* Optional auto-detection of SMTP or Sendmail settings
* Batch emailing with multiple To's or without
* Send to hundreds of thousands of addresses without cron
* Support for multiple attachments
* Protection against header injection
* Set message priority
* Request Read Receipts
* Sendmail (or other binary) support
* Pluggable SMTP Authentication (LOGIN, PLAIN, MD5-CRAM, POP Before SMTP)
* Anti-Flooding support (reconnect every X emails) via plugin
* Secure Socket Layer connections (SSL)
* Loadable plugin support with event handling features
Steps To Reproduce:
Additional Information: I have a server i can dedicate to this.

Runs CENTOS 5.3 64 bit
3GB of RAM
Two athlon 4200 processors
(2)250 gb drives in raid 1
Attached Files:
Notes
(0050768)
mike mckoy   
06-11-09 09:27   
If there is anyone available...

I contacted one of the senior developers for swift mailer. He'd like to consult with a phplist senior dev to begin to initiate a plugin that will allow phplist to take advantage of swift mailer.

1. load balancing for smtp outgoing mail
2. reduced server load
3. its capable of sending over 500k messages per hour.

Please reply so that contact can be made. This would be a big win for phplist. It would be the fastest and most advanced open source bulk mailing platform available.
(0050769)
michiel   
06-11-09 12:55   
sure, sounds very interesting, and very needed in phpList. I think the easiest way to discuss issues is on the developers mailinglist, as it will increase the understanding of any community developer involved.
(0050770)
mike mckoy   
06-11-09 16:47   
Hey Michiel...

Xavier, the Senior Developer from Swift Mailer will join mantis and would like to start working with someone on Saturday. He's working hard today so he may not join til tomorrow morning. Can you have someone available to give direction on what scripts he should look at? is it possible that a plugin can overrule the phpmailer system as a wrapper won't work.

Also can you think about how you would like to give an option to select swift mailer over phpmailer? If any of those collected thoughts could be in mantis tomorrow i'm sure that would help him get started.

He'll have it written fairly quickly as I understand it. But phplist has to decide the best way to incorporate this new selection and functionality into the config file.

phplist is a complicated machine :)
(0050771)
michiel   
06-11-09 18:18   
I'm not sure I'll be around on saturday, but here are a few pointers:

currently, phpList uses phpmailer, which I extended with the phplistmailer class that can be found in the admin directory. However, I hacked away at phpmailer itself, which is the reason I haven't upgraded to the latest phpmailer yet.

If you can create a wrapper class that would handle the same calls as phpmailer, that would be great. I think it makes most sense to wrap an abstract class around swiftmailer, as an interface to phplist.

It's easy to test things. Once you're set up a local dev-environment, you can simply send yourself a test mail to check that all is working ok.
(0050772)
mike mckoy   
06-11-09 18:35   
Well hopefully he will see that. But he was very specific in stating that a wrapper will limit the capability. Being that i'm not a developer i'm not sure what that means. Hopefully it will still work with load balancing becuase that is extremely important. It would elevate phplist to a enterprise level application (out of the box).

It could be he was referring to something I didn't comprehend right. My apologies if i'm wrong.

Thanks Michiel.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15360 [phplist] Click Tracking major always 05-11-09 13:22 05-11-09 13:22
Reporter: ramya123 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Click Tracking is not working for links in the body of the message, only for those in the footer.
Description: Hi,


Click Tracking is not working for links in the body of the message, only for those in the footer i.e., for unsubsribe and Forward links.


Any help would be appreciated.



Thanks,
Ramya
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15345 [phplist] Interface - Frontend minor always 04-10-09 00:27 03-11-09 15:08
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: "phplist powered by phplist" in the admin pages. No version in the user pages.
Description: The user pages display nothing after the word "version". If it's on purpose, the word "version" should be removed and the version number should be removed from the admin log-in page.

The admin pages display "phplist powered by phplist".
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050767)
lwc   
03-11-09 15:08   
When I click "View Source", I do see <?php echo VERSION?> (as if it's HTML code)...it's probably being taken literally from config/footer.inc




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15325 [phplist] Message Send Process minor have not tried 01-09-09 22:08 01-11-09 17:42
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: SMTP code is partially broken (revisited)
Description: cipixul reports that the code changes applied to "admin/class.phplistmailer.php" in order to fix issue 8590 can result in trouble:

===== Start Quote =====

The code is wrong because it uses PHPMAILERHOST only if the admin set phpmailer_user, which is not always the case, and as we run several smtpd servers on same machine, we don't authenticate to our smtpd instances because they're local.

===== End Quote =====
Source: http://forums.phplist.com/viewtopic.php?f=17&t=23830#p67628 [^]
Steps To Reproduce:
Additional Information: cipixul suggests the following changes to fix the issue:

===== Start Quote =====

The correct code which works in our case and in all other cases I can think of should be this one:

          if (defined('PHPMAILERHOST') && PHPMAILERHOST != '')
          {
            //logEvent('Sending authenticated email via '.PHPMAILERHOST);
            //$this->addCustomHeader("X-Mailer-Method: Dedicated SMTP");
            $this->SMTPAuth = true;
            $this->Helo = getConfig("website");
            $this->Host = PHPMAILERHOST;
            if ( isset($GLOBALS['phpmailer_smtpuser']) && $GLOBALS['phpmailer_smtpuser'] != ''
                    && isset($GLOBALS['phpmailer_smtppassword']) && $GLOBALS['phpmailer_smtppassword']
            )
            {
                    $this->Username = $GLOBALS['phpmailer_smtpuser'];
                    $this->Password = $GLOBALS['phpmailer_smtppassword'];
            }
            $this->Mailer = "smtp";
          }

===== End Quote =====

Related to: http://mantis.phplist.com/view.php?id=8590 [^]
Related forum thread: http://forums.phplist.com/viewtopic.php?f=17&t=23830#p67628 [^]
Attached Files:
Notes
(0050766)
h2b2   
01-11-09 17:42   
related to http://mantis.phplist.com/view.php?id=15291 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15291 [phplist] Message Send Process major always 15-05-09 02:28 01-11-09 17:23
Reporter: openside Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: SMTP send won't work without authentication
Description: Logic in constructor of class PHPlistMailer is wrong in the case of using SMTP.

The offending code is:

if (defined('PHPMAILERHOST') && PHPMAILERHOST != '') && isset($GLOBALS['phpmailer_smtpuser']) && $GLOBALS['phpmailer_smtpuser'] != '') {
....
}

SMTP will only be set if phpmailer_smtpuser has been set in the configuration. This precludes the use of SMTP servers which do not require authentication.

The fix is simple and is left as an exercise for the maintainers.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050765)
h2b2   
01-11-09 17:23   
Issue confirmed in this thread, which also includes a workaround soltion: http://forums.phplist.com/viewtopic.php?p=67035#p67035 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
740 [phplist] HTML Email Support feature always 29-10-03 10:03 31-10-09 20:36
Reporter: grantlairdjr Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: acknowledged Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: PHPList Archive
Description: Guys,

I've been using Mojo Mailing List since January and its been very good. I really like PHPList a lot but one thing it do not have is automatically archive on website.

Wonder if they ever will upgrade PHPList with it in near future?

Smile,
gwlj
Steps To Reproduce:
Additional Information: http://www.phplist.com/forums/viewtopic.php?p=877#877 [^]
Attached Files: archive.php (2 KB) 07-08-04 08:10
Notes
(0001637)
LubTex   
07-08-04 08:10   
I posted a temporary mod for this that you might be able to incorporate
http://www.phplist.com/forums/viewtopic.php?p=3909 [^]
(0002139)
michiel   
04-10-04 13:19   
Features like this will be added when a client that pays for it can be found. Who knows, that may be soon, or it may be never. For now there are many other issues to resolve first.
(0016504)
h2b2   
09-08-06 14:53   
This is the current thread for the archive mod: http://forums.phplist.com/viewtopic.php?p=19371#19371 [^]
(0050764)
Dragonrider   
31-10-09 20:36   
Note that the last working version I have seen is 1.6 available here: http://mantis.phplist.com/file_download.php?file_id=968&type=bug [^]

The version 1.9 in the phplist Wiki here: http://docs.phplist.com/NewsletterArchive [^] has several errors, possibly dur to be pasted in to a webpage?
Recommend use of 1.6 version if you want to use the mod.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15358 [phplist] Subscriber Import minor always 30-10-09 01:59 30-10-09 01:59
Reporter: crowdofone Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Import does not strip doublequote text delimiters when using 'import emails with the same values for attributes'
Description: By default Openoffice Calc uses the text delimter " when exporting CSV files. When importing to phplist it appears not to remove these which results in email addresses that look like: "name@domain.com" instead of just: name@domain.com. The actual import itself goes fine but then later these doublequotes result in the addresses being regarded as invalid by phplist.

Line 407 of importcsv.php includes the code:

$line = str_replace('"', '', $line);

For whatever reason - i am not a competent enough coder to work out what's happening here - the code above either doesn't get called or does not have the intended effect.

As OpenOffice is a popular choice both for regular users and for those looking to convert xls files and export them as csv, i contend that this should just work without having to manually alter the text delimiter.

I have twice seen this effect. First when importing a large number of email addresses and then secondly through exporting a CSV file consisting of just two email addresses in an attempt to replicate the behaviour.

This appears consistent arcoss both 2.10.9 and 2.10.10.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15341 [phplist] Interface - Frontend major always 29-09-09 17:24 29-10-09 20:37
Reporter: dhartford Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: security - forgotpassword value not checked/eval'd
Description: /lists/admin when entering value to send an email for 'forgot password', the value is not checked.

Fix included in additional info.
Steps To Reproduce:
Additional Information: /lists/admin/index.php, under the if isset($_REQUEST["forgotpassword"])....

#====php 5.1.6 tested fix - filter_var only works on installs with php > 5.2

$parsedforgotpassword = $_REQUEST["forgotpassword"];

$email_regex = '^[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$';

if(!eregi($email_regex, $parsedforgotpassword)){

   logEvent(sprintf('Invalid forgotpassword email entered from %s.', $_SERVER['REMOTE_ADDR']));

   $page="login";

   $msg="invalid email supplied";

}else{

....normal code....

} #end of email validation check
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15349 [phplist] User Management major always 09-10-09 09:32 29-10-09 20:34
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Need stripslashes when displaying and/or searcing for user attributes
Description: Just like http://mantis.phplist.com/view.php?id=1152 [^] only for user attributes.

This is relevant for:
1) The usage of [attribute] in messages.
2) Searching by attribute in the list of users.
3) Displaying the search result of searching by attribute in the list of users
4) The user's preferences page
5) The admin's edit screen of individual users.

Things like such users are being unsearchable (by the relevant attribute) - even if you use slash in your search - is why I classified it as a major error.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15188 [phplist] Interface - Backend major always 07-11-08 16:56 29-10-09 17:23
Reporter: anthropos9 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: resolved Product Version: 2.10.7  
Product Build: Resolution: unable to reproduce  
Projection: none      
ETA: none  
Summary: PHP Error
Description: On the bottom of lists/admin/ along with several other admin pages I get this error message:

Notice: ob_end_flush() [ref.outcontrol]: failed to delete and flush buffer. No buffer to delete or flush. in /nfs/c02/h03/mnt/27557/domains/puyallup-tribe.com/html/mail/lists/admin/index.php on line 409
phplist version 2.10.7
Steps To Reproduce:
Additional Information: My System Info:
PHP Version 5.2.6

System Linux cl04 2.6.20.2-1 #8 SMP Tue Feb 12 07:11:48 PST 2008 i686

Configure Command './configure' '--prefix=/usr/local/php-5.2.6-1' '--enable-cli' '--enable-cgi' '--enable-fastcgi' '--disable-debug' '--disable-rpath' '--disable-static' '--with-pic' '--with-openssl=/usr' '--enable-bcmath' '--with-bz2' '--enable-calendar' '--enable-ctype' '--with-curl' '--with-db4' '--with-zlib-dir=/usr' '--with-xsl' '--enable-exif' '--enable-ftp' '--with-gd' '--enable-gd-native-ttf' '--with-ttf' '--with-jpeg-dir=/usr' '--with-png-dir=/usr' '--with-freetype-dir=/usr' '--with-gettext' '--with-iconv' '--with-imap' '--with-kerberos=/usr' '--with-imap-ssl=/usr' '--enable-mbstring' '--with-mcrypt' '--with-mhash' '--with-mime-magic=/usr/share/misc/file/magic.mime' '--with-mysql=/usr/bin/mysql_config' '--with-pcre-regex=/usr' '--with-pgsql' '--with-pspell=/usr' '--enable-sockets' '--enable-wddx' '--with-xmlrpc' '--with-zlib=/usr' '--with-pear' '--with-layout=GNU' '--with-ldap' '--with-sqlite' '--with-mysqli=/usr/bin/mysql_config' '--enable-pdo' '--with-pdo-mysql=/usr' '--with-pdo-pgsql=/usr' '--enable-pdo' '--with-pdo-mysql=/usr' '--with-pdo-pgsql=/usr' '--enable-soap'
Server API CGI/FastCGI

MySQL Version: 4.1.11
Attached Files:
Notes
(0050279)
chdelgado   
09-01-09 17:42   
I'd need more details to replicate the error.
(0050763)
michiel   
29-10-09 17:23   
make sure error_reporting is set to 0 in your config file.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15300 [phplist] Subscribe Process major always 02-06-09 15:20 29-10-09 17:21
Reporter: spiro Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Resubscribing previous user (i.e. blacklisted)
Description: There are two possibilities with this depending on whether users are required to use a password.

config.php define("ASKFORPASSWORD",0);

With the above setting in config it still only works if a fix that I found in the forum is applied to the admin/subscribelib2.php around line 365 under "if ($blacklisted) {" rem out "return 1". This then allows the new subscription to send out the request for confirmation email and once the url in that is clicked the user is removed from being blacklisted.

