LimeSurvey issue tracker
Registration

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
03802User patchesTokenspublic2009-10-28 17:122012-01-26 09:44
ReporterMazi 
Assigned To 
PrioritynormalSeveritytweak 
StatusconfirmedResolutionopen 
Product Version 
Target VersionFixed in Version 
Summary03802: Token table and Token table and "Only users with tokens may enter the survey?"-setting
DescriptionI recently ran into a strange behavior which can be reproduced as follows: Set up a survey using "Only users with tokens may enter the survey? -> no", "Allow public registration? -> no". After the survey is created initialise tokens so the token table is created. I did this because I wanted to edit email templates and I thought about using tokens later on.
Go back to the survey and test it. You are forced to enter a token although at the survey setting you set NOT to use tokens.

I won't say this is a bug but it's very irritating for the common user. What do you think about it?
TagsNo tags attached.
LimeSurvey build number OR git commit ID7777
Attached Filespatch file icon bugs03802.patch [^] (424 bytes) 2009-11-01 03:53 [Show Content]
zip file icon 03802.zip [^] (25,170 bytes) 2009-11-01 03:54

- Relationships

-  Notes
User avatar (09929)
Mazi (developer)
2009-10-31 11:12

Thibault, I assign this one to you because you also started the discussion at the mailing list.
User avatar (09933)
DenisChenu (developer)
2009-11-01 03:51
edited on: 2009-11-01 03:56

Add a patch:

Modfy behaviour, resolves 2 problem: this one, and a second effect: if survey is inactive, and you want to test the survey with a token table, you need to enter a token. (problem if token table is empty).

With this patch, token are tested only : if token exist AND token is mandatory AND survey is active

If token exist, and answered, then you can not access with the same token. You can only answer without token.

zip contain patch + index.php patched for 7697

User avatar (09937)
Mazi (developer)
2009-11-01 13:50

@Shnoulle: great work, thanks for your help.

@Lemeur, can you take a look at the patch?
User avatar (10014)
lemeur (administrator)
2009-11-08 10:48
edited on: 2009-11-08 10:52

Carsten,
Before having a deeper look at the fix I would like us to specify what we really expect from the usetokens survey parameter in the following different cases:

1- Survey is inactive, there is no token table yet, usetokens isn't set
==> IMHO: easy case, don't ask for a token, don't set {TOKEN:vars}

2- Survey is inactive, there is no token table yet, usetokens is set
==> We must decide if in this case we simulate the active state behaviour (ask for a token and fail the token since there is no token table yet),
==> OR don't ask for a token and proceed with {TOKEN:vars} unset (specific TEST mode)

IMHO: I would vote for the first option because I wouldn't want people to think the survey is working great in test mode and then find out it isn't (after activation).

3- Survey is inactive, there is a token table, usetokens is not set
==> easy case: don't ask for a token, but if a token is given in URL assign the {TOKEN:vars}

4- Survey is inactive, there is a token table, usetokens is set
==> Easy case: Ask for a token if not provided in URL, set {TOKEN:vars}

5- Survey is active, there is no token table yet, usetokens isn't set
==> Easy case, don't ask for a token, don't set {TOKEN:vars}

6- Survey is active, there is no token table yet, usetokens is set
==> Easy case IMHO: ask for token and since no token table is set, reject the user

7- Survey is active, there is a token table, usetokens is not set
==> easy case: don't ask for a token, but if a token is given in URL assign the {TOKEN:vars} and check for response unicity

8- Survey is active, there is a token table, usetokens is set
==> Easy case: Ask for a token if not provided in URL, set {TOKEN:vars} and check for response unicity.

Let's confirm these cases first and then rework the patch if necessary.

PS: Carsten, of course you can assign the ticket back to me after having answered.

User avatar (10015)
Mazi (developer)
2009-11-08 12:08

Let me add my 2 cents:
At case 2 I vote for solution b.

What about adding a $testmode parameter to config-defaults.php with a default setting "false". If this is true (testmode is activated) don't ask for tokens at case 2 and perhaps also at case 6.
This test mode would also be useful to temporary make questions not mandatory for testing (see this feature request: http://ideas.limesurvey.org/ideatorrent/idea/35/ [^]).
User avatar (10019)
lemeur (administrator)
2009-11-08 20:10
edited on: 2009-11-08 20:10

@Mazi,

As a limesurvey developper I would vote for solution 2 as well: it would help testing some surveys.

But if I think about the end-user, I think it is best to keep the test-mode consistent with the run mode in order to avoid people from thining there is a bug in LS after activation when in fact it is only a difference between Test and Run mode.

So to sum up, if we decide to implement both solution a and b for point 2, and make the choice switchable in config, then I would vote for having a default setting to a.

User avatar (10020)
Mazi (developer)
2009-11-08 21:27

"So to sum up, if we decide to implement both solution a and b for point 2, and make the choice switchable in config, then I would vote for having a default setting to a."

