View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005717 | OXID eShop (all versions) | 1.05. Users | public | 2014-04-01 12:09 | 2024-01-26 07:36 |
| Reporter | martinwegele | Assigned To | |||
| Priority | low | Severity | minor | Reproducibility | always |
| Status | confirmed | Resolution | open | ||
| Product Version | 4.8.4 / 5.1.4 | ||||
| Summary | 0005717: Link for newsletter subscription can be reused | ||||
| Description | Because of the way the confirmation code for the double opt-in for the newsletter is constructed it can be reused again and again: https://github.com/OXID-eSales/oxideshop_ce/blob/v4.8.4/source/application/controllers/newsletter.php#L183 I am not sure if this is an intended behaviour. I would expect this link to be usable only once. | ||||
| Steps To Reproduce | In the demoshop go to "Newsletter" in the frontend (index.php?cl=newsletter), enter your e-mail address and click on subscribe. Open the e-mail you received for double opt-in and click on the link. Now check for your subscription status in the admin panel or the db. Next Unsubscribe on the same page you used before to subscribe for the newsletter. If you click on the link in the e-mail again you will be subscribed again. | ||||
| Tags | Newsletter | ||||
| Theme | All | ||||
| Browser | All | ||||
| PHP Version | Not defined | ||||
| Database Version | Not defined | ||||
