This is an automated email from the ASF dual-hosted git repository.
jleroux pushed a commit to branch release18.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-plugins.git
The following commit(s) were added to refs/heads/release18.12 by this push:
new 2520f93 Fixed: Link in verification email for Newsletter gives
security error (OFBIZ-9804)
2520f93 is described below
commit 2520f9357e5b960309be67b4f0733e2dd56deeaf
Author: Jacques Le Roux <[email protected]>
AuthorDate: Sun Nov 10 10:59:01 2019 +0100
Fixed: Link in verification email for Newsletter gives security error
(OFBIZ-9804)
Changes ContactListEmailTemplate.ftl to also use GET.
Because we dont' want a form to ask, but only to hide parameters.
See details in Jira.
Handles the emails also in ecomseo after OFBIZ-11278
I have still to see why I get this message at the end of the process:
"Invalid verify code for the New Product Announcements"
ie when using the link in the last (3rd) email:
"Subscribe Contact List New Product Announcements"
This will be another Jira..!
---
.../template/email/ContactListEmailTemplate.ftl | 22 +++++++++-------------
.../template/email/ContactListSubscribeEmail.ftl | 4 +++-
.../template/email/ContactListUnsubscribeEmail.ftl | 7 -------
.../email/ContactListUnsubscribeVerifyEmail.ftl | 3 +++
.../template/email/ContactListVerifyEmail.ftl | 3 +++
5 files changed, 18 insertions(+), 21 deletions(-)
diff --git a/ecommerce/template/email/ContactListEmailTemplate.ftl
b/ecommerce/template/email/ContactListEmailTemplate.ftl
index eb0fed5..71ee21e 100644
--- a/ecommerce/template/email/ContactListEmailTemplate.ftl
+++ b/ecommerce/template/email/ContactListEmailTemplate.ftl
@@ -21,18 +21,14 @@ under the License.
<div>
${content}
</div>
- <#assign verifyUrl = baseEcommerceSecureUrl +
"updateContactListPartyNoUserLogin" />
- <form method="post" action="${verifyUrl}">
- <fieldset>
- <label>E-mail: ${emailAddress}</label>
- <input type="hidden" name="contactListId" value="${contactListId}"/>
- <input type="hidden" name="partyId" value="${partyId}"/>
- <input type="hidden" name="preferredContactMechId"
value="${preferredContactMechId!}"/>
- <input type="hidden" name="fromDate" value="${fromDate}"/>
- <input type="hidden" name="statusId" value="CLPT_UNSUBS_PENDING"/>
- <input type="hidden" name="optInVerifyCode"
value="${optInVerifyCode!}"/>
- <input type="submit" name="submitButton" value="Click here to
unsubscribe your newsletter subscription."/>
- </fieldset>
- </form>
+ <#if baseLocation == "/ecomseo">
+ <#assign baseLocation = "/ecommerce">
+ </#if>
+ <#assign verifyUrl = baseEcommerceSecureUrl
+'updateContactListPartyNoUserLogin?contactListId='+contactListId+'&partyId='+partyId+'&fromDate='+fromDate+'&statusId=CLPT_UNSUBS_PENDING&optInVerifyCode='+optInVerifyCode+'&baseLocation='+baseLocation!>
+ <#if preferredContactMechId??>
+ <#assign verifyUrl=
verifyUrl+"&preferredContactMechId="+preferredContactMechId>
+ </#if>
+ <a href="${verifyUrl}">Click here to unsubscribe your newsletter
subscription.</a>
+
</body>
</html>
diff --git a/ecommerce/template/email/ContactListSubscribeEmail.ftl
b/ecommerce/template/email/ContactListSubscribeEmail.ftl
index 52149a0..ab8896a 100644
--- a/ecommerce/template/email/ContactListSubscribeEmail.ftl
+++ b/ecommerce/template/email/ContactListSubscribeEmail.ftl
@@ -20,7 +20,9 @@ under the License.
<body>
<p>Hello ${partyName.firstName!} ${partyName.lastName!}
${partyName.groupName!}!</p>
<p>Successfully subscribed from ${contactList.contactListName} contact
list.</p>
-
+ <#if baseLocation == "/ecomseo">
+ <#assign baseLocation = "/ecommerce">
+ </#if>
<#assign verifyUrl = baseEcommerceSecureUrl
+'updateContactListPartyNoUserLogin?contactListId='+contactListParty.contactListId+'&partyId='+contactListParty.partyId+'&fromDate='+contactListParty.fromDate+'&statusId=CLPT_UNSUBS_PENDING&optInVerifyCode='+contactListPartyStatus.optInVerifyCode+'&baseLocation='+baseLocation!>
<#if (contactListParty.preferredContactMechId)??>
<#assign verifyUrl=
verifyUrl+"&preferredContactMechId="+contactListParty.preferredContactMechId>
diff --git a/ecommerce/template/email/ContactListUnsubscribeEmail.ftl
b/ecommerce/template/email/ContactListUnsubscribeEmail.ftl
index 2ea24e2..09c7140 100644
--- a/ecommerce/template/email/ContactListUