View Issue Details

Related ChangesetsJump to NotesJump to History
This bug affects 1 person(s).
 8
IDProjectCategoryView StatusDate SubmittedLast Update
11633Bug reportsSurvey participants (Tokens)public2016-09-07 10:122016-09-08 12:27
ReporterMazi Assigned Tomarkusfluer 
PriorityurgentSeveritypartial_block 
Status closedResolutionfixed 
Product Version2.51.x 
Target Version2.51.xFixed in Version2.52.x 
Summary11633: User can access closed surveys of no tokens were generated
Description

Users are currently able to access closed surveys even though a token table was set up and token data sets were added.
NO tokens were created yet.

Steps To Reproduce
  1. Import the attached survey.
  2. Click the start survey icon.
  3. You are NOT asked for a token but can directly start the survey.
Additional Information

Please remove attached test survey before making this report public

TagsNo tags attached.
Bug heat8
Complete LimeSurvey version number (& build)160907
I will donate to the project if issue is resolvedNo
BrowserChrome
Database type & versionMySQL 5
Server OS (if known)Linux
Webserver software & version (if known)Apache 2
PHP Version5.5

Users monitoring this issue

There are no users monitoring this issue.

Activities

ollehar

ollehar

2016-09-07 10:21

administrator   ~40704

How and when did you create the token table? If I delete and re-create it, it works again.
ollehar

ollehar

2016-09-07 10:54

administrator   ~40705

This commit is to blame: https://github.com/LimeSurvey/LimeSurvey/commit/f5606a3ac2a0f72dd0f0470ad14ddf1031d76b51
ollehar

ollehar

2016-09-07 10:55

administrator   ~40706

But it's not possible to revert it because
1) It's too big
2) I've refactored files after, so there are too many conflicts.
Mazi

Mazi

2016-09-07 12:08

updater   ~40707

Olle, the token table was created during survey creation.

But even if I de-activate the survey, then activate again and during activation decide to use tokens and then loading the old, backed up token table, I can still enter the survey without being asked for a token.

Thus, I assume the token check somehow fails. Maybe it checks if the not existing token is empty...?
Something like "..WHERE token='$token'" with $token being empty AND the token table containing empty tokens?
c_schmitz

c_schmitz

2016-09-07 12:43

administrator   ~40709

Actually this only seems to happen if none of the participants have a token code.
markusfluer

markusfluer

2016-09-07 12:56

administrator   ~40710

Last edited: 2016-09-07 12:57

After closer examination i could reproduce the bug.
The bug ONLY occurs when there is a token table and all the tokens are empty.
It is due to an incomplete comparison, that only checks if the token exists in the database.
Though token is empty and clienttoken (The POST/SESSION-token) is also empty they match, leading to a seemingly unsecured survey.
If there are tokenstrings inside the token table the problem is not occuring.
The incomplete comparison is fixed.
markusfluer

markusfluer

2016-09-07 12:56

administrator   ~40711

Fix committed to master branch: http://bugs.limesurvey.org/plugin.php?page=Source/view&id=20420
c_schmitz

c_schmitz

2016-09-08 12:27

administrator   ~40731

Version 2.51.4 released.

Related Changesets

LimeSurvey: master 37f60ab6

2016-09-07 12:56

markusfluer


Details Diff		 Fixed issue 11633: User can access closed surveys of no tokens were generated Affected Issues
11633
mod - application/controllers/survey/index.php Diff File
mod - application/helpers/frontend_helper.php Diff File

Issue History

Date Modified Username Field Change
2016-09-07 10:12 Mazi New Issue
2016-09-07 10:12 Mazi File Added: survey_archive_292873.lsa
2016-09-07 10:13 c_schmitz View Status public => private
2016-09-07 10:21 ollehar Note Added: 40704
2016-09-07 10:54 ollehar Note Added: 40705
2016-09-07 10:55 ollehar Note Added: 40706
2016-09-07 12:08 Mazi Note Added: 40707
2016-09-07 12:43 c_schmitz Note Added: 40709
2016-09-07 12:43 c_schmitz Priority none => urgent
2016-09-07 12:44 c_schmitz Assigned To => markusfluer
2016-09-07 12:44 c_schmitz Status new => assigned
2016-09-07 12:44 c_schmitz File Deleted: survey_archive_292873.lsa
2016-09-07 12:44 c_schmitz View Status private => public
2016-09-07 12:56 markusfluer Note Added: 40710
2016-09-07 12:56 markusfluer Changeset attached => LimeSurvey master 37f60ab6
2016-09-07 12:56 markusfluer Note Added: 40711
2016-09-07 12:56 markusfluer Resolution open => fixed
2016-09-07 12:57 markusfluer Note Edited: 40710
2016-09-07 12:57 markusfluer Status assigned => resolved
2016-09-07 12:57 markusfluer Fixed in Version => 2.52.x
2016-09-08 12:27 c_schmitz Note Added: 40731
2016-09-08 12:27 c_schmitz Status resolved => closed
2016-12-08 10:39 c_schmitz Category Tokens => Survey participants (Tokens)