With the ASKFORPASSWORD set to 1, when someone tries to resubscribe the subscription page asks for a password to be created and then reconfirmed as with any user trying to subscribe with the password option switched on. However, instead of the system updating the password with the new one from this registration as it does with the rest of the user details being resubscribed, it reloads the subscribe page stating that the email already exists with a different password, breaking the resubscription process unless the user knows or requests their old password. It would be cleaner if whatever password they chose upon attempting to resubscribe was taken as their new data as it does with other attributes from the subscribe page.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050709)
Thorsten Albrecht   
11-08-09 10:34   
Regarding the configuration without using any passwords:

I decided to apply the solution proposed in
http://forums.phplist.com/viewtopic.php?p=58635#p63109 [^] (Point 2):

"If a user is blacklisted and re-subscribes, the "thank you page" displays an alert message to inform the user that he is blacklisted and that he should contact the administrator. In fact, it is not necessary because the user receives a confirmation email with a confirmation link. By clicking on the confirmation link, the user is confirmed and removed from the blacklist.

We can safely remove the warning message."

By uncommenting out the code as described, now a user can resubscribe by himself. The whole stuff with "the administrator has to put you manually from the blacklist" is not necessary anymore. (BTW I a newsletter system, there shouldn't be any manual interventions by the admin in the (re-)subscribing process.

Thorsten
(0050729)
h2b2   
29-08-09 16:31   
-
The issue described by spiro seems related to the one described by docdunning:

====== Start Quote ======

I wanted to make sure that users have to provide their password when unsubscribing. So I used the config file to set ASKFORPASSWORD and UNSUBSCRIBE_REQUIRES_PASSWORD.

But the process just didn't work properly. I've had to make several mods to index.php to get it to work.

1. The login page HTML was not properly generated. It appeared on a blank page with no styling. This was because the $data variable wasn't being passed into the loginpage function.
2. More seriously, the details for the user were not being found in the database, because the code uses $_GET['email'], and the login form obviously sends in $_POST['email'].

====== End Quote ======
See: http://forums.phplist.com/viewtopic.php?f=17&t=27699#p66503 [^]
(0050748)
spiro   
06-10-09 17:19   
Hi
I've changed my setup since reporting this as I changed host and now use a joomla component from foobla for the user front end integration with my joomla site.

I can't previously recall experiencing the issue quoted above that docdunning has experienced, but I may not have been requesting the use of the password for unsubscribes, I may have only been using it for user preference updating. I think I may have been using the uid version of the unsubscribe url.

I am now also experiencing the docdunning issue on a new install of v2.10.10. Even though I have the password variables set in the config file as described by docdunning above, using the non uid unsubscribe url does not request the password to be supplied so someone could therefore unsubscribe someone elses email. Previously I wasn't experiencing this as I wrote a custom unsubscribe form for my site that blended with that design so I was controlling whether a user had arrived at my site from a uid version url and if not redirecting them to my home page so they could only access my unsubscribe page in one way and then used curl to submit my form to the phplist unsubscribe form.

Anyway, having looked at my notes I believe I found a fix to allow a user that has previously unsubscribed to resubscribe without needing their original password by making the following 2 changes. This was the original purpose of this issue, I think the docdunning issue is a seperate one to this.

First find the following block of code in admin/subscriblib2.php starting around line 172.

if (ASKFORPASSWORD && $old_data["password"]) {
         if (ENCRYPTPASSWORD) {
            $canlogin = md5($_POST["password"]) == $old_data["password"];
         }
         else {
            $canlogin = $_POST["password"] == $old_data["password"];
         }

         if (!$canlogin) {
            $msg = $GLOBALS["strUserExists"];
            $msg.= '

'.$GLOBALS["strUserExistsExplanationStart"].
            sprintf('%s&email=%s',getConfig("preferencesurl"),$email,
            $GLOBALS["strUserExistsExplanationLink"]).
            $GLOBALS["strUserExistsExplanationEnd"];

            #return;
         }
      }

rem out the return statement at the end of the above block.

In the same file around line 370, find the following block;

   if ($blacklisted) {
      $thankyoupage .= '

'.$GLOBALS["strYouAreBlacklisted"].'

';
      #return 1;
   }

also rem out the return statement at the end of the above block.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15350 [phplist] Installation block have not tried 14-10-09 05:18 29-10-09 17:17
Reporter: LouiseB Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: feedback Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: "Send Message" screen is incomplete
Description: I am using IE 8, and am experiencing the same problem that was reported in issue # 004030. I can see the full screen in your demo, but not in the version I have installed. It was installed using Fantastico and I haven't changed any default config settings.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050761)
michiel   
29-10-09 17:17   

can you upload a screenshot? and some more details on your PHP environment would be useful as well.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15351 [phplist] Installation major always 20-10-09 20:14 29-10-09 17:15
Reporter: shez001 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: resolved Product Version: 2.10.10  
Product Build: Resolution: no change required  
Projection: none      
ETA: none  
Summary: Bug in MySql installation script of PHPList
Description: After installing PHPList on server and going through the admin panel I noticed that I was receiving errors such as table does not exist. This was very strange so I decided to do some further investigation.

Findings:

On line number 1087 in the phplist.sql:

INSERT INTO `phplist_user_blacklist_data` VALUES ('billgates@microsoft.com','reason','I\\\'m not really that interested in your newsletter anymore. Sorry.');

This is not correct as the \\\ in the query escapes the rest of the sql and the remaining tables are not executed this results in a broken installation.

The correct sql is:
INSERT INTO `phplist_user_blacklist_data` VALUES ('billgates@microsoft.com','reason','I\'m not really that interested in your newsletter anymore. Sorry.');

After doing this fix and adding the tables below this line number everything worked perfectly.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050760)
michiel   
29-10-09 17:15   
the sql file is not used in installation




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15029 [phplist] Authentication System tweak always 11-06-08 14:43 29-10-09 02:54
Reporter: Antonimo Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.5  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Identical Cookies allow login to multiple installations
Description: I have two installations of PHPList on the same domain. The first installation is in a sub-directory of the root called "lists" and the second is in a sub-directory called "subscribe".

Each installation uses its own database.

Each installation has different log on details for the admin.

I have tried to log in to each installation using the other's username and password and I cannot log in.

However, once I am logged in, I can substitute the word "lists" for "subscribe" in the URL and get in to the other installation.

As the login is stored in a cookie on my browser, I suspect that this is were the problem is. In fact, I cleared out all cookies then logged in to the first installation - then I opened another browser window to access the second installation. Monitoring the cookies I see that there is only one. When I delete this cookie, I am logged out of both installations.

The serious problem is that logging in to one installation should not give access to the second installation.

The cookie name is PHPSESSID (the default session name)

Should the cookie prefix be determined in the configuration file?
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0049399)
h2b2   
11-06-08 15:56   
Antonimo's findings seem to point to a session ID related security issue that might occur when having multiple installs and multiple admins.

I have therefor asked Antonimo to file this mantis report because I think this should be looked into by the developers.

See also: http://forums.phplist.com/viewtopic.php?t=18285 [^]
(0049401)
julian   
11-06-08 16:06   
You are right,H2B2.
(0050613)
CS2   
03-04-09 13:44   
I think that storing $installation_name as a session variable, comparing that with the local $installation_name variable in the access check script then logging the user out if they don't match would fix this.
(0050617)
h2b2   
06-04-09 05:20   
For more info, see http://forums.phplist.com/viewtopic.php?p=61369#61369 [^]
(0050759)
h2b2   
29-10-09 02:54   
For those looking for a workaround solution, you can store administrator sessions in a database table by uncommenting the following setting in config.php:
   $SessionTableName = "phplistsessions";

ref: http://forums.phplist.com/viewtopic.php?f=24&t=28812&p=69478#p69355 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15356 [phplist] All Other minor have not tried 28-10-09 17:09 28-10-09 17:09
Reporter: Larry Douglas Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.5  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Is there a way to export admins?
Description: Is there a way to export admins?
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15355 [phplist] RSS minor always 26-10-09 18:20 26-10-09 18:20
Reporter: metropolitan Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: New subscribers to RSS list digests get RSS items older than the digest time interval
Description: To quote user "alanf",

"When running an RSS e-mail with daily frequency, and another with monthly, I need to keep at least 1 months worth of RSS data on the database.

If a NEW user subscribes to the list as 'daily', on the first day the new user will get everything held on the RSS tables on the first e-mail, as nothing has been flagged as being sent to that user.

In an ideal world, when a new user subscribes to a daily list, the RSS table would be flagged to excluded everything over a day old for that user, son on the first e-mail they get just the recent RSS data (and the same logic for weeky / monthly )"

I would add it may appear like a trivial problem because it only affects new subscribers... except that if you are setting up PHPlist for the first time, and you are importing a list of 10,000 people, and you have a number of RSS feeds that go back a year, suddenly it is not a trivial issue because it will affect 10,000 people.
Steps To Reproduce:
Additional Information: Alan's post:
http://forums.phplist.com/viewtopic.php?f=17&t=25903&p=69360#p69360 [^]

Another report of this same problem:
http://forums.phplist.com/viewtopic.php?f=15&t=24458#p67778 [^]
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15354 [phplist] Interface - Backend minor always 23-10-09 09:24 23-10-09 09:24
Reporter: tuxick Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: no default language for admin interface
Description: i don't see how to set default language for the admin interface.
ideally all admin users should be able to set one, but a good start would be setting one in config.php.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15353 [phplist] All Other feature random 23-10-09 03:28 23-10-09 03:28
Reporter: weiwei Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Receive unsubscribe notification from phplist without clicking unsubscribe link
Description: One of my colleagues received the unsubscribe notification from PHPlist, but she never click on any unsubscribe link from the email.

Please advice.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15352 [phplist] User Management minor always 22-10-09 09:30 22-10-09 09:30
Reporter: titobrasolin Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.9  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Sort by 'entered' and 'modified' not working on page 'users'
Description: The error is: "Database error 1052 while doing query Column 'entered' in order clause is ambiguous"

Looks like it happens only with MySQL 5.0.51 (we have phplists 2.10.9 on MySQL 5.0.41 works fine)

=Suggested fix=
  file: admin/commonlib/pages/users.php
  line 272: change
    $order = ' order by ' . $sortby;
  into
    $order = ' order by ' . "{$tables["user"]}.$sortby";
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15287 [phplist] Message Management minor sometimes 12-05-09 23:28 21-10-09 03:21
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: FCKeditor doesn't load when opening the 'send a message' page.
Description: Several users reported FCKeditor didn't load when opening the 'send a message' page.

taydeko found the issue is caused by a couple of code lines in send_core.php
==== START QUOTE =====
On line 1034 and 1040 are:

//value="'.htmlentities(iconv('ISO-8859-1','UTF-8',$subject),ENT_QUOTES,'UTF-8').'" size=40></td></tr>
value="'.htmlentities(iconv('ISO-8859-1','UTF-8',$from),ENT_QUOTES,'UTF-8').'" size=40></td></tr>

I am not sure why 1034 is commented out, but if you replace 1034 with the contents of 1023 without the comment, and replace 1040 with 1024 without the comment, the program works fine for me. So it looks like something is causing a problem in the "iconv('ISO-8859-1','UTF-8',$from)" bit of code.
==== START QUOTE =====
Source: http://forums.phplist.com/viewtopic.php?f=17&t=24501#p61969 [^]
Steps To Reproduce:
Additional Information: The issue occurred on a system with $strCharSet=ISO-8859-1 and the following database settings:
character_set_client: utf8
character_set_connection: utf8
character_set_database: latin1
character_set_filesystem: binary
character_set_results: utf8
character_set_server: latin1
character_set_system: utf8

I couldn't reproduce this issue on my system which is fully configured for UTF-8 (see notes 0050565 and 0050579 of mantis issue 1644).


SOME REMARKS:
It seems to me the code changes made to fix issue http://mantis.phplist.com/view.php?id=15241 [^] have introduced the current issue.

It is unclear to me why line 1034 has been disabled (commented), nor can I check on my system whether just uncommenting line 1034 would solve this issue.

I wonder whether the use of iconv -as in: htmlentities(iconv('ISO-8859-1','UTF-8',$subject) - wouldn't result in more trouble than it solves, for instance if someone would be using another admin page encoding than ISO-8859-1, like ISO-8859-7 which is used in greec.inc.

