Dependency Graph

Dependency Graph
related to related to child of child of duplicate of duplicate of

View Issue Details

This bug affects 1 person(s).
 24
IDProjectCategoryView StatusLast Update
17661Bug reportsSurvey takingpublic2022-09-27 21:44
Reporterfabianlehner Assigned Togalads  
PrioritynormalSeverityminor 
Status closedResolutionfixed 
Product Version5.x 
Fixed in Version5.3.x 
Summary17661: Resume from link: "no matching saved response"
Description

After saving a response, when clicking the reload link from the email, the error message "There is no matching saved response." is shown.

I strongly assume this is due to https://github.com/LimeSurvey/LimeSurvey/commit/720b5e5751dcd35f1abcc496addf7e12b6525d19, where the password has been removed from the email (and probably also from the link).
It might be a design decision to require the password even when clicking the link from the email; in that case, the message would have to be changed in order not to confuse users.

Lines 427-429 would also include the client token; for public surveys this doesn't help though.

Steps To Reproduce

Steps to reproduce

  1. Create a simple survey (see example) with save-and-resume enabled.
  2. Run the survey and save.
  3. From the email received, click the resume link.
  4. Limesurvey opens, showing "There is no matching saved response.", even though the actual problem is that the required credentials aren't included in the link.

Expected result

Either survey opens with formerly filled data,
or message shows "Please enter the username and password you set earlier" or the like.

Actual result

see 4.

TagsNo tags attached.
Bug heat24
Complete LimeSurvey version number (& build)5.1.15+211011
I will donate to the project if issue is resolvedNo
Browser
Database type & versionpgsql 11.12
Server OS (if known)Debian 11.12
Webserver software & version (if known)
PHP Version 7.3.31

Relationships

has duplicate 17803 closed Error shown when try to load a saved survey 
has duplicate 17583 closedgalads The survey is not loading directly 

