0004784: Clicking the validation link in an email at Hotmail causes App Error #-12 - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0004784	mantisbt	email	public	2004-10-27 10:46	2012-09-03 02:16

Reporter	Jason8765	Assigned To	atrol
Priority	normal	Severity	block	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	0.19.0

Summary	0004784: Clicking the validation link in an email at Hotmail causes App Error #-12
Description	If you signup with an account using a hotmail email account, when you click the link in the email, the link opens up in a frame with the Hotmail banner in the top frame, and it shows the User Preferences form. When you click Updater User, it says your account is protected and cannot be changed until the protection is removed, and you are no longer logged in as your username, but as Guest, the anonymous account.
Steps To Reproduce	Register using a Hotmail Email address. Find the email at hotmail, and click the validation link inside it. Type a password and confirm it, then click Update. You get Application Error #-12
Tags	No tags attached.

Jason8765 2004-11-07 16:25 reporter ~0008271	Another of my members said they received the error using Outlook Express as well, but copying and pasting the url into a new browser window worked... Weird

grangeway 2004-11-07 16:58 reporter ~0008273	I think this is actually an error being carried across from the adodb library: define("DB_ERROR_INVALID_DATE", -12); Depending on your own PHP skills, are you able to diagnose whether this is the case, and if so, what query failed? If not, i'll try and find some time to take a quick look Paul

Jason8765 2004-11-08 03:17 reporter ~0008277	No, the error is raised because the cookie for the user session is not been saved. So when the user clicks Update User, they are essentially attempting to update the protected Guest account I've made. I ran some tests, might be a bug in Internet Explorer. Page 1 will set session cookie Page 2 will get Session cookie (link to this page on page 1) Internet Explorer: Visit page 1, click link, page 2 says cookie is set. Internet Explorer (page in a frame): Visit page 1, click link, page 2 says cookie IS NOT set. Firefox: Visit page 1, click link, page 2 says cookie is set. Firefox (page in a frame): Visit page 1, click link, page 2 says cookie is set. Seems internet explorer is refusing to save the session cookie that Mantis is setting... http://support.microsoft.com/kb/323752/EN-US/ It's something to do with a new P3P Privacy Policy http://msdn.microsoft.com/library/default.asp?url=/workshop/security/privacy/overview/createprivacypolicy.asp http://www.w3.org/P3P/ I'll take a closer look at it myself later and see if I can find any solution to the Hotmail problem, but I suppose an easier option would be to use Javascript to remove the Hotmail frame.

Jason8765 2004-11-08 03:19 reporter ~0008278	Also it works fine with all other version of internet explorer. It's just IE 6.0 that the problem is with.

cor3huis 2011-04-07 11:14 reporter ~0028556	Could not reproduce this. Should the 0.19.x versions still be blocking? IMHO close the issue.

atrol 2012-08-24 16:27 developer ~0032641	Setting this issue to fixed, as this was reported to an old versions of MantisBT which is not longer supported. Feel free to reopen the issue if there are still problems after upgrading.