I also wonder whether hardcoding charsets is the best way to go. Please see my notes on this topic in http://mantis.phplist.com/view.php?id=1644 [^]
Attached Files:
Notes
(0050646)
h2b2   
13-05-09 01:49   
It appears that just uncommenting line 1034 in admin/send_core.php should be enough to fix this issue.
 //value="'.htmlentities(iconv('ISO-8859-1','UTF-8',$subject),ENT_QUOTES,'UTF-8').'" size=40></td></tr>

See also: http://forums.phplist.com/viewtopic.php?p=62061#p62061 [^]

So, I guess this might well be just a typo instead of an issue with iconv. Even so, I have some doubts regarding the use of iconv to fix encoding issues since it again involves hardcoding.
(0050648)
h2b2   
14-05-09 22:12   
Actually I spoke to soon. A number of users reported that just uncommenting line 1034 does not work on their system. Reverting to the old 2.10.9 code -i.e., without "iconv"- did work for them.

ref: http://forums.phplist.com/viewtopic.php?p=62072#p62072 [^]
(0050724)
h2b2   
29-08-09 13:33   
The use of iconv() also appears to be the cause of trouble in these issue reports:
http://mantis.phplist.com/view.php?id=15324 [^]
http://forums.phplist.com/viewtopic.php?f=17&t=28038 [^]
(0050726)
h2b2   
29-08-09 13:40   
The fix suggested by taydeko has been included in the patched lists/admin/send_core.php file available in this forum post: http://forums.phplist.com/viewtopic.php?f=3&t=24748#p62594 [^]
(0050758)
karma   
21-10-09 03:21   
I concur with the above. However, I might add that this is not a "minor" issue, since numerous postings and threads showing all sorts of different "fixes" exist in the forums (none of which worked for me, I might add, except for the send_core.php fix). For a detailed post containing my particular experience, see:

http://forums.phplist.com/viewtopic.php?f=3&t=28742 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
9816 [phplist] Authentication System feature always 23-04-07 05:25 20-10-09 16:51
Reporter: bpeabody Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.4  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: LDAP Authentication Patch
Description: here is a patch for using LDAP as the backend for authentication of phplist admin users. it has support for two different types of admin accounts: a) everyone who matches the criteria you specify in your config is automatically an admin, with the records in the database being created as the user logs in the first time, b) everyone who matches your criteria is a potential admin, but only those who already have an admin record in the phplist database are able to log in. you can use one or both of these methods at the same time.

the text file in the attached package contains more info.

feedback is welcome
Steps To Reproduce:
Additional Information:
Attached Files: phplist-ldap-0.1.patch (11 KB) 23-04-07 05:25
phplist-ldap-0.1.txt (5 KB) 23-04-07 05:26
phplist-ldap-0.1a.patch (12 KB) 16-08-07 22:37
Notes
(0026148)
michiel   
23-04-07 16:50   
Interesting, thanks

Instead of patching phplist_auth.inc wouldn't it be easier to write a new ldap_auth.inc and then set the config file to use that one? That way the developments can go their own way.

That was initially the idea when creating the phplist_auth.inc file.
(0026168)
bpeabody   
23-04-07 23:37   
Yes, you're right. It definitely seems better to put this in a separate file (I missed that line in the config, sorry).

The only thing is that the LDAP code can fall back on the regular auth for specific users that you define (for example, you may want to keep the "admin" account local - not authenticating via LDAP, so in the event that your LDAP server is down, or there is some other connection issue, you can still get in;). This feature is currently implemented by renaming your existing validateLogin function to localValidateLogin and just calling in when needed.

Perhaps this could be resolved by implementing a new class called "ldap_admin_auth" which extends from "admin_auth" and lives in a separate "ldap_admin_auth.inc" file? But then I'm not sure how the rest of PHPList would know to use an instance of "ldap_admin_auth" instead of "admin_auth" - just including the file wouldn't quite do it.

Or I could just copy the existing admin_auth.inc to ldap_admin_auth.inc and make the mods to it. But that's a little less resilient to change, since ldap_admin_auth.inc would have to track with and carry over any relavent changes from admin_auth.inc as it evolves, instead of letting the language do that for us via inheritance.

Your call - whichever you think is best.
(0026188)
michiel   
24-04-07 13:34   
yes, good point, I'll have a think. I'm not sure how soon, I'll be able to merge it into the main code, but in the meantime we can leave it as a patch
(0030653)
amichel   
16-08-07 22:36   
I made some small changes to this patch to account for anonymous binding. Our ldap server allows anonymous binds for searching. I recreated the entire patch with my changes, so this isn't an incremental patch, it's the full contents of the original patch plus my minor contribution, all rolled into one.

I'm new to generating patch files and whatnot, so if this is wrong, do what you must.
(0050757)
goverd   
20-10-09 16:51   
I recommend using strtolower when checking the login as the uid attribute is sometimes derived from the entry's name when created in the tree and would honor the case. (e.g jdoe in phplist should match with JDoe from ldap tree)

--- phplist_auth.inc 2009-10-20 12:50:13.000000000 -0400
+++ phplist_auth.inc.orig 2009-10-20 12:49:45.000000000 -0400
@@ -110,7 +110,7 @@
         );

       // check to see if it worked
- if (strval(strtolower($myResult[0])) == $login) {
+ if (strval($myResult[0]) == $login) {

@@ -154,7 +154,7 @@
         );

       // check to see if it worked this time
- if (strval(strtolower($myResult[0])) == $login) {
+ if (strval($myResult[0]) == $login) {




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
5184 [phplist] All Other feature always 08-01-06 06:06 15-10-09 10:14
Reporter: foundsecrets Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.2  
Product Build: Resolution: open  
Projection: minor fix      
ETA: none  
Summary: manual blacklisting
Description: I'm sure you are sick to death of the blacklisting question, but it seems to me that it would be nice, if like on Horde, you had a specific blacklisting feature, rather than one that blacklists all those who unsubscribe. I know that I like many other webmasters often have to blacklist AOL members just to be able to keep our webhosts, and then there are those subscribers who have abused our list.

Just a thought!
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0009902)
michiel   
09-01-06 13:46   
no, that's more a "feature request". I think there's a similar one, which says "blacklist certain domains" but haven't looked for it yet
(0033682)
heritage   
01-10-07 17:44   
lists/admin/?page=users

When in "list of all users" there should be added the following action links when one does a find user search:

Current:

 download all users as a cvs file
 add a user

Should add:

 delete all users in the search results
 unconfirm all users in the search results
 blacklist all users in the search results
 unsubscribe all users in the search results from all lists

 (currently you cannot unsubscribe anyone completely if they are in more than one list)
(0039689)
bas   
18-01-08 14:12   
Let's make this a plugin. Features to include:
* selection using wildcards
* Customizable rejection message per domain (and per language/ spage)
(0040306)
h2b2   
01-02-08 13:46   
As a temporary workaround, you could consider the solution proposed by Ollie in this forum post: http://forums.phplist.com/viewtopic.php?p=42358#42358 [^]

**** START QUOTE ****
Why would you want to blacklist a domain name (e.g. AOL) when you can block them off your mailing list? I had a PHP programmer create a script for me that keeps AOL subscribers from signing up to my mailing list. Before taking the following steps, I suggest making a backup copy of your original config/config.php and admin/subscribelib2.php files (just to be safe). I used this code and it works beautifully!

Step 1:

Add to the Experimental Features section of config/config.php:

# Banning Domain Names from your Mailing List - Enter on the next line
# the text of the error message that you wish your subscribers to see.
# Replace domain1, domain2, etc, with the domain names you want to block.
$strInvalidDomainInEmail = "The text of the error message";

$banned_domains = array(
"domain1",
"domain2",
"domain3",
"etc....",
);

Step 2:

Open admin/subscribelib2.php and add the following code for lines 122-129:

if (isset($_POST["email"])){
list($username,$domaincheck) = split('@',$_POST["email"]);
$domaincheck = strtolower($domaincheck);
if (in_array($domaincheck, $banned_domains))
$validhost2 = 0;
else
$validhost2 = 1;
}

Step 3:

Replace the following code (lines 133-134)

if (isset($_POST["subscribe"]) && is_email($_POST["email"]) && $listsok
&& $allthere && $validhost) {

with this one:

if (isset($_POST["subscribe"]) && is_email($_POST["email"]) && $listsok
&& $allthere && $validhost && $validhost2) {

Step 4:

Add the following code for lines 590-591:

} elseif ((isset($_POST["subscribe"]) || isset($_POST["update"])) &&
!$validhost2) {
$msg = '<div>'.$strInvalidDomainInEmail.'</div>
';

**** END QUOTE ****

The issue is related to: http://mantis.phplist.com/view.php?id=4041 [^]
(0046227)
h2b2   
04-05-08 16:29   
To get manual blacklisting working, crSteve suggests the following mod in this forum post: http://forums.phplist.com/viewtopic.php?p=45860#45860 [^]

====== START QUOTE ======

I just edited massunconfirm.php

Line 2 Add
Code:
//userlib for blacklist function
include_once dirname(__FILE__).'/commonlib/lib/userlib.php';


Line 20 Add, inside the foreach loop, before the closing }
Code:
//added user to the blacklist
addUserToBlackList($email, 'Admin Blacklisted');


Now I can blacklist and unconfirm a single e-mail address or a large group of e-mail address. After you make the changes just click on manage users then mass unconfirm users. Enter the e-mails and enjoy.

The users get added to the blacklist, check the database, however there is this problem: When you view the user list showing only the blacklist emails the recently added names show up. However, when you do a search for the user it shows an X under bl l instead of the check mark. I guess it has to do with the browser cache, cause eventually it sorts out and displays the appropriate check under bl l.

====== END QUOTE ======
(0050756)
rkin005   
15-10-09 10:14   
As noted here (http://mantis.phplist.com/view.php?id=4041) [^] would also be good to only allow subscription by people with email in certain domains. ie provide a list of domains and only users with an email in one of those domains can subscribe.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
4041 [phplist] Subscribe Process feature always 15-09-05 01:54 15-10-09 10:11
Reporter: michiel Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.1  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: add disallowing of signing up with certain domains
Description: as discussed here,

http://www.phplist.com/forums/viewtopic.php?t=3402 [^]

it could be useful to allow adding a list of domains that are stopped from being used for subscribing. It could possibly be extended to blocking entire IP addresses/ranges.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0040370)
h2b2   
05-02-08 02:40   
A solution was posted on the forum by ollie.

See:
- http://forums.phplist.com/viewtopic.php?p=42358#42358 [^]
- http://mantis.phplist.com/view.php?id=5184 [^]
(0050755)
rkin005   
15-10-09 10:11   
It would also be good to be able to 'whitelist' certain domains and block others, e.g. blacklist '*' and whitelist just the domains that you want to allow users. For example I have a user group of a number of companies and only want them to be able to sign up to my lists.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15176 [phplist] User Management feature N/A 30-08-08 09:03 07-10-09 11:33
Reporter: user4321 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: CVS  
Product Build: Resolution: open  
Projection: tweak      
ETA: none  
Summary: Feature request - Administrator to be able to approve new subscribers
Description: For some private mailing lists it would be useful to have list manager approval once the email address had been confirmed.

One way to achieve this would be for a duplicate of the opt-in message to be sent to the list manager containing all the details and comments for each new subscriber enabling the list manager to authorize individuals after confirming identity.

It would work best for lists with a low turnover like clubs and other organizations.
Steps To Reproduce:
Additional Information: An alternative mechanism would be to have the ability to sent the opt-in confirmation email to the list manager every time instead of to the subscriber.

For the type of mailing list I want there would be little point in subscribing someone maliciously. The rest of the info provided from the subscription page should be sufficient to identify legitimate new subscribers.

This I would be less ideal as a miss-typed email address would not be picked up but would be easier to implement.
Attached Files:
Notes
(0050754)
lwc   
07-10-09 11:33   
A possible solution: http://forums.phplist.com/viewtopic.php?t=10074#p63703 [^]

Same request for unsubscribers is in http://mantis.phplist.com/view.php?id=15348 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15348 [phplist] Subscribe Process feature always 07-10-09 11:32 07-10-09 11:32
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Allow admin to approve unsubscribers
Description: Like http://mantis.phplist.com/view.php?id=15176 [^] but for unsubscribers. Those who need such a thing probably don't currently provide an unsubscribe link in their messages at all, so it would be an improvement for them.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15337 [phplist] Subscribe Process major always 20-09-09 16:46 07-10-09 11:12
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: The subscribe page lets anyone change anyone's details by "re-subscribing"
Description: You can bypass the requirement to know your personal key ID in order to change preferences, if you just enter an existing e-mail address in the regulsr subscribe form.

True, it's only partial as you can't change selectable options, only adding to them. Obviously you also can't change your e-mail address (as the whole trick relies on using an existing one).

That is, anyone can enter your e-mail address and supply new text attributes. Suddenly you find your details contain a different name, town, etc.

But if you're listed in list #1 and list #2, if someone enters your e-mail address and lists you only in list #3, it makes you subscribe to #3 in addition to #1 and #2, not instead.
Steps To Reproduce:
Additional Information: The direct solution is not to allow entering an existing e-mail address in the subscribe page. Existing e-mail addresses should only be used in the preferences' page.

Alternatively, notify the admin about it (like what happens now) but actually let them decide - "someone entered an existing e-mail address in the subscribe page. The following changed (or not) attributes will NOT be approved, unless you click the following link." But this would require two attributes for each attribute - a current one and a waiting-to-be-confirmed one.
Attached Files:
Notes
(0050752)
lwc   
07-10-09 11:12   
Likewise for Unsubscription: http://mantis.phplist.com/view.php?id=15320 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15326 [phplist] Interface - Frontend tweak always 03-09-09 15:59 07-10-09 11:09
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: "X bounces" in the "View Bounces" page should renamed to "X unidentified bounces"
Description: Otherwise one has to figure out on their own what it means.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050751)
lwc   
07-10-09 11:09   
I meant whenever there are 0 identified bounces.

