| Summary | User can't get back recompose data -- gets ".. |
| Queue | IMP |
| Queue Version | 4.3.2 |
| Type | Bug |
| State | Resolved |
| Priority | 2. Medium |
| Owners | slusarz (at) horde (dot) org |
| Requester | coleman (at) boulder (dot) nist (dot) gov |
| Created | 12/31/2008 (6030 days ago) |
| Due | |
| Updated | 01/08/2009 (6022 days ago) |
| Assigned | 01/04/2009 (6026 days ago) |
| Resolved | 01/08/2009 (6022 days ago) |
| Github Issue Link | |
| Github Pull Request | |
| Milestone | |
| Patch | No |
State ⇒ Resolved
http://cvs.horde.org/diff.php/imp/compose.php?rt=horde&r1=2.800.2.120&r2=2.800.2.121&ty=u
Priority ⇒ 2. Medium
State ⇒ Assigned
Priority ⇒ 3. High
Type ⇒ Bug
Summary ⇒ User can't get back recompose data -- gets "..
Queue ⇒ IMP
Milestone ⇒
Patch ⇒ No
State ⇒ Unconfirmed
the user gets the error "We cannot verify that this request was really
sent by you. It could be a malicious request." The problem is due to
the $_SESSION variable being unset when
the user was logged out. When the user logs back into the compose
page, checkRequestToken returns an error since the SESSION was erased,
thus the value
of $_SESSION['horde_form_secrets'] is NULL. This can never be set in
this situation
since the code to set it occurs further down in compose.php when it is
set as a part of
setting the template for the compose window further in the code.