Activities

fabianlehner

fabianlehner

2021-10-13 11:26

reporter  

limesurvey_survey_949925_resumetest.lss (15,194 bytes)   
<?xml version="1.0" encoding="UTF-8"?>
<document>
 <LimeSurveyDocType>Survey</LimeSurveyDocType>
 <DBVersion>475</DBVersion>
 <languages>
  <language>en</language>
 </languages>
 <groups>
  <fields>
   <fieldname>gid</fieldname>
   <fieldname>sid</fieldname>
   <fieldname>group_order</fieldname>
   <fieldname>randomization_group</fieldname>
   <fieldname>grelevance</fieldname>
  </fields>
  <rows>
   <row>
    <gid><![CDATA[10]]></gid>
    <sid><![CDATA[949925]]></sid>
    <group_order><![CDATA[1]]></group_order>
    <randomization_group/>
    <grelevance><![CDATA[1]]></grelevance>
   </row>
  </rows>
 </groups>
 <group_l10ns>
  <fields>
   <fieldname>id</fieldname>
   <fieldname>gid</fieldname>
   <fieldname>group_name</fieldname>
   <fieldname>description</fieldname>
   <fieldname>language</fieldname>
   <fieldname>sid</fieldname>
   <fieldname>group_order</fieldname>
   <fieldname>randomization_group</fieldname>
   <fieldname>grelevance</fieldname>
  </fields>
  <rows>
   <row>
    <id><![CDATA[10]]></id>
    <gid><![CDATA[10]]></gid>
    <group_name><![CDATA[My first question group]]></group_name>
    <language><![CDATA[en]]></language>
    <sid><![CDATA[949925]]></sid>
    <group_order><![CDATA[1]]></group_order>
    <randomization_group/>
    <grelevance><![CDATA[1]]></grelevance>
   </row>
  </rows>
 </group_l10ns>
 <questions>
  <fields>
   <fieldname>qid</fieldname>
   <fieldname>parent_qid</fieldname>
   <fieldname>sid</fieldname>
   <fieldname>gid</fieldname>
   <fieldname>type</fieldname>
   <fieldname>title</fieldname>
   <fieldname>preg</fieldname>
   <fieldname>other</fieldname>
   <fieldname>mandatory</fieldname>
   <fieldname>encrypted</fieldname>
   <fieldname>question_order</fieldname>
   <fieldname>scale_id</fieldname>
   <fieldname>same_default</fieldname>
   <fieldname>relevance</fieldname>
   <fieldname>modulename</fieldname>
   <fieldname>question_theme_name</fieldname>
  </fields>
  <rows>
   <row>
    <qid><![CDATA[93]]></qid>
    <parent_qid><![CDATA[0]]></parent_qid>
    <sid><![CDATA[949925]]></sid>
    <gid><![CDATA[10]]></gid>
    <type><![CDATA[T]]></type>
    <title><![CDATA[Q00]]></title>
    <other><![CDATA[N]]></other>
    <mandatory><![CDATA[N]]></mandatory>
    <encrypted><![CDATA[N]]></encrypted>
    <question_order><![CDATA[1]]></question_order>
    <scale_id><![CDATA[0]]></scale_id>
    <same_default><![CDATA[0]]></same_default>
    <relevance><![CDATA[1]]></relevance>
    <question_theme_name><![CDATA[longfreetext]]></question_theme_name>
   </row>
  </rows>
 </questions>
 <question_l10ns>
  <fields>
   <fieldname>id</fieldname>
   <fieldname>qid</fieldname>
   <fieldname>question</fieldname>
   <fieldname>help</fieldname>
   <fieldname>script</fieldname>
   <fieldname>language</fieldname>
  </fields>
  <rows>
   <row>
    <id><![CDATA[93]]></id>
    <qid><![CDATA[93]]></qid>
    <question><![CDATA[A first example question. Please answer this question:]]></question>
    <help><![CDATA[This is a question help text.]]></help>
    <language><![CDATA[en]]></language>
   </row>
  </rows>
 </question_l10ns>
 <surveys>
  <fields>
   <fieldname>sid</fieldname>
   <fieldname>gsid</fieldname>
   <fieldname>admin</fieldname>
   <fieldname>expires</fieldname>
   <fieldname>startdate</fieldname>
   <fieldname>adminemail</fieldname>
   <fieldname>anonymized</fieldname>
   <fieldname>faxto</fieldname>
   <fieldname>format</fieldname>
   <fieldname>savetimings</fieldname>
   <fieldname>template</fieldname>
   <fieldname>language</fieldname>
   <fieldname>additional_languages</fieldname>
   <fieldname>datestamp</fieldname>
   <fieldname>usecookie</fieldname>
   <fieldname>allowregister</fieldname>
   <fieldname>allowsave</fieldname>
   <fieldname>autonumber_start</fieldname>
   <fieldname>autoredirect</fieldname>
   <fieldname>allowprev</fieldname>
   <fieldname>printanswers</fieldname>
   <fieldname>ipaddr</fieldname>
   <fieldname>ipanonymize</fieldname>
   <fieldname>refurl</fieldname>
   <fieldname>showsurveypolicynotice</fieldname>
   <fieldname>publicstatistics</fieldname>
   <fieldname>publicgraphs</fieldname>
   <fieldname>listpublic</fieldname>
   <fieldname>htmlemail</fieldname>
   <fieldname>sendconfirmation</fieldname>
   <fieldname>tokenanswerspersistence</fieldname>
   <fieldname>assessments</fieldname>
   <fieldname>usecaptcha</fieldname>
   <fieldname>usetokens</fieldname>
   <fieldname>bounce_email</fieldname>
   <fieldname>attributedescriptions</fieldname>
   <fieldname>emailresponseto</fieldname>
   <fieldname>emailnotificationto</fieldname>
   <fieldname>tokenlength</fieldname>
   <fieldname>showxquestions</fieldname>
   <fieldname>showgroupinfo</fieldname>
   <fieldname>shownoanswer</fieldname>
   <fieldname>showqnumcode</fieldname>
   <fieldname>bouncetime</fieldname>
   <fieldname>bounceprocessing</fieldname>
   <fieldname>bounceaccounttype</fieldname>
   <fieldname>bounceaccounthost</fieldname>
   <fieldname>bounceaccountpass</fieldname>
   <fieldname>bounceaccountencryption</fieldname>
   <fieldname>bounceaccountuser</fieldname>
   <fieldname>showwelcome</fieldname>
   <fieldname>showprogress</fieldname>
   <fieldname>questionindex</fieldname>
   <fieldname>navigationdelay</fieldname>
   <fieldname>nokeyboard</fieldname>
   <fieldname>alloweditaftercompletion</fieldname>
   <fieldname>googleanalyticsstyle</fieldname>
   <fieldname>googleanalyticsapikey</fieldname>
   <fieldname>tokenencryptionoptions</fieldname>
  </fields>
  <rows>
   <row>
    <sid><![CDATA[949925]]></sid>
    <gsid><![CDATA[1]]></gsid>
    <admin><![CDATA[inherit]]></admin>
    <adminemail><![CDATA[inherit]]></adminemail>
    <anonymized><![CDATA[N]]></anonymized>
    <format><![CDATA[I]]></format>
    <savetimings><![CDATA[N]]></savetimings>
    <template><![CDATA[inherit]]></template>
    <language><![CDATA[en]]></language>
    <additional_languages/>
    <datestamp><![CDATA[N]]></datestamp>
    <usecookie><![CDATA[I]]></usecookie>
    <allowregister><![CDATA[I]]></allowregister>
    <allowsave><![CDATA[I]]></allowsave>
    <autonumber_start><![CDATA[0]]></autonumber_start>
    <autoredirect><![CDATA[I]]></autoredirect>
    <allowprev><![CDATA[I]]></allowprev>
    <printanswers><![CDATA[I]]></printanswers>
    <ipaddr><![CDATA[N]]></ipaddr>
    <ipanonymize><![CDATA[N]]></ipanonymize>
    <refurl><![CDATA[N]]></refurl>
    <showsurveypolicynotice><![CDATA[0]]></showsurveypolicynotice>
    <publicstatistics><![CDATA[I]]></publicstatistics>
    <publicgraphs><![CDATA[I]]></publicgraphs>
    <listpublic><![CDATA[I]]></listpublic>
    <htmlemail><![CDATA[I]]></htmlemail>
    <sendconfirmation><![CDATA[I]]></sendconfirmation>
    <tokenanswerspersistence><![CDATA[I]]></tokenanswerspersistence>
    <assessments><![CDATA[I]]></assessments>
    <usecaptcha><![CDATA[E]]></usecaptcha>
    <usetokens><![CDATA[N]]></usetokens>
    <bounce_email><![CDATA[inherit]]></bounce_email>
    <emailresponseto><![CDATA[inherit]]></emailresponseto>
    <emailnotificationto><![CDATA[inherit]]></emailnotificationto>
    <tokenlength><![CDATA[-1]]></tokenlength>
    <showxquestions><![CDATA[I]]></showxquestions>
    <showgroupinfo><![CDATA[I]]></showgroupinfo>
    <shownoanswer><![CDATA[I]]></shownoanswer>
    <showqnumcode><![CDATA[I]]></showqnumcode>
    <bounceprocessing><![CDATA[N]]></bounceprocessing>
    <showwelcome><![CDATA[I]]></showwelcome>
    <showprogress><![CDATA[I]]></showprogress>
    <questionindex><![CDATA[-1]]></questionindex>
    <navigationdelay><![CDATA[-1]]></navigationdelay>
    <nokeyboard><![CDATA[I]]></nokeyboard>
    <alloweditaftercompletion><![CDATA[I]]></alloweditaftercompletion>
    <tokenencryptionoptions/>
   </row>
  </rows>
 </surveys>
 <surveys_languagesettings>
  <fields>
   <fieldname>surveyls_survey_id</fieldname>
   <fieldname>surveyls_language</fieldname>
   <fieldname>surveyls_title</fieldname>
   <fieldname>surveyls_description</fieldname>
   <fieldname>surveyls_welcometext</fieldname>
   <fieldname>surveyls_endtext</fieldname>
   <fieldname>surveyls_policy_notice</fieldname>
   <fieldname>surveyls_policy_error</fieldname>
   <fieldname>surveyls_policy_notice_label</fieldname>
   <fieldname>surveyls_url</fieldname>
   <fieldname>surveyls_urldescription</fieldname>
   <fieldname>surveyls_email_invite_subj</fieldname>
   <fieldname>surveyls_email_invite</fieldname>
   <fieldname>surveyls_email_remind_subj</fieldname>
   <fieldname>surveyls_email_remind</fieldname>
   <fieldname>surveyls_email_register_subj</fieldname>
   <fieldname>surveyls_email_register</fieldname>
   <fieldname>surveyls_email_confirm_subj</fieldname>
   <fieldname>surveyls_email_confirm</fieldname>
   <fieldname>surveyls_dateformat</fieldname>
   <fieldname>surveyls_attributecaptions</fieldname>
   <fieldname>email_admin_notification_subj</fieldname>
   <fieldname>email_admin_notification</fieldname>
   <fieldname>email_admin_responses_subj</fieldname>
   <fieldname>email_admin_responses</fieldname>
   <fieldname>surveyls_numberformat</fieldname>
   <fieldname>attachments</fieldname>
  </fields>
  <rows>
   <row>
    <surveyls_survey_id><![CDATA[949925]]></surveyls_survey_id>
    <surveyls_language><![CDATA[en]]></surveyls_language>
    <surveyls_title><![CDATA[Test Resume Saved Response]]></surveyls_title>
    <surveyls_description/>
    <surveyls_welcometext/>
    <surveyls_endtext/>
    <surveyls_policy_notice/>
    <surveyls_policy_notice_label/>
    <surveyls_url/>
    <surveyls_urldescription/>
    <surveyls_email_invite_subj><![CDATA[Invitation to participate in a survey]]></surveyls_email_invite_subj>
    <surveyls_email_invite><![CDATA[Dear {FIRSTNAME},