In other words, it should be divided to identified and unidentified bounces.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15160 [phplist] Internationalization (l18n) feature always 21-07-08 12:08 07-10-09 11:05
Reporter: nadavkav Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: internationalization  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: new utf-8 hebrew translation
Description: i have converted the current hebrew translation which was encoded windows-1255 to unicode utf-8.

a file is attached.

i changed the name in case someone needs the old translation which only works on Windows(tm) platforms. (bad)
Steps To Reproduce:
Additional Information:
Attached Files: hebrew-utf8.inc (8 KB) 21-07-08 12:08
hebrew.inc (8 KB) 05-05-09 11:08
hebrew-20090825.inc (12 KB) 31-08-09 13:14
hebrew-20091004.inc (12 KB) 04-10-09 00:29
hebrew-20091007.inc (12 KB) 07-10-09 11:05
Notes
(0050637)
lwc   
05-05-09 11:10   
I have fixed a spelling error and also added special strings that the NewsletterArchive add-on can use.

I didn't change the name because I don't think the old translation would ever be updated anyway. I don't mind being the new Hebrew (UTF-8) translator, but it seems I need a user/password for the DEV site to see what needs to be translated.
(0050733)
lwc   
31-08-09 13:12   
Per the admin's request, I would always upload the latest Hebrew file here. If you want to use it, you'd have to rename it back to hebrew.inc .
(0050734)
lwc   
31-08-09 13:18   
Please add this line to PEOPLE:

LWC, http://lior.weissbrod.com, [^] (date goes here), hebrew.inc




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15284 [phplist] User Management minor always 12-05-09 00:37 06-10-09 16:07
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: Delete attribute and Merge attribute feature does not seem to be working
Description: On the 'configure attributes' page (lists/admin/?page=attributes), deleting or merging attributes has no effect.
.
Steps To Reproduce:
Additional Information: Issue reported by postmanpat: http://forums.phplist.com/viewtopic.php?f=17&t=24502&start=0 [^]

Confirmed on my system:
 phplist 2.10.9
 Linux/Apache
 PHP 5.2.3
 MySQL 4.1.12
Attached Files:
Notes
(0050641)
h2b2   
12-05-09 02:38   
Correction: my test system is running 2.10.10, not 2.10.9
(0050649)
tallbiker66   
15-05-09 17:20   
May I ask when this bug will be resolved? Could you please raise the severity to high? The fact that attributes can't be deleted renders the 2.10.10 release pretty much useless.

Thank you.
tallbiker66
(0050654)
h2b2   
18-05-09 06:43   
If you have an attribute that you don't want included on your subscribe page and preferences page, you can simply edit the subscribe page (e.g. lists/admin/?page=spageedit&id=1), and un-tag the attribute's checkbox "Check this box to use this attribute in the page".
ref: http://docs.phplist.com/EditSubscribePageInfo [^]
(0050655)
tallbiker66   
18-05-09 13:40   
H2B2, thank you for getting back with me. Is there a way to make the Name attribute mandatory? Using the form to edit the subscribe page will allow me to take it off, but I really want it to be mandatory for people to subscribe to lists.

Thank you.
tallbiker66
(0050659)
h2b2   
19-05-09 04:10   
Ah, I didn't yet notice that ***making attributes required doesn't work*** either. Have now, and can confirm this issue on my system.

Short of an actual fix, I don't see a solution for this one. Perhaps a workaround by applying the customized subscribe _form_ method described in http://docs.phplist.com/CustomSubscribeForm [^]
You'll then need to add the "Name" attribute to the existing javascript form validation.
(0050663)
iloveitaly   
26-05-09 22:00   
Every instance of $tagaction['merge'] must be replaced by $_POST['tagaction']['merge']
(0050690)
dathwa   
02-07-09 11:29   
i installed v.2.10.10 a few days ago. i too cannot delete attributes.
i can make them "not require", which is good.
However, the admin user is presented with a bunch of choices on the "criteria" tab for sending a new message, and it can be a bit confusing.

Hope you can fix it soon.
ta.
(0050693)
mrdak   
10-07-09 19:20   
Doesnt Work here neither will this be fixed someday?
(0050694)
flo_reu   
23-07-09 09:58   
I solved the problem...
just change line number 148 in file admin/commonlib/pages/attributes.php from

if (isset($tagaction['delete'])) {

to

if (isset($_POST["tagaction"]['delete'])) {

and then it works fine for me :)
(0050695)
flo_reu   
23-07-09 11:00   
btw... the same for the merge in line 171:

change } elseif (isset($tagaction['merge'])) {

to

     } elseif (isset($_POST["tagaction"]['merge'])) {
(0050696)
flo_reu   
23-07-09 14:23   
to solve the problem with the attributes in the signup page / edit change in line 57-59 of /admin/spageedit.php from

      $default = $attr_default[$att];
      $order = $attr_listorder[$att];
      $required = $attr_required[$att];

to

      $default = $_POST["$attr_default"][$att];
      $order = $_POST["attr_listorder"][$att];
      $required = $_POST["attr_required"][$att];
(0050707)
umiwangu   
10-08-09 08:45   
Flo_reu's solution worked for me, at least for deleting attributes.
(0050723)
h2b2   
29-08-09 13:20   
flo_reu's fix for the delete and merge attributes issue works fine on my system.

The patched lists/admin/commonlib/pages/attributes.php file has been included as an attachment in this forum post: http://forums.phplist.com/viewtopic.php?f=17&t=24502#p67476 [^]
(0050747)
fptheatre   
06-10-09 16:07   
flo_reu's edits worked for me. attributes can now be deleted on my system.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15347 [phplist] Internationalization (l18n) feature N/A 05-10-09 15:32 05-10-09 15:32
Reporter: sooskriszta Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: internationalization  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Hungarian front end
Description: Please find text file attached.
Steps To Reproduce:
Additional Information:
Attached Files: hungarian.inc (8 KB) 05-10-09 15:32
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15346 [phplist] Internationalization (l18n) feature have not tried 05-10-09 04:39 05-10-09 04:40
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Italian backend translation
Description: The v2.10.10 backend translation was made available by andypanix in this forum thread: http://forums.phplist.com/viewtopic.php?f=19&t=13780&p=68726#p68672 [^]
Steps To Reproduce:
Additional Information:
Attached Files: phplist_ita_02-10-09.tgz (47 KB) 05-10-09 04:40
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
13508 [phplist] Internationalization (l18n) minor have not tried 28-02-08 12:59 05-10-09 04:28
Reporter: bas Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Arabic translation
Description: Hello,

I have completed the Arabic translation
My regards...

Khaled al-Horani <koko.dw@gmail.com>
Steps To Reproduce:
Additional Information:
Attached Files: arabic.inc (7 KB) 28-02-08 12:59
arabic_utf8.inc (13 KB) 05-10-09 04:24
Notes
(0050746)
h2b2   
05-10-09 04:28   
added arabic_utf8.inc which is a revised frontend translation in arabic. This revision was done by AboAbduRahman and its quality was confirmed by Khaled al-Horani (good_man). Encoded in UTF-8.

ref: http://forums.phplist.com/viewtopic.php?f=19&t=13811&p=68725#p40416 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15290 [phplist] Subscribe Process minor always 14-05-09 07:43 04-10-09 07:28
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10 - Second subscribe window appearing when re-subscribing a previously unsubscribed user
Description: If a previously unsubscribed user attempts to re-subscribe, a second window is displayed over the first.

This issue has been reported in http://forums.phplist.com/viewtopic.php?f=15&t=24579#p62107 [^]

Confirmed on my system
-
Steps To Reproduce:
Additional Information: This issue was previously reported for v.2.10.8 and 2.10.9, and was flagged as fixed in v2.10.10. See http://mantis.phplist.com/view.php?id=15240 [^]

See also: http://forums.phplist.com/viewtopic.php?p=58635#p58635 [^]

My system info:
phplist 2.10.10
Linux/Apache
PHP 5.2.3
MySQL 4.1.12
Attached Files: second_window_bug_patch.zip (1 KB) 04-10-09 07:27
Notes
(0050683)
yogoo   
13-06-09 21:59   
I posted a fix at
http://forums.phplist.com/viewtopic.php?p=58635#p63109 [^]

and uploaded the corrected file.

Briefly, the error is fixed by commenting out line 366 in lists/admin/subscribelib2.php
(0050745)
yogoo   
04-10-09 07:28   
Finally uploaded a patch (see above). I understand this is more timely for the developers to investigate the bug and the fix than my previous note.

The patch and explanation are also available on the forum:
http://forums.phplist.com/viewtopic.php?f=17&t=23452&p=63109#p63109 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15344 [phplist] Message Send Process minor always 02-10-09 16:38 02-10-09 16:38
Reporter: djpauze Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Error when sending test Message
Description: Database error 1064 while doing query You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') and user_user_attribute.attributeid = 10' at line 4
Steps To Reproduce:
Additional Information: It seems that the message still goes through! My level of expertise in SQL and php is not very high so I havent been able to figure out the route of the problem. I do however get this message anytime I send a test message in phplist.
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
6275 [phplist] All Other minor always 30-04-06 19:34 01-10-09 18:00
Reporter: dhutton Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: feedback Product Version: 2.10.2  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: False warnings during test import with 'import emails with different values for attributes'
Description: This is the problem reported in 0003603, which still occurs in latest version.

When using the function 'import emails with different values for attributes' the warning message is always displayed (if the 'show warnings' box is checked:

"Warning: Record has more values than header indicated (30!=28), this may cause trouble"

PHP version: 4.4.2
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0013261)
michiel   
02-05-06 13:43   
well, are you so sure that the warning is false? Does the record have more columns than the header? It may well be that the warning is very helpful to find errors in your input file.
(0013267)
dhutton   
02-05-06 15:34   
Yes, I am sure.
I have tested this function again with a variety of test import files.
Here are the results:
1) the warning message ALWAYS occurs for me, using 'import emails with different values for attributes' and with the 'test output' and 'show warnings' options selected (this is my normal way of performing imports)

2) the warning message shows correctly the number of values, but under-estimates the number of fields in the header, even with a simple two-column tab-delimited import file like this:

Password email
tester test@domain.com

3) the under-estimate in the number of fields in the header seems to result from the 'email' field not being counted

4) in addition EVERY header field that contains the string 'email' is not counted, for example fields with names like 'ReminderEmail'. That's why the error message I provided in my first bug report indicated a discrepancy of two.

I hope that this information helps.
(0043129)
alans   
19-03-08 10:20   
Yes I can confirm that this seems to be true, there is noextra fields, lines in my import file.
(0043958)
hernan   
01-04-08 18:18   
Alams, what version are you using. I cannot replicate this on 2.11.3, can you give me a part of the file your tried to test it?
(0050744)
kyrian   
01-10-09 18:00   
I just experienced this, only it was 11!=5, and I figured I had about 11 attributes assigned in the relevant admin page of the system.

So I expected the problem to go away when I removed any extraneous attributes from phplist.

This did not seem to be the case, but it may still be noteworthy that the numbers remained as 11 & 5, so perhaps phplist is counting inactive/deleted attributes when counting to see if the sheet contain the right number of columns?




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15343 [phplist] Interface - Frontend major always 29-09-09 17:31 29-09-09 17:31
Reporter: dhartford Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Directory Listing - application can prevent
Description: Although Apache/Zend can be configured to prevent Directory Listings, sometimes best to make a best effort that the PHPList application is safe/secure as much as possible without relying on external configurations.

Recommend add 'index.html' (even if blank), or similar page to all directories to avoid directory listings.

/lists/config
/lists/images
/lists/images/smiley
/lists/js
/lists/styles
/lists/texts
/lists/admin/auth
/lists/admin/data
/lists/admin/images
/lists/admin/images/tabs/
/lists/admin/js
/lists/admin/onyxrss
/lists/admin/phpmailer
/lists/admin/phpmailer/language
/lists/admin/plugins
/lists/admin/plugins/defaultplugin
/lists/admin/plugins/sidebar
/lists/admin/styles/
/lists/admin/info/*

These have a lot of subdirectories:
/lists/admin/commonlib
/lists/admin/FCKeditor
/lists/admin/lan
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15342 [phplist] Interface - Frontend minor always 29-09-09 17:28 29-09-09 17:28
Reporter: dhartford Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Password field does not have autocomplete explicitly set
Description: Password field should have autocomplete explicitly set to off for security reasons. Note that it is a convenience to have it on, but should identify the intent of the PHPlist default install.

/lists/admin/login.php:

<tr><td><input type=password name="password" value="" autocomplete="off" size=30></td></tr>
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15340 [phplist] Interface - Frontend minor always 28-09-09 15:23 28-09-09 15:23
Reporter: tuxick Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: allows setting empty email address
Description: the interface does not check if an email address is empty.
this at least happens in the "details of a user" dialog, and probably elsewhere since i found an empty email adress in database.
some validation might be useful :)
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15338 [phplist] Attachments major have not tried 26-09-09 23:20 28-09-09 14:27
Reporter: buster Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: cgi error
Description: ver 2.10.10 pretty much installed without a hitch.