I agree.
User avatar (10021)
DenisChenu (developer)
2009-11-08 21:45

OK for me too ;)

6. If survey is active and usetokens=1 , and no token table/ no token given : we can't answer to survey.
User avatar (10070)
c_schmitz (administrator)
2009-11-11 23:17

Shnoulle, can you commit the patch please asap?
User avatar (10071)
c_schmitz (administrator)
2009-11-11 23:18

Or please provide a patch made with subversion. The current patch format is useless.
User avatar (10072)
c_schmitz (administrator)
2009-11-11 23:20

Nevermind, found a way to apply it.
User avatar (10078)
DenisChenu (developer)
2009-11-12 09:34

Oups , 3 minutes after ...

Sorry .

<q>Shnoulle, can you commit the patch please asap? </q>I don't have svn acces i think.

<q>Or please provide a patch made with subversion.</q>Next time i send 2 patch : one for current and 1 for SVN ;) (if i can)
User avatar (10081)
Mazi (developer)
2009-11-12 18:09

We should definately rework the workflow at this point:
1. create survey
2. create token table
3. fill token table
4. activate survey
5. you are asked to switch to closed access mode although a token table is already there

When clicking yes a new token table is created (if I remember correctly) and the old one is sent to nowhere.
User avatar (10209)
c_schmitz (administrator)
2009-11-22 21:11
edited on: 2009-11-22 21:12

As Mazi said, the whole workflow needs to be reworked on this one. I will remove the setting for now.
I am re-scheduling this for 1.88 since it requires a bigger change and it's a minor inconvenience atm.

User avatar (11280)
Mazi (developer)
2010-03-10 11:00
edited on: 2010-03-10 11:00

Carsten, what's the status on this?

I think there have been some minor adjustments at 1.87?!

Will there be further improvements at 1.90?

If this is "done" just close the ticket.

User avatar (11310)
c_schmitz (administrator)
2010-03-12 13:50

> When clicking yes a new token table is created (if I remember correctly) and the old one is sent to nowhere.

btw. that is not true, the existing one is used.

I am not intending to do any changes at the moment.
User avatar (12399)
Mazi (developer)
2010-07-13 02:25

I think we can close this one!?

- Issue History
Date Modified Username Field Change
2009-10-28 17:12 Mazi New Issue
2009-10-28 17:12 Mazi Status new => assigned
2009-10-28 17:12 Mazi Assigned To => user372
2009-10-28 17:12 Mazi LimeSurvey build number => 7777
2009-10-28 17:12 Mazi Browser => Firefox 3
2009-10-28 17:12 Mazi Database & DB-Version => My Sql 5.1.30
2009-10-28 17:12 Mazi Operating System (Server) => Win XP Sp 3
2009-10-28 17:12 Mazi Webserver => Apache 2.2
2009-10-28 17:12 Mazi PHP Version => 5.2
2009-10-31 00:20 user372 Assigned To user372 => Mazi
2009-10-31 11:11 Mazi Assigned To Mazi => lemeur
2009-10-31 11:12 Mazi Note Added: 09929
2009-11-01 03:51 DenisChenu Note Added: 09933
2009-11-01 03:53 DenisChenu File Added: bugs03802.patch
2009-11-01 03:54 DenisChenu File Added: 03802.zip
2009-11-01 03:56 DenisChenu Note Edited: 09933
2009-11-01 13:50 Mazi Note Added: 09937
2009-11-08 10:31 lemeur Assigned To lemeur => c_schmitz
2009-11-08 10:48 lemeur Note Added: 10014
2009-11-08 10:49 lemeur Status assigned => feedback
2009-11-08 10:52 lemeur Note Edited: 10014
2009-11-08 12:08 Mazi Note Added: 10015
2009-11-08 20:10 lemeur Note Added: 10019
2009-11-08 20:10 lemeur Note Edited: 10019
2009-11-08 21:27 Mazi Note Added: 10020
2009-11-08 21:45 DenisChenu Note Added: 10021
2009-11-11 23:17 c_schmitz Note Added: 10070
2009-11-11 23:18 c_schmitz Note Added: 10071
2009-11-11 23:20 c_schmitz Note Added: 10072
2009-11-12 09:34 DenisChenu Note Added: 10078
2009-11-12 18:09 Mazi Note Added: 10081
2009-11-22 21:11 c_schmitz Note Added: 10209
2009-11-22 21:12 c_schmitz Note Edited: 10209
2009-11-22 21:20 c_schmitz Project Bug reports => User patches
2009-11-22 21:25 c_schmitz Status feedback => confirmed
2009-11-22 21:25 c_schmitz Assigned To c_schmitz =>
2010-03-10 11:00 Mazi Note Added: 11280
2010-03-10 11:00 Mazi Status confirmed => assigned
2010-03-10 11:00 Mazi Assigned To => c_schmitz
2010-03-10 11:00 Mazi Note Edited: 11280 View Revisions
2010-03-12 13:50 c_schmitz Note Added: 11310
2010-03-13 16:13 c_schmitz Status assigned => acknowledged
2010-03-15 17:45 c_schmitz Assigned To c_schmitz =>
2010-03-15 17:45 c_schmitz Status acknowledged => confirmed
2010-07-13 02:25 Mazi Note Added: 12399


Copyright © 2000 - 2014 MantisBT Team
Powered by Mantis Bugtracker