View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 06403 | Bug reports | Survey participants (Tokens) | public | 2012-07-30 06:08 | 2012-08-03 13:46 |
| Reporter | jcleeland | Assigned To | jcleeland | ||
| Priority | normal | Severity | minor | ||
| Status | closed | Resolution | fixed | ||
| Fixed in Version | 2.00RC8 | ||||
| Summary | 06403: Link from participants table to surveys bypasses survey permissions | ||||
| Description | If you have a shared participant who is also on the tokens/invitation list to a different survey, the participants table not only provides a link to that survey token table, but when you click on it nothing stops you from viewing the tokens list. This is a privacy problem and needs to be corrected. | ||||
| Tags | No tags attached. | ||||
| Bug heat | 4 | ||||
| Complete LimeSurvey version number (& build) | 201207 | ||||
| I will donate to the project if issue is resolved | No | ||||
| Browser | |||||
| Database type & version | MySQL | ||||
| Server OS (if known) | Windows | ||||
| Webserver software & version (if known) | ApacheII | ||||
| PHP Version | 5 | ||||
 |
Fix committed to Yii branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=9178 |
 |
2.00RC8 released. |
|
LimeSurvey: Yii 5648dd3d 2012-07-29 21:33:14 Details Diff |
Fixed issue 06403 Link from participants grid to surveys bypasses survey permissions |
Affected Issues 06403 |
|
| mod - application/controllers/admin/participantsaction.php | Diff File | ||
| mod - application/controllers/admin/tokens.php | Diff File | ||
| mod - application/models/Participants.php | Diff File | ||
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2012-07-30 06:08 | jcleeland | New Issue | |
| 2012-07-30 06:08 | jcleeland | Status | new => assigned |
| 2012-07-30 06:08 | jcleeland | Assigned To | => jcleeland |
| 2012-07-30 06:33 | jcleeland | Changeset attached | => LimeSurvey Yii 5648dd3d |
| 2012-07-30 06:33 | jcleeland | Note Added: 20065 | |
| 2012-07-30 06:33 | jcleeland | Resolution | open => fixed |
| 2012-07-30 06:43 | jcleeland | Status | assigned => resolved |
| 2012-08-03 13:45 | c_schmitz | Fixed in Version | => 2.00RC8 |
| 2012-08-03 13:46 | c_schmitz | Note Added: 20155 | |
| 2012-08-03 13:46 | c_schmitz | Status | resolved => closed |
| 2016-12-08 10:39 | c_schmitz | Category | Tokens => Survey participants (Tokens) |