The error: The specified CGI application misbehaved by not returning a complete set of HTTP headers.
 
This happens when trying to open an attachment link.

This message contains attachments that can be viewed with a webbrowser:
Location: http://www.waynestreetumc.org/lists/dl.php?id=3 [^]
Steps To Reproduce:
Additional Information: My system details are:
phplist version: 2.10.10
PHP version: 5.2.10
Browser: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; InfoPath.1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
Webserver: Microsoft-IIS/6.0
Website: http://www.waynestreetumc.org/lists [^]
Mysql Info: 5.0.45-log
PHP Modules:

bcmath
calendar
com_dotnet
ctype
date
filter
ftp
hash
iconv
json
odbc
pcre
Reflection
session
libxml
standard
tokenizer
zlib
SimpleXML
dom
SPL
wddx
xml
xmlreader
xmlwriter
cgi-fcgi
curl
gd
gettext
mcrypt
mhash
mime_magic
mssql
mysql
mysqli
openssl
sockets
tidy
xsl
ionCube Loader
Zend Optimizer
Attached Files: ie7phplisterror.rtf (615 KB) 28-09-09 14:26
Notes
(0050742)
buster   
28-09-09 14:20   
I am finding out attachments are working correctly with a Outlook \ FireFox combination. Also, works with IE7 and Outlook Web access. Is not working with IE7 and Outlook 2003 SP3
(0050743)
buster   
28-09-09 14:27   
See the uploaded file ie7phplisterror.rtf




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15339 [phplist] User Management feature always 27-09-09 07:23 27-09-09 07:23
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Please add a "reason" field for unconfirmed users and not just for blacklisted ones
Description: Currently only blacklisted users have a "reason" field. In the long run, I have no idea if a certain user became unconfirmed over time for overquota reasons or for the address actually being wrong.

It means I can't be sure if I should give such users another chance at some point.

So please add a "reason" field for unconfirmed users as well.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15336 [phplist] Attachments major always 18-09-09 12:51 22-09-09 11:24
Reporter: cazzani Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: when processing queues PHPlist does not attach the file uploaded, it attaches the file only in test messages
Description: I can regularly upload the file during message preparation and when I send me a test message, I receive it correctly.

However, when the same message is queued for delivery, no attachments is being sent. Messages are received without attachments and as administrator I receive error messages stating:
Error, when trying to send message xx the attachment
              yyyyy could not be found
Steps To Reproduce:
Additional Information: PHPList 2.10.10 running on Linux centos-5-x86 virtual machine.

Sequence of event I tried:
- I uploaded the file to be attached: 0803_NI_DAQ_USB_6821.gif

- I checked it is the correct attachments repository configured, diectory /tmp, outside the web space, which has the following permission:
 tmp <dir> Sep 18, 2009 02:04:52 PM drwxrwxrwt root root

- Two files are actually there created by PHPlist after upload:
0803_NI_DAQ_USB_68219EnYwd 0.00 kb Sep 18, 2009 02:04:52 PM -rw------- apache apache
0803_NI_DAQ_USB_68219EnYwd.gif 12.22 kb Sep 18, 2009 02:04:52 PM -rw-r--r-- apache apache

- I noticed that PHPlist web space is using in using a different account:
admin.php 8.95 kb Jun 19, 2009 11:42:24 AM -rw-r--r-- joomlaftp psacln

I therefore thought that some permissione problem could be an issue, so I tried to set CHMOD 777 on the two files uploaded, but the end result is still the same:
file is attached in test messages, but when queued it is not attached and I get the message:
Error, when trying to send message 58 the attachment
              0803_NI_DAQ_USB_6821.gif could not be found
Attached Files:
Notes
(0050739)
cazzani   
21-09-09 15:49   
I also notices that if the queues are processed manually, they attachments are sent correctly.

Instead, if the queues are processed periodically through a cron job, the attachments are NOT sent.
(0050740)
cazzani   
22-09-09 11:24   
As a workaround, I moved the attachments repository inside the web space in a new directory owned by the web space account (joomlaftp) with CHMOD 777




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15335 [phplist] All Other major always 13-09-09 10:57 13-09-09 10:57
Reporter: holger Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Text-Mail with Code
Description: Hello,

i have a Problem with the Version 2.10.10 with text-mails. I have test convert html-message to text and entry text-message in the text-box i have the problem that die text-message are send with html-code like this:

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd"> [^]
<html>
<head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>Newsletter - DLRG Ortsgruppe Altbach </title>
</head>
 
<body>
<table border="0" cellspacing="0" cellpadding="0" width="611">
  <tr valign="top">
    <td><img src="header_left.gif" height="204" width="19" border="0"></td>
    <td><img src="header_right.gif" height="204" width="592"
border="0"></td>
  </tr>
  <tr valign="top">
    <td width="19"></td>
    <td style="padding: 10px 10px 10px 20px; font-family:
Arial,Helvetica,sans-serif; font-size: 12px; line-height: 16px;"
bgcolor="#ebf2f5">
<p align="center" style="font-family: Arial,Helvetica,sans-serif;
font-size: 10px;color:gray;">(Falls Sie diesen Newsletter nicht lesen
können, klicken Sie bitte http://newsletter.dlrg-altbach.de/archiv.php?x=128.) [^]

Hallo Holger Schuker,



heute geht es wieder los bei der DLRG Ortsgruppe Altbach mit dem
Training im

Hallenbad. Wie gewohnt geht es ab 17:45 Uhr los. Die Anfangszeiten der
Riegen

sind so wie vor den Ferien.


Falls Sie diese doch nicht mehr wissen sollten schauen Sie einfach hier
vorbei:

http://altbach.dlrg.de/technik/trainingszeiten.html [^]


<h3>Umfrage Newsletter</h3>

Unser Newsletter besteht nun seit mehr als 6 Monaten und wir würden
gerne von <strong>Ihnen</strong> wissen,

wie Ihre Meinung über unseren Newsletter ist. Dazu haben wir eine Umfrage
erstellt, mit der wir

versuchen wollen, den Newsletter noch attraktiver für Sie zu gestalten.
Darum bitten wir Sie, sich

einfach ein paar Minuten dafür Zeit zu nehmen. Schon jetzt bedanken wir
uns für Ihre Mithilfe.


<a border="0" target="_blank"
href="http://umfrage.dlrg-altbach.de/index.php?sid=85723&lang=de"><img [^]
alt="" src="http://newsletter.dlrg-altbach.de/images/umfrage.gif" [^]
/></a>


oder kopieren folgende URL:
http://umfrage.dlrg-altbach.de/index.php?sid=85723 [^]


<span style="font-size: xx-small;"><strong>Eine Bemerkung zum
Datenschutz:

</strong>Dies ist eine anonyme Umfrage. Die Daten mit Ihren Antworten
enthalten keinerlei auf Sie

zurückzuführende/identifizierende Informationen.</span>



Ihre

DLRG Ortsgruppe Altbach

http://altbach.dlrg.de [^]


<hr>
<div style="font-family: Arial,Helvetica,sans-serif; font-size:
10px;color:gray;">
Newsletteroptionen:
 
Abmelden:
http://newsletter.dlrg-altbach.de/?p=unsubscribe&uid=c77fe9412979e4cf509503cf7e5d90a0 [^]
Newsletter weiterleiten:
http://newsletter.dlrg-altbach.de/?p=forward&uid=c77fe9412979e4cf509503cf7e5d90a0&mid=128 [^]
Daten ändern:
http://newsletter.dlrg-altbach.de/?p=preferences&uid=c77fe9412979e4cf509503cf7e5d90a0 [^]
 
 
</div>
 
</td>
  </tr>
  <tr valign="top">
    <td width="19"></td>
    <td><img src="footer.gif" height="44" width="592" border="0"></td>
  </tr>
</table>
</body>
</html>
 
 
--
Powered by PHPlist, www.phplist.com --
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
5921 [phplist] Subscriber Import minor have not tried 30-03-06 14:13 10-09-09 19:38
Reporter: yan Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: feedback Product Version: 2.10.1  
Product Build: Resolution: unable to reproduce  
Projection: none      
ETA: none  
Summary: selecting values in checkbox attribute during import doesn't work
Description: you're supposed to be able to select a value in a checkbox attribute which you want all your imported subscribers to have. It doesn't work.
Steps To Reproduce:
Additional Information:
Attached Files: importcsv.zip (10 KB) 14-12-08 13:24
Notes
(0029387)
bas   
16-07-07 15:13   
Using the only option that has the possibility to set attributes ('import emails with the same values for attributes'), I imported a testfile generated by mkimp.pl once with checkbox attribute set and once without. Worked as expected.
(0041244)
h2b2   
21-02-08 22:09   
On a related note, this was posted by Ed C on the forum:
http://forums.phplist.com/viewtopic.php?t=15169 [^]

**** START QUOTE ****

I'm experiencing problems importing and have narrowed it down to a checkboxgroup attribute in a test database. The database has one attribute, a checkboxgroup. The checkboxgroup has three selections: stuff1, stuff2 and stuff3. I can enter data fine by way of a subscription page. I then export the data to a tab delimited text file. However, when I try to import the file I just exported I get the following error:

Database error 1054 while doing query Unknown column 'stuff2' in 'where clause'

The e-mail address imports find except the value of the checkboxgroup attribute shows all selections as unchecked. Any suggestions or comments would be appreciated.

PHPlist 2.10.5, PHP 4.3.9, MySQL 4.1.12, Apache 2.0.52

=====
There seems to be some code missing from importcsv.php around line 650. There is no 'case "checkboxgroup"' so checkboxgroups get loaded like a text box when importing.

=====
inserted the following code around line 650 and it now appears to be working fine. Any comments, suggestions or improvements are welcome.

Code:
              case "checkboxgroup":
                $cbg_ids = array();
                $cbg_item = explode(";",$uservalue);
                $cbg_idx = 0;
                if ($uservalue !== "") while ($cbg_idx < sizeof($cbg_item)) {
                  $val = Sql_Query("select id from $table_prefix"."listattr_$att[1] where name = \"$cbg_item[$cbg_idx]\"");
                  # if we do not have this value add it
                  if (!Sql_Affected_Rows()) {
                    Sql_Query("insert into $table_prefix"."listattr_$att[1] (name) values(\"$cbg_item[$cbg_idx]\")");
                    Warn("Value $cbg_item[$cbg_idx] added to attribute $att[2]");
                    array_push($cbg_ids,Sql_Insert_Id());
                  } else {
                    $d = Sql_Fetch_Row($val);
                    array_push($cbg_ids,$d[0]);
                  }
                $cbg_idx++;
                }
                $user_att_value = implode(",",$cbg_ids);
                break;

**** END QUOTE ****

Note: As forum threads (incl. those with useful mods, fixes, contributions etc) continue disappearing, I thought it best to paste the full thread contents here, instead of just providing a link to the forum thread.
(0041396)
Ed C   
23-02-08 04:18   
I believe you were testing in the wrong area. I neglected to mention that I was using "import e-mails with different values for attributes". I'm also not sure if you misspoke when you said checkbox. The checkbox attribute type works fine. It's the checkboxgroup type that has the problem.

Be aware that there is also a problem with editattributes.php (control value maintenance) and the handling of checkboxgroups. The current code will SOMETIMES allow you to delete a control value for an attribute even though it is being used. For example: You have a checkboxgroup with "choice1", "choice2" and "choice3" for control values. You try to delete "choice3". The software will not see a member with all three choices selected. That's because the SQL query can not find the "sandwiched in" control value due to the way checkboxgroups are stored internally as "choice1; choice2; choice3". I also have serious doubts the "Delete and Replace" code will work as expected either.

I'll be happy to provide you any more information if you need it.
(0041397)
Ed C   
23-02-08 04:45   
Oops, I stated that wrong. Checkboxgroups are stored internally as: "p1; p2; p3" where p1, p2 and p3 are POINTERS to the control values table. Sorry about that.
(0050257)
h2b2   
14-12-08 13:28   
An implementation of Ed C's modifications -reported to be working with release 2.10.7- has been supplied by jackbremer. Included here as attachment "importcsv.zip".

ref: http://forums.phplist.com/viewtopic.php?p=57820#57820 [^]
(0050738)
gazouteast   
10-09-09 19:38   
v2.10.10 is displaying quirky behaviour on the checkboxgroup attribute imports

IMPORTANT - nowhere does the documentation state that the spreadsheet to be imported MUST use the checkboxgroup option ID number, and NOT the option value. That particular omission cost me many hours until I manually registered a user with multiple selections and checked the SQL table and then spotted the array of pointers. Nil Points for documentation on that one.

Inadvertently allowing upload with the option text values in the spread sheet causes the error 1064 warnngs much discussed in forums. They must be the numerical option IDs.

v2.10.10 does not appear to have the "case checkboxgroup" patch detailed above, but it works (if using option IDs not text values) and apparently without the patch - well done for implementation.

Now if only we could have it working with optional upload with text value in place of ID number - some of my checkboxgroups have 50+ choices - and that's a lot of IDs to remember when manually editing 5000 - 6000 lines per spreadsheet (quarterly customer transactions) and with a queue of over 20 of those spreadsheets to be done.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15334 [phplist] User Management major sometimes 10-09-09 15:10 10-09-09 15:10
Reporter: Danail Traichev Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: When user requests personal URL for changing its preferences, wrong uid is sent to user, so he cannot change them
Description: With some users (for example with one that was added by admin without confirmation email), when user requests personal URL for changing its preferences, email is sent, but the URL in it contains wrong uid, so user cannot change its settings never.

For example, received uid is M80c18861476fe93aebff73a35dc393
And actual one (also in DB) is 4d80c18861476fe93aebff73a35dc393

As you see, they are "almost" the same, but not exacly, so user goes to default preferences page when clicks on the link.
Steps To Reproduce:
Additional Information: I have clean phplist installation with only one change - patch suggested here:
http://forums.phplist.com/viewtopic.php?f=17&t=28038#p67641 [^]
I have applied it because I send messages in Cyrillic and without this change they are received in wrong codepage. I don't think that this change is related to the bug, because it happens even if I restore original file.

I send messages in codepage windows-1251.
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15333 [phplist] User Management major always 09-09-09 15:41 10-09-09 01:58
Reporter: gazouteast Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Failure of navigation buttons in list member lists has returned in stable version
Description: First reported here - http://mantis.phplist.com/view.php?id=15282#bugnotes [^]

Pablo posted he'd fixed the issue in early August 2009 in the stable release download.

The new download obtained on 6 Sept 2009 does not have the fix applied.

I would have posted in the original topic but someone closed it.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050737)
h2b2   
10-09-09 01:58   
Resolved mantis issues are only resolved in subversion code, and not in the v2.10.10 distribution archive on the download page, until the next release.

In other words, this fix, as well as other fixes, will be available to the public as soon as the new distribution archive of release 2.10.11 is placed on the official download site. I'm not sure what the next release date will be, as I can't recall having seen the developers mention a release date for 2.10.11 yet.

Meanwhile, since a number of bugs (including this one) need fixing to be able to effectively use v2.10.10, and considering that a number of users indicated they were unfamiliar and uncomfortable with applying all fixes suggested in mantis and on the forum, I thought it best to make most suggested bugfixes available in the form of patched files, included as attachments in the forum threads discussing a particular bug. See the 'bug discussion' section of the forum.

A listing of most v2.10.10 bugs, and available patched files, can be found in this forum post: http://forums.phplist.com/viewtopic.php?f=9&t=24494#p66892 [^]
I'll try to update that listing as long as needed, i.e. until the next release.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15288 [phplist] Command Line minor have not tried 13-05-09 16:40 07-09-09 17:19
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: Commandline cron not working
Description: Following issue was reported by jfm5440:
==== Start Quote ====
My command line processqueue cron jobs worked fine under 2.10.4 but after upgrade to 2.10.10 they stopped.

It looks like the parameters are not getting passed. I have the "$commandline_users = array();" set so no user id is needed.

====

Well it appears to be a PHP register_globals problem.

If i stub out

require_once dirname(__FILE__) .'/commonlib/lib/unregister_globals.php';

from index.php the cli works.

I know there are security implications in leaving register_globals on (which is my php.ini default because I want to for some old scripts).

but index.php should work without global registration right?

anyway if I edit .htaccess and add

php_flag register_globals off

the cli continues to work fine.

==== End Quote ====
Source: http://forums.phplist.com/viewtopic.php?f=17&t=24515 [^]
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050736)
gazouteast   
07-09-09 17:19   
Confirmed above

Clean install of 2.10.10 undergoing initial config and test on a LAMP hosted server - mails refused to go out even though cron emailed correct action complete.

Mails stayed queued whether sent to the test list or direct to the test user.

commenting out the require_once dirname(__FILE__) .'/commonlib/lib/unregister_globals.php'; from index.php released the mails ....

.... however ....

My hosting company has "register_globals = on" set at a server level, and I had to perform 2 bug fixes before the above one worked -
- in lists/.htaccess => knock out the globals line reported as a fix for the 500 error during install (I had to do this to get phpLIST to install)
- in lists/config/config.php => set the $commandline_users = array();
to read => $commandline_users = array("admin","server_user_name"); before cron would run.
(Replace "server_user_name" with your actual server login name => is this a security risk? plain text server user name in the config file?)

.... also ....

I'd also had to apply the updated files -
http://forums.phplist.com/viewtopic.php?f=17&t=24505 [^] (attributes order listing not saving on subscription page)
and
http://forums.phplist.com/download/file.php?id=106 [^] (lists/admin/connect.php patched file)

That last one, the patched connect.php file, was critical
.... because ....
even after applying all of the above, mails created BEFORE patching connect.php still will not go (cron reports an error within the email that is the same as why connect.php was patched).

It therefore appears that the _globals issue has potential to be masking other bugs for which patches are already available.

Gaz




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15332 [phplist] Interface - Frontend minor always 07-09-09 14:03 07-09-09 14:03
Reporter: tuxick Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: "import emails" is confusing and wrong
Description: The dialog "import emails" is confusing, sounds like importing emails instead of email addresses.
In some cases it might be "import from emails" or something.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15331 [phplist] Internationalization (l18n) text always 06-09-09 16:27 06-09-09 16:27
Reporter: Tokapi Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Dutch Translation
Description: Hi,

Over the past moths, I've been correcting the dutch translation. The current files have a lot of faulty typos and strange words. Most of the general used files should be fixed and are recompared with the original English files again. They are all zipped in attachment.

Also noticed that bug 0015282 (next page doesn't work in listovervue) still isn't fixed in 2.10.10, so added it the package too.

Greetings,
B.
Steps To Reproduce:
Additional Information:
Attached Files: UpdateDutch2.10.10.zip (91 KB) 06-09-09 16:27
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15330 [phplist] All Other minor have not tried 06-09-09 07:56 06-09-09 07:56
Reporter: Philip vd Eijk Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version:  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: software error during update list subscriber
Description: see attachment with URL and source
Steps To Reproduce:
Additional Information:
Attached Files: HHerror.txt (6 KB) 06-09-09 07:56
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15329 [phplist] HTML Email Support minor always 03-09-09 18:10 03-09-09 18:20
Reporter: pablo Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: resolved Product Version:  
Product Build: Resolution: fixed  
Projection: none      
ETA: none  
Summary: htmlemail checkbox info not kept when adding individual user
Description: The same problem reported in 0015312 but when adding a single user. Solved applying patch suggested there to line 161 of members.php.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15312 [phplist] Subscriber Import minor always 24-07-09 18:44 03-09-09 18:18
Reporter: noblestudios Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: resolved Product Version: 2.10.10  
Product Build: Resolution: fixed  
Projection: none      
ETA: none  
Summary: Checking "I prefer to receive emails in HTML format" on import has no effect
Description: On importing a rather large list, we found that all addresses were set as text only, even though we had chosen "I prefer to receive emails in HTML format" during the import. Subsequent testing revealed that this checkbox was being ignored entirely.

This error can be fixed by changing line 212 of admin/import1.php from:

    $tables["user"],$email,$notify != "yes",$uniqid,$htmlemail);

to:

    $tables["user"],$email,$notify != "yes",$uniqid,$_POST['$htmlemail']);
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050735)
pablo   
03-09-09 18:05   
I've replaced $htmlemail by $_POST['htmlemail'] as indicated and now it works fine. Thanks.

The correction will propagate in the next phplist update.

Cheers.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15328 [phplist] Interface - Backend minor always 03-09-09 16:23 03-09-09 16:23
Reporter: rockit Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: csv import html-email flag not imported into database
Description: importing a csv-users file will not set the html-mail-format flag chosen as standard.
bugfix/solution
admin/import1.php on line 211 has to be changed from

$query = sprintf('INSERT INTO %s (email,entered,confirmed,uniqid,htmlemail) values("%s",now(),%d,"%s","%s")',
          $tables["user"],$email,$notify != "yes",$uniqid,$htmlemail);

to

$query = sprintf('INSERT INTO %s (email,entered,confirmed,uniqid,htmlemail) values("%s",now(),%d,"%s","%s")',
          $tables["user"],$email,$notify != "yes",$uniqid,$_REQUEST['htmlemail']);
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15327 [phplist] Bounce Management feature always 03-09-09 16:02 03-09-09 16:02
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Reading unidentified bounces
Description: There are certain unofficial ways to read them via PHPMyAdmin. But how about an official one? Please allow a way to simply read such bounces. While you can't handle them, you can still display them and let us deal with them manually.

Thanks!
Steps To Reproduce:
Additional Information: http://forums.phplist.com/viewtopic.php?t=28129 [^]
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15303 [phplist] Message Send Process minor always 09-06-09 20:40 30-08-09 17:20
Reporter: tipichris Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Signatures added twice, and in invalid ways
Description: If an HTML template includes a [SIGNATURE] placeholder, the signature is added both at the place holder and appended to the end of the message. Additionally, if the template includes the complete HTML, the appended signature is added after the closing </html> tag.

The following patch resolves these issues:

--- lists/admin/sendemaillib.php.orig Sun May 31 21:58:10 2009
+++ lists/admin/sendemaillib.php Tue Jun 9 20:28:03 2009
@@ -239,7 +239,7 @@

 ## Parse placeholders
   #0013076: Blacklisting posibility for unknown users
- foreach (array("forwardform","subscribe","preferences","unsubscribe","signature", 'blacklist') as $item) {
+ foreach (array("forwardform","subscribe","preferences","unsubscribe", 'blacklist') as $item) {
     if (eregi('\['.$item.'\]',$htmlmessage,$regs)) {
       $htmlmessage = eregi_replace('\['.$item.'\]',$html[$item],$htmlmessage);
 // unset($html[$item]); //ASK: Why was this done? It breaks placeholders in the footer
@@ -301,7 +301,7 @@
   if (eregi("\[SIGNATURE\]",$htmlmessage))
     $htmlmessage = eregi_replace("\[SIGNATURE\]",$html["signature"],$htmlmessage);
   elseif ($html["signature"])
- $htmlmessage .= '
'.$html["signature"];
+ $htmlmessage = addHTMLFooter($htmlmessage, '
'. $html["signature"]);
   if (eregi("\[FOOTER\]",$textmessage))
     $textmessage = eregi_replace("\[FOOTER\]",$text["footer"],$textmessage);
   else
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050732)
h2b2   
30-08-09 17:20   
I can confirm that the above patch solves the issue of an additional signature in the footer.

A patched lists/admin/sendemaillib.php file (for v2.10.10) can be found in this forum post: http://forums.phplist.com/viewtopic.php?f=17&t=24827&p=67555#p67555 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15286 [phplist] Bounce Management minor always 12-05-09 17:01 30-08-09 13:09
Reporter: nickyoung Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: delete bounce operation doesn't work from 'view a bounce' page
Description: I just upgraded to 2.10.10.

Now when I go to the "View a bounce" page from the admin and then with "Delete this bounce and go to the next" checked, hit the "Do the above" button, the page refreshes and the bounce doesn't appear to be deleted.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050643)
nickyoung   
12-05-09 17:51   
It appears that the $deletebounce variable is not initialized from $_GET so it is always empty.
(0050644)
nickyoung   
12-05-09 17:59   
I fixed this issue by adding this at line 18 of admin/bounce.php:

$deletebounce = isset($_GET["deletebounce"]) ? $_GET["useremail"] : '';

I don't know if this is the proper place to put the fix but it seems to work.
(0050645)
nickyoung   
12-05-09 18:00   
oops, typo: line 18 should be this:


$deletebounce = isset($_GET["deletebounce"]) ? $_GET["deletebounce"] : '';
(0050650)
nickyoung   
15-05-09 18:03   
Note, I also found that $deleteuser is not initialized from $_GET so you can't delete a user from the view a bounce page
(0050717)
h2b2   
28-08-09 04:16   
Can confirm the issue. Actually none of the options on the 'View a bounce' page seem to work:

- Increase bouncecount with
- Mark user as unconfirmed
- Set user to receive text instead of HTML
- Delete user
- Delete this bounce and go to the next
(0050718)
h2b2   
28-08-09 04:17   
Related forum thread: http://forums.phplist.com/viewtopic.php?f=17&t=24559 [^]
(0050730)
CS2   
30-08-09 05:03   
I have not confirmed, but looking over the code a bit, I think that expanding on nickyoung's sleuthing to add the following lines should fix the remaining issues:

$amount = isset($_GET["amount"]) ? $_GET["amount"] : '';
$unconfirm = isset($_GET["unconfirm"]) ? $_GET["unconfirm"] : '';
$maketext = isset($_GET["maketext"]) ? $_GET["maketext"] : '';
$deleteuser = isset($_GET["deleteuser"]) ? $_GET["deleteuser"] : '';
(0050731)
h2b2   
30-08-09 13:09   
-
Inserted the code suggested by nickyoung and CS2 at line 18 of lists/admin/bounce.php and ran a quick test. All options seem to be working now. Thanks!

Will add the fixed bounce.php to the list of patched files in http://forums.phplist.com/viewtopic.php?f=9&t=24494#p66892 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15292 [phplist] Template Management minor always 15-05-09 03:55 29-08-09 13:44
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: View templates generates a blank page
Description: When trying to preview templates and clicking on the "view" link (e.g. lists/admin/?page=viewtemplate&id=1) the resulting page doesn't display the template preview.

This issue was reported by astralbaby and confirmed on my system.
ref: http://forums.phplist.com/viewtopic.php?p=62159#p62159 [^]
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050720)
h2b2   
28-08-09 04:55   
The following fix is suggested by tipichris in this forum post: http://forums.phplist.com/viewtopic.php?f=17&t=24593#p62867 [^]


    --- lists/admin/viewtemplate.php.orig Fri Jun 5 20:10:42 2009
    +++ lists/admin/viewtemplate.php Fri Jun 5 20:17:20 2009
    @@ -12,7 +12,7 @@
       print '

'.PageLink2("template&id=".$_GET["id"],$GLOBALS['I18N']->get('BackEditTemp')).'

';
    } else {
       ob_end_clean();
    - print previewTemplate($id,$_SESSION["logindetails"]["id"],nl2br($GLOBALS['I18N']->get('TempSample')));
    + print previewTemplate($_GET['id'],$_SESSION["logindetails"]["id"],$GLOBALS['I18N']->get('TempSample'));
    }

    ?>
(0050727)
h2b2   
29-08-09 13:44   
The fix suggested by tipichris has been included in a patched lists/admin/viewtemplate.php file, available as an attachment in this forum post:
http://forums.phplist.com/viewtopic.php?f=17&t=24593&start=15#p67489 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15324 [phplist] Interface - Frontend major sometimes 26-08-09 12:27 29-08-09 13:34
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Subject and From turn to Gibberish when saved not in English
Description: This is how the subject of this bug report should be phrased. Please direct all the specific bug reports (e.g. "subject doesn't work in my language" that won't consider other people) in here.

The problem is in public_html/lists/admin/send_core.php:

    iconv('ISO-8859-1','UTF-8',$subject) and htmlentities(iconv('ISO-8859-1','UTF-8',$from) - those statements assume one uses ISO-8859-1, which is why you only get bug reports from people using other languages...

Note those statements were only added in recent versions. For example, v2.10.7 didn't have them and thus had no problems.

Here's the fix:

// custom code - start
  $utf8_subject = $subject;
  $utf8_from = $from;
  if (strcasecmp($GLOBALS['strCharSet'], 'utf-8') <> 0) {
     $utf8_subject = iconv($GLOBALS['strCharSet'],'UTF-8',$utf8_subject);
     $utf8_from = iconv($GLOBALS['strCharSet'],'UTF-8',$utf8_from);
  }

  $maincontent .= '
  <tr><td>'.Help("subject").' '.$GLOBALS['I18N']->get("Subject").':</td>
    <td><input type=text name="msgsubject"
    //value="'.htmlentities($utf8_subject,ENT_QUOTES,'UTF-8').'" size=40></td></tr>
  <tr>
    <td colspan=2>
    </td></tr>
  <tr><td>'.Help("from").' '.$GLOBALS['I18N']->get("fromline").':</td>
    <td><input type=text name=from
    value="'.htmlentities($utf8_from,ENT_QUOTES,'UTF-8').'" size=40></td></tr>
  <tr><td colspan=2>

  </td></tr>';
// custom code - end
Steps To Reproduce:
Additional Information: The "//" in "//value" shows up in the HTML code. See bug report 0015323
Attached Files:
Notes
(0050719)
h2b2   
28-08-09 04:28   
Issue with use of iconv() confirmed in http://forums.phplist.com/viewtopic.php?f=17&t=28038 [^]

It seems to me the iconv() function was introduced when trying to fix issue http://mantis.phplist.com/view.php?id=15241 [^]

Charset hardcoding should be avoided, IMO. Configurable charset encoding would make the system much more flexible and help avoid all sorts encoding incompatibilities.
See also http://mantis.phplist.com/view.php?id=1644 [^]
(0050725)
h2b2   
29-08-09 13:34   
See also http://mantis.phplist.com/view.php?id=15287 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15296 [phplist] Bounce Management minor have not tried 22-05-09 13:23 28-08-09 06:57
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Cannot increase bounce count manually
Description: This issue was reported by ligie:

====Start quote====

when trying to increase a users bouncecount in PHPlist 2.10.10 manually on "view a bounce", the button "do the above" does nothing at all.

I have checked the code in bounce.php

there is a line
    if (isset($userid) && $amount)

The problem seems to be, that $amount is never set.

When I add the line
    $amount=$_GET["amount"];

everything is working.

==== End quote ====
Ref: http://forums.phplist.com/viewtopic.php?p=62388#p62388 [^]
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050722)
h2b2   
28-08-09 06:57   
Seems related to http://mantis.phplist.com/view.php?id=15286 [^]

see also http://forums.phplist.com/viewtopic.php?f=17&t=24559 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15285 [phplist] Subscribe Process minor always 12-05-09 01:27 28-08-09 05:44
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: Attributes' order of listing on subscribe page cannot be saved
Description: When changing the order of listing on the 'edit a subscribe page' (lists/admin/?page=spageedit&id=1) by entering numbers starting from 0 in the attribute's "Order of Listing:" fields, and clicking on either the 'Save changes' or 'Save and activate' buttons, the entered values blank out and nothing is changed on the subscribe page.
Steps To Reproduce:
Additional Information: Issue reported by spidersilk: http://forums.phplist.com/viewtopic.php?p=61874#p61874 [^]

Confirmed on my system:
 phplist 2.10.9
 Linux/Apache
 PHP 5.2.3
 MySQL 4.1.12
Attached Files:
Notes
(0050642)
h2b2   
12-05-09 02:39   
Correction: my test system is running 2.10.10, not 2.10.9
(0050651)
meeble   
17-05-09 22:59   
ALSO,

When editing a subscription page, neither "order of listing" nor "Is this attribute required?" settings are being saved when hitting "Save" or "Save and Activate".
(0050656)
ripls   
19-05-09 02:05   
Upgraded today to 2.10.10 and having the same problem with attributes. Can't delete them, change order (see below)or make required fields. Saving the settings does not take effect.

Can re-order attributes in attributes area, but not on subscribe page setup.
(0050660)
davman   
20-05-09 13:06   
Solved!!!
The problem is not only this.
The system doesn't recognise the required attributes and doesn't store in db the corrected values

To solve all this 2 bugs there's a little work to to waiting for the correct fixed version:


Create attributes with gui as usual
Edit with phpmyadmin or similar the table "phplist_user_attribute"
and put "1" in field "required" for fields you want ti be required
and setup the correct listorder values for all record in "listorder" field



open file subscribelib2.php and

replace this line
  foreach ($attributes as $attribute => $listorder) {
with this line
  foreach (array_reverse($attributes, true) as $attribute => $listorder) {


Comment these two lines:
  $attr["required"] = $attributedata[$attr["id"]]["required"];
  $attr["default_value"] = $attributedata[$attr["id"]]["default_value"];


Ciao!
(0050667)
tipichris   
29-05-09 21:49   
I think this is an import globals issue. This patch solves it:

--- lists/admin/spageedit.php.orig Fri May 29 21:42:49 2009
+++ lists/admin/spageedit.php Fri May 29 21:44:18 2009
@@ -54,9 +54,9 @@
   if (isset($_POST['attr_use']) && is_array($_POST['attr_use'])) {
     $cnt=0;
     while (list($att,$val) = each ($_POST['attr_use'])) {
- $default = $attr_default[$att];
- $order = $attr_listorder[$att];
- $required = $attr_required[$att];
+ $default = $_POST['attr_default'][$att];
+ $order = $_POST['attr_listorder'][$att];
+ $required = $_POST['attr_required'][$att];

       Sql_Query(sprintf('insert into %s (id,name,data) values(%d,"attribute%03d","%s")',
         $tables["subscribepage_data"],$id,$att,
(0050668)
davman   
30-05-09 08:44   
Excellent!
(0050677)
tipichris   
08-06-09 07:51   
There are issues with RSS preferences not saving too. A more complete patch:

--- lists/admin/spageedit.php.orig Fri May 29 21:42:49 2009
+++ lists/admin/spageedit.php Sun May 31 20:32:45 2009
@@ -54,9 +54,9 @@
   if (isset($_POST['attr_use']) && is_array($_POST['attr_use'])) {
     $cnt=0;
     while (list($att,$val) = each ($_POST['attr_use'])) {
- $default = $attr_default[$att];
- $order = $attr_listorder[$att];
- $required = $attr_required[$att];
+ $default = $_POST['attr_default'][$att];
+ $order = $_POST['attr_listorder'][$att];
+ $required = $_POST['attr_required'][$att];

       Sql_Query(sprintf('insert into %s (id,name,data) values(%d,"attribute%03d","%s")',
         $tables["subscribepage_data"],$id,$att,
@@ -73,11 +73,11 @@
   }
   if (ENABLE_RSS) {
     Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"rssintro","%s")',
- $tables["subscribepage_data"],$id,$rssintro));
+ $tables["subscribepage_data"],$id,$_POST['rssintro']));
     Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"rss","%s")',
- $tables["subscribepage_data"],$id,join(',',$rss)));
+ $tables["subscribepage_data"],$id,join(',',$_POST['rss'])));
     Sql_Query(sprintf('replace into %s (id,name,data) values(%d,"rssdefault","%s")',
- $tables["subscribepage_data"],$id,$rssdefault));
+ $tables["subscribepage_data"],$id,$_POST['rssdefault']));
   }
   if (!empty($_POST['activate'])) {
     Sql_Query(sprintf('update %s set active = 1 where id = %d',
(0050682)
mrmusicman86   
10-06-09 22:06   
tipichris,

Your last revision solved my problem with 2.10.10.

Thanks!
(0050697)
medianetwork   
24-07-09 17:34   
Could someone please tell me exactly where to put both of these patches? Is this on one of the php pages or do you have to add it to the sql tables and if so where?

Also, after doing this patch do you find any other problems with 2.10.10?

Thank you for your help.
(0050698)
medianetwork   
24-07-09 18:48   
I tried correcting the spageedit.php with the above and I lost the subscribe page from with in the admin and it did not change or correct anything.
(0050715)
kedmiston   
27-08-09 17:55   
Has this been resolved yet? I tried to apply the patch above for the lists/admin/spageedit.php script but it still does not sort in order nor does it identify required status correctly. It is saving to the database ok, just not displaying ok. As a side note; I found that the sort order was corrected if I commented out line 8785 ("asort($attributes);") from lists/admin/connect.php. The required issue was still a factor, however.
(0050716)
kedmiston   
27-08-09 18:40   
Typo on line number above...should be 875, not 8785
(0050721)
h2b2   
28-08-09 05:44   
Patch suggested by tipichris works fine on my system, and also fixes the required attribute issue.

The patched spageedit.php file is available as an attachment in this forum post: http://forums.phplist.com/viewtopic.php?p=67474#p67474 [^]




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15323 [phplist] Interface - Frontend tweak always 26-08-09 12:25 26-08-09 12:25
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: The Subject uses "//value=" instead "value="
Description: The problem is in public_html/lists/admin/send_core.php:

    <td><input type=text name="msgsubject"
    //value=...

It seems not to break the HTML code, but it should be fixed nonetheless.

The fixed code:

    <td><input type=text name="msgsubject"
    value=...
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15322 [phplist] Interface - Frontend minor always 25-08-09 16:43 25-08-09 16:43
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: $strPreferHTMLEmail doesn't announce no HTML=no attachments
Description: Most people take it for granted that HTML=HTML code. But in phplist's world, it also means no attachments. No subscriber knows that when they face the HTML decision.

Therefore, please replace

$strPreferHTMLEmail = 'I prefer to receive emails in HTML format';

With

$strPreferHTMLEmail = 'I prefer to receive emails in HTML format
(Note:
cancelling this option means among other things replacing any attachments with external links!)';
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15321 [phplist] Message Management tweak always 25-08-09 16:17 25-08-09 16:17
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Linebreaks in text link replacements of attachments
Description: class.phplistmailer.php:

    function append_text($text) {
      if ($this->AltBody) {
        $this->AltBody .= html_entity_decode($text ,ENT_QUOTES, 'UTF-8' );#$text;
      } else {
// custom code - start
        $this->Body .= html_entity_decode("$text\n" ,ENT_QUOTES, 'UTF-8' );#$text;
// custom code - end
      }
    }

Without that extra \n, the links and links' intro are really unreadable.

You've already fixed sendemaillib.php to include one \n, so please add this fix too.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15301 [phplist] Message Send Process minor sometimes 03-06-09 01:38 25-08-09 04:49
Reporter: danjfoley Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: function UserAttributeValue will end up with no value in $val_ids[0] causing sql command to fail
Description: function UserAttributeValue in file commonlib/lib/userlib.php

line 245:

$val_ids[0] = cleanCommaList($val_ids[0]);

at times $val_ids[0] will have one value in it.. and after the run of cleanCommaList $val_ids[0] will be empty.

Thus causing the resulting SQL in this function that expects there to be a values in val_ids[0] to fail.
Steps To Reproduce:
Additional Information: in a run of 1132 users seems to only happen my 30 or so times. I have traced it down to failing here.

I have output the value before and after the cleanCommaList.

example:

before: $val_ids[0] = "32"
after: $val_ids[0] = "";
Attached Files:
Notes
(0050713)
h2b2   
25-08-09 04:49   
Possibly related to this forum thread, which also involves the cleanCommaList() function: http://forums.phplist.com/viewtopic.php?f=17&t=25007 [^]

mdclayton provided a fix in this post: http://forums.phplist.com/viewtopic.php?p=63264#p63264 [^]

====== Start quote ======

Version 2.10.10 has a new function called cleanCommaList() in connect.php. This is to remove null values in the attributes array, but it apparently doesn't work. Taking code from an earlier patch (bug 15182), replace the existing cleanCommaList function (line 1131 in connect.php) with this:

    #function cleanCommaList($list) {
    # return join(',',cleanArray(split(',',$list)));
    #}

    function cleanCommaList($list) {
       foreach ($list as $key=>$value) {
          if(!$value) {
             array_splice($list, $key, 1); //Remove null value from array
          }
       }
      return $list;
    }



Did this and no more errors of any kind. I don't know how the bug reporting system works here, but if this is useful it should be passed along.

===== End Quote ======




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15235 [phplist] Subscribe Process feature always 18-02-09 13:37 12-08-09 09:34
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.11.2-RC1  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Accept more $_GET parameters in subscribelib2.php
Description: You already accept $_REQUEST['email'] and $_REQUEST['emailconfirm'] so there's no reason not accept defaults via $_GET parameters for the other two fields:

1) Allow ?p=subscribe&list[x]=signup

function ListAvailableLists...

  if (isset($_POST['list'])) {
    $list = $_POST["list"];
// custom code - start
  } elseif (!isset($_POST["subscribe"]) && isset($_GET['list'])) {
    $list = $_GET["list"];
// custom code - end
  } else...

2) Allow ?p=subscribe&htmlemail=1

function ListAttributes...

    if (isset($_POST['htmlemail'])) {
      $htmlemail = $_POST["htmlemail"];
// custom code - start
    } elseif (!isset($_POST["subscribe"]) && isset($_GET['htmlemail'])) {
      $htmlemail = $_GET["htmlemail"];
// custom code - end
    }
Steps To Reproduce:
Additional Information: Note that you should NOT under any cirumstances "just" use $_REQUEST for "list" and "htmlemail" because it would turn them into required fields!

That's why this request also fixes request 11011
Attached Files:
Notes
(0050506)
lwc   
18-02-09 13:38   
Please add relationship to 0011011
(0050712)
lwc   
12-08-09 09:34   
Here's a more complicated but much more friendly solution for 1):

1) Allow ?p=subscribe&list=x,y,z (or just list=x)

function ListAvailableLists...

  if (isset($_POST['list'])) {
    $list = $_POST["list"];
// custom code - start
  } elseif (!isset($_POST["subscribe"]) && isset($_GET['list'])) {
    $list_value = "signup";
    $list_values = explode(",", $_GET["list"]);
    if (function_exists(array_fill_keys)) // Only in PHP 5+
      $list = array_fill_keys($list_values, $list_value);
    else // For PHP 4, per phplist's current system requirements
      foreach($list_values as $key=>$value)
          $list[$value] = $list_value;
// custom code - end
  } else...




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
6099 [phplist] All Other feature always 12-04-06 21:16 11-08-09 10:59
Reporter: ozp Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.2  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: forwarding phplist messages and getting blacklisted
Description: User receive phplist message.
User forward message to a friend
Friend clicks on the unsubscribe link
User get blacklisted

Message footer should not be included on the forwarded message.
I cant think another way to avoid this problem.

This problem happends a lot with my users. they are very newbies and so are their friends.
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0012564)
michiel   
12-04-06 21:23   
yes, that's why there is a "forward to a friend" feature in phplist, which should be used instead. When used, it will not include the normal footer with the unsubscribe link, but instead use the special footer as indicated in the config.

There is no stopping people forwarding directly, but then again, when unsubsribed, they will receive an email and if that's an error, they can simply re-subscribe.
(0012566)
ozp   
12-04-06 21:37   
I´ll look out for this feature and how does it works.
But the problem is that when they unsubscribe they gets blacklisted and cannot subscribe again.
The only way we found to subscribe them is to change the blacklist status right on the mysql database
(0012569)
michiel   
13-04-06 00:07   
If a user is blacklisted but they go through the entire subscribe process again, they will be taken off the blacklist.
(0012644)
ozp   
13-04-06 15:33   
ok, thanks.

anyway, I think my users are so newbie that they cannot understand this. Because they stop receiving mails and dont realize that they got unsubscribed.

but this is not a phplist problem.

The forward to a friend feature is good, but I think that most people want to forward to a lot of friends and so they will do this using their email client instead of the link

Maybe if you add a confirmation email (like in the subscription process).

testing all those procedures I´ve realized that someone could make a robot to mass unsubscribe users in a phplist site. (if they have a similar user database they could unsubscribe all the common users)
(0012665)
michiel   
13-04-06 20:56   
Hmm, sure, loads of things can be done with creating robots. It's quite hard though and there should be something that makes it worth it. Alternatively you can set up a password for your users to prevent it. With a password it wouldn't be possible.

I'll file this under "future feature requests", unless you think it can be closed.
(0012667)
ozp   
13-04-06 21:12   
ok, if possible list it under future phplist request
either to forward with no footer
or confirmation needed to unsubscribe
(0012669)
michiel   
13-04-06 21:37   
well, those two features are already there, but there's no way to take off the footer when people forward an email themselves, so that's impossible.

The issue to address would be whether it's possible to handle it differently when users forward to each other. To be honest, I have no idea (at this stage).
(0012681)
bevan   
17-04-06 03:21   
related forum thread: http://www.phplist.com/forums/viewtopic.php?t=5115 [^]

Would an 'unsubscribe confirmation' page solve the issue? requiering two clicks to unsubscribe? In some cases, perhaps, but not all -- right?
(0012687)
ozp   
17-04-06 13:39   
I think that a unsubscribe confirmation page would solve the issue.
(0050711)
Thorsten Albrecht   
11-08-09 10:59   
There is a confirmation page missing in the whole unsubscribe process.

Now, everybody can unsubscribe somebody else on the unsubscribe page. There is no need to know the personal preference/unsubscribe link.

This is a design problem of phplist and this should be corrected.
See http://forums.phplist.com/viewtopic.php?f=4&t=27817 [^]

Thorsten




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15261 [phplist] User Management trivial always 22-04-09 11:43 11-08-09 10:54
Reporter: lwc Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: FutureDevelopments  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Silent blacklisting
Description: You have to realize there's a HUGE difference between a user blacklisting himself/herself and one who requests (read: demands) the admin to do it for him/her. The last thing in the world you or the latter type of user wants is yet ANTOHER message, which could bring you more troubles.

A temporal solution is doing this in admin/lib.php, just while silent blacklisting:

function sendMail (...

/*
  if ($GLOBALS['usephpmailer']) {
    return sendMailPhpMailer($to,$subject,$message);
  } else {
    return sendMailOriginal($to,$subject,$message,$header,$parameters);
  }
*/

So please just do something like this:

if (this is the actual user removing himself/herself) {
  if ($GLOBALS['usephpmailer']) {
    return sendMailPhpMailer($to,$subject,$message);
  } else {
    return sendMailOriginal($to,$subject,$message,$header,$parameters);
  }
}
Steps To Reproduce:
Additional Information: Such blacklisting still takes lots of time for phplist to acknowledge it.

You'd think the trouble comes from blacklist_gracetime, but this doesn't seem to make any difference whatsoever:

// custom code - start
$GLOBALS["blacklist_gracetime"] = 1;
// custom code - end
  if (!$skipblacklistcheck && isBlackListed($to)) {
...

http://forums.phplist.com/viewtopic.php?t=23805 [^]
Attached Files:
Notes
(0050624)
lwc   
23-04-09 08:57   
Here's the patch plus the "something like this" part:

function sendMail (...

// custom code - start
// Only send confirmations for self removals
if (!isset($_SESSION["adminloggedin"]) || !$_SESSION["adminloggedin"]) {
// custom code - end
  if ($GLOBALS['usephpmailer']) {
    return sendMailPhpMailer($to,$subject,$message);
  } else {
    return sendMailOriginal($to,$subject,$message,$header,$parameters);
  }
// custom code - start
}
// custom code - end

But I still need a way to remove (or at least lower) the gracetime for removals by admins.
(0050710)
Thorsten Albrecht   
11-08-09 10:54   
To put a user silently to the blacklist by the admin, I applied the following solution:

http://forums.phplist.com/viewtopic.php?f=16&t=6121&start=15 [^]

Thorsten




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15319 [phplist] Subscriber Import minor always 11-08-09 10:05 11-08-09 10:09
Reporter: Thorsten Albrecht Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: new Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: Option "I prefer to receive html emails" is beeing ignored when importing simple email text file
Description: When importing a simple email address list as simple text file, selecting the checkbox "I prefer to receive html emails" is beeing ignored. (phplist 2.10.10, FF3.5).
Steps To Reproduce:
Additional Information:
Attached Files:
Notes
(0050708)
Thorsten Albrecht   
11-08-09 10:09   
Sorry, this has been already reported in 0015300.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15279 [phplist] Subscribe Process major always 06-05-09 21:10 07-08-09 20:26
Reporter: highcontrast Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.9  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: 3 or more Radio Inputs Required causes endless loop on submit
Description: If a subscribe page has 3 or more (I think it's 3, may be +/- 1) radio inputs that are required it causes and endless loop. This can be a serious problem in FireFox if you click "continue" and check "don't ask me again". This locks up FireFox.

This has been verified in FireFox 3.0.10 on Windows XP, though I'm guessing this would appear in any browser. The problem seems to be one of variable scope caused by using the same variable, i, to control a number of loops. Specifically it is a problem with the checkGroup function in index.php. Using a different variable name instead of i in this function fixes the problem. For example:

function checkGroup(name,value) {
  option = -1;
  for (checkGroupi=0;checkGroupi<document.subscribeform.elements[name].length;checkGroupi++) {
    if (document.subscribeform.elements[name][checkGroupi].checked) {
      option = checkGroupi;
    }
  }
  if (option == -1) {
    alert ("'.$GLOBALS["strPleaseEnter"].' "+value);
    return false;
  }
  return true;
}

Hope this helps.
Steps To Reproduce:
Additional Information:
Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15289 [phplist] Subscribe Process minor always 14-05-09 07:26 07-08-09 20:22
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: assigned Product Version: 2.10.10  
Product Build: Resolution: open  
Projection: none      
ETA: none  
Summary: v2.10.10: UNSUBSCRIBE_JUMPOFF doesn't seem to work for personalized unsubscribe link
Description: When UNSUBSCRIBE_JUMPOFF" is set to 1 in config.php, the script still displays the 'tell us why' text box when using a _personalized unsubscribe_ link*** (unsubscribe url+uid, e.g. lists/?p=unsubscribe&uid=c2672b3f595..etc.) is used.

The "Tell us why" text box is NOT displayed if a _non-personalized link_ (e.g. lists/?p=unsubscribe) is used.
Steps To Reproduce:
Additional Information: This issue was previously reported (and partly fixed) in http://mantis.phplist.com/view.php?id=15212 [^]

system info:
phplist 2.10.10
Linux/Apache
PHP 5.2.3
MySQL 4.1.12

Attached Files:
There are no notes attached to this issue.




Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
15282 [phplist] User Management minor always 11-05-09 15:58 07-08-09 19:46
Reporter: h2b2 Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: resolved Product Version: 2.10.10  
Product Build: Resolution: fixed  
Projection: none      
ETA: none  
Summary: v2.10.10: 'View list members' does only allow viewing the first page of 50 users on the list
Description: When viewing list members (e.g. lists/admin/?page=members&id=1) it is only possible to view the first page of 50 list members. It is not possible to view the remainder of the list members, as the navigation links (<,>,<<,>>) do not seem to work.

For instance, ">" (http://my_domain.com/lists/admin/?page=members&start=50&id=1) [^] does not load the next 50 list members.
Steps To Reproduce:
Additional Information: This issue is reported by several forum users (system info included in their posts).

Related to this forum thread: http://forums.phplist.com/viewtopic.php?f=17&t=24514&start=0 [^]
Attached Files:
Notes
(0050665)
iloveitaly   
27-05-09 15:35   
Here is the fix:

Change
if (isset($start) && $start) {
     $start = sprintf('%d',$_REQUEST["start"]);

To:
if (isset($_GET['start']) && (int) $_GET['start'] > 0) {
$start = (int) $_GET["start"];
(0050666)
pbolger   
29-05-09 09:59   
Not sure what the protocol here is, but I noticed this issue, and iloveitaly's patch fixes it for me.

How does one go about getting the patch considered for inclusion in the next release?

I'd say the severity is rather more than 'minor' too - not being able to edit lists of over 50 members is a pretty major drawback in my book!
(0050669)
kgw220495   
01-06-09 10:52   
The above code can be found in the admin code folder in members.php on line 205. Change made and works successfully.
(0050688)
kbh   
29-06-09 06:55   
thanks
it's working!
(0050699)
ignacio   
27-07-09 14:29   
I need to asssign this to Pablo.
(0050700)
ignacio   
27-07-09 15:26   
Hi Pablo,
Could you please apply this patch to the 2.10.10 (stable) version?

Thanks in advance,
Ignacio
(0050706)
pablo   
07-08-09 19:45   
Change applied and tested.



Viewing Issue Advanced Details
ID: Category: Severity: Reproducibility: Date Submitted: Last Update:
5385 [phplist] Message Send Process major always 06-02-06 20:08 06-08-09 23:51
Reporter: dave_graham Platform:  
Assigned To: OS:  
Priority: normal OS Version:  
Status: confirmed Product Version: 2.10.2  
Product Build: Resolution: open  
Projection: none      
ETA: none