you have been invited to participate in a survey.

The survey is titled:
"{SURVEYNAME}"

"{SURVEYDESCRIPTION}"

To participate, please click on the link below.

Sincerely,

{ADMINNAME} ({ADMINEMAIL})

----------------------------------------------
Click here to do the survey:
{SURVEYURL}

If you do not want to participate in this survey and don't want to receive any more invitations please click the following link:
{OPTOUTURL}

If you are blacklisted but want to participate in this survey and want to receive invitations please click the following link:
{OPTINURL}]]></surveyls_email_invite>
    <surveyls_email_remind_subj><![CDATA[Reminder to participate in a survey]]></surveyls_email_remind_subj>
    <surveyls_email_remind><![CDATA[Dear {FIRSTNAME},

Recently we invited you to participate in a survey.

We note that you have not yet completed the survey, and wish to remind you that the survey is still available should you wish to take part.

The survey is titled:
"{SURVEYNAME}"

"{SURVEYDESCRIPTION}"

To participate, please click on the link below.

Sincerely,

{ADMINNAME} ({ADMINEMAIL})

----------------------------------------------
Click here to do the survey:
{SURVEYURL}

If you do not want to participate in this survey and don't want to receive any more invitations please click the following link:
{OPTOUTURL}]]></surveyls_email_remind>
    <surveyls_email_register_subj><![CDATA[Survey registration confirmation]]></surveyls_email_register_subj>
    <surveyls_email_register><![CDATA[Dear {FIRSTNAME},

You, or someone using your email address, have registered to participate in an online survey titled {SURVEYNAME}.

To complete this survey, click on the following URL:

{SURVEYURL}

If you have any questions about this survey, or if you did not register to participate and believe this email is in error, please contact {ADMINNAME} at {ADMINEMAIL}.]]></surveyls_email_register>
    <surveyls_email_confirm_subj><![CDATA[Confirmation of your participation in our survey]]></surveyls_email_confirm_subj>
    <surveyls_email_confirm><![CDATA[Dear {FIRSTNAME},

this email is to confirm that you have completed the survey titled {SURVEYNAME} and your response has been saved. Thank you for participating.

If you have any further questions about this email, please contact {ADMINNAME} on {ADMINEMAIL}.

Sincerely,

{ADMINNAME}]]></surveyls_email_confirm>
    <surveyls_dateformat><![CDATA[9]]></surveyls_dateformat>
    <email_admin_notification_subj><![CDATA[Response submission for survey {SURVEYNAME}]]></email_admin_notification_subj>
    <email_admin_notification><![CDATA[Hello,

A new response was submitted for your survey '{SURVEYNAME}'.

Click the following link to see the individual response:
{VIEWRESPONSEURL}

Click the following link to edit the individual response:
{EDITRESPONSEURL}

View statistics by clicking here:
{STATISTICSURL}]]></email_admin_notification>
    <email_admin_responses_subj><![CDATA[Response submission for survey {SURVEYNAME} with results]]></email_admin_responses_subj>
    <email_admin_responses><![CDATA[Hello,

A new response was submitted for your survey '{SURVEYNAME}'.

Click the following link to see the individual response:
{VIEWRESPONSEURL}

Click the following link to edit the individual response:
{EDITRESPONSEURL}

View statistics by clicking here:
{STATISTICSURL}


The following answers were given by the participant:
{ANSWERTABLE}]]></email_admin_responses>
    <surveyls_numberformat><![CDATA[0]]></surveyls_numberformat>
   </row>
  </rows>
 </surveys_languagesettings>
 <themes>
  <theme>
   <sid>949925</sid>
   <template_name>fruity</template_name>
   <config>
    <options>inherit</options>
   </config>
  </theme>
 </themes>
 <themes_inherited>
  <theme>
   <sid>949925</sid>
   <template_name>fruity</template_name>
   <config>
    <options>
     <ajaxmode>off</ajaxmode>
     <brandlogo>on</brandlogo>
     <brandlogofile>themes/survey/fruity/files/logo.png</brandlogofile>
     <container>on</container>
     <backgroundimage>off</backgroundimage>
     <animatebody>off</animatebody>
     <bodyanimation>fadeInRight</bodyanimation>
     <bodyanimationduration>500</bodyanimationduration>
     <animatequestion>off</animatequestion>
     <questionanimation>flipInX</questionanimation>
     <questionanimationduration>500</questionanimationduration>
     <animatealert>off</animatealert>
     <alertanimation>shake</alertanimation>
     <alertanimationduration>500</alertanimationduration>
     <font>noto</font>
     <bodybackgroundcolor>#ffffff</bodybackgroundcolor>
     <fontcolor>#444444</fontcolor>
     <questionbackgroundcolor>#ffffff</questionbackgroundcolor>
     <questionborder>on</questionborder>
     <questioncontainershadow>on</questioncontainershadow>
     <checkicon>f00c</checkicon>
     <animatecheckbox>on</animatecheckbox>
     <checkboxanimation>rubberBand</checkboxanimation>
     <checkboxanimationduration>500</checkboxanimationduration>
     <animateradio>on</animateradio>
     <radioanimation>zoomIn</radioanimation>
     <radioanimationduration>500</radioanimationduration>
     <zebrastriping>off</zebrastriping>
     <stickymatrixheaders>off</stickymatrixheaders>
     <greyoutselected>off</greyoutselected>
     <hideprivacyinfo>off</hideprivacyinfo>
     <crosshover>off</crosshover>
     <showpopups>1</showpopups>
     <showclearall>off</showclearall>
     <questionhelptextposition>top</questionhelptextposition>
     <notables>1</notables>
    </options>
   </config>
  </theme>
 </themes_inherited>
</document>
fabianlehner

fabianlehner

2021-10-13 11:26

reporter   ~66841

might be related to 17583

fabianlehner

fabianlehner

2021-11-03 12:51

reporter   ~67078

Last edited: 2021-12-14 13:26

Hello,
is there anyway I can contribute to this? I'd offer to work on a PR, but I think this needs a design decision first.

tbart

tbart

2021-11-22 15:29

reporter   ~67476

Last edited: 2021-12-14 13:26

This happens on my 3.27.25+211116 as well.

If I enter the username/password regardless of the error message, I get the saved responses back.

application/helpers/frontend_helper.php reads
29 $scid = Yii::app()->request->getQuery('scid');
30 if (Yii::app()->request->getParam('loadall') === "reload") {
31 $sLoadName = Yii::app()->request->getParam('loadname');
32 $sLoadPass = Yii::app()->request->getParam('loadpass');

However, this cannot work out, as neither loadname nor loadpass get sent out via email to be part of the link's parameters.
This should be removed as I don't think the condition of those being part of the request will ever really happen.

Apart from this, application/controllers/survey/index.php should not attempt to loadanswers() if username and password have not been entered before.

fabianlehner

fabianlehner

2021-11-24 16:18

reporter   ~67539

Last edited: 2021-12-14 13:26

"This should be removed as I don't think the condition of those being part of the request will ever really happen." – @tbart, if I'm not mistaken it used to be part of the request (loadname and loadpass were part of the resume link in the email sent to the participant), but removed in the commit I linked above.
I just realized that mantis mistook the link: https://github.com/LimeSurvey/LimeSurvey/commit/720b5e5751dcd35f1abcc496addf7e12b6525d19
See lines 426 / 284 at the very bottom.

@galads this definitely needs a design decision (if one hasn't been drawn yet but not fully implemented), could you please escalate this issue if necessary?

tbart

tbart

2021-11-30 19:59

reporter   ~67612

Last edited: 2021-12-14 13:26

Yes, I know for sure that the credentials have been part of the URL sent out via mail for years, as clicking it has been enough to get you to the point you left off.

Currently, all stable versions seem to suffer from this issue/the inability of users to restore their saved sessions when they get scared by the error message and do not just go ahead and enter their credentials nevertheless (and that's definitely how they react).

I think this deserves more than a "minor".

galads

galads

2021-12-14 13:27

administrator   ~67787

I have added the task to the backlog.

fabianlehner

fabianlehner

2022-07-09 11:26

reporter   ~70812

This has been resolved: https://github.com/LimeSurvey/LimeSurvey/commit/80ff7744d8be46cce77f8b667c3dba653b714903

@galads can I ask you to close this issue? I think I can't (which is weird since I reported it).

tbart

tbart

2022-07-12 14:44

reporter   ~70885

Will this be backported to 3.x as well?
https://community.limesurvey.org/ still shows 3.x as the stable/current/recommended version, so I don't want to upgrade, yet.

c_schmitz

c_schmitz

2022-08-16 18:47

administrator   ~71446

I am sorry but there are no plans to backport this.
The recommended version is now 5.x

Issue History

Date Modified Username Field Change
2021-10-13 11:26 fabianlehner New Issue
2021-10-13 11:26 fabianlehner File Added: limesurvey_survey_949925_resumetest.lss
2021-10-13 11:26 fabianlehner Note Added: 66841
2021-10-13 11:26 fabianlehner Bug heat 0 => 2
2021-10-19 09:57 galads Assigned To => galads
2021-10-19 09:57 galads Status new => confirmed
2021-11-03 12:51 fabianlehner Note Added: 67078
2021-11-22 15:29 tbart Note Added: 67476
2021-11-22 15:29 tbart Bug heat 2 => 4
2021-11-24 16:18 fabianlehner Note Added: 67539
2021-11-30 19:59 tbart Note Added: 67612
2021-12-14 12:19 DenisChenu Relationship added has duplicate 17803
2021-12-14 12:19 DenisChenu Bug heat 4 => 12
2021-12-14 13:27 galads Note Added: 67787
2021-12-14 13:27 galads Bug heat 12 => 14
2022-03-31 11:27 galads Priority none => normal
2022-07-09 11:26 fabianlehner Note Added: 70812
2022-07-12 14:44 tbart Note Added: 70885
2022-08-16 18:23 c_schmitz Relationship added has duplicate 17583
2022-08-16 18:23 c_schmitz Bug heat 14 => 22
2022-08-16 18:25 c_schmitz Status confirmed => resolved
2022-08-16 18:25 c_schmitz Resolution open => fixed
2022-08-16 18:25 c_schmitz Fixed in Version => 5.3.x
2022-08-16 18:47 c_schmitz Note Added: 71446
2022-08-16 18:47 c_schmitz Bug heat 22 => 24
2022-09-27 21:44 c_schmitz Status resolved => closed