-
Posts
5 -
Joined
-
Last visited
-
Days Won
1
Posts posted by CY.
-
-
-
Hello,
Email verification has a problem on client side. If you open contact edit page for a special contact, it generates an error. Special contact does not have any record on email_verifications table. These contacts can be created when you upgraded to newest Blesta version(in our case). If you decided to disable email verification then enable again, special contacts can be created because created contacts does not have any email_verifications record . ClientContacts controller gets $email_verification variable as false then Blesta try to access contact_id property of "false" variable.
// Check if the email address has been verified $this->uses(['EmailVerifications']); $email_verification = $this->EmailVerifications->getByContactId($contact->id); $time = time(); $hash = $this->Clients->systemHash('c=' . $email_verification->contact_id . '|t=' . $time); $message = Language::_( 'ClientContacts.!info.unverified_email', true, $email_verification->email ); $options = [ 'info_buttons' => [ [ 'url' => $this->base_uri . 'verify/send/?sid=' . rawurlencode( $this->Clients->systemEncrypt( 'c=' . $email_verification->contact_id . '|t=' . $time . '|h=' . substr($hash, -16) ) ), 'label' => Language::_('ClientContacts.!info.unverified_email_button', true), 'icon_class' => 'fa-share' ] ] ];
$email_verification->contact_id should be $contact->id and that verify button part should be visible only email verification is enabled.
-
Hello,
Blesta accepts UTF-8 characters. However validations functions calculates string lengths incorrect.
public static function minLength($str, $length) { return strlen($str) >= $length; }
As you can see strlen counts as bytes. And "ü" character is counted as 2 rather than 1. Blesta needs to change strlen to mb_strlen which is more safe to unicode characters.
php > echo strlen("Türkish"); 8 php > echo mb_strlen("Türkish"); 7
-
Blesta OTP QR code does not include Issuer
in Bugs
Posted
If a client enables 2-factor authentication in its Blesta account, Google Authenticator does not show Issuer information.
in blesta/app/views/client/bootstrap/client_main_edit.pdt
Below code
should be
which encodes chs parameter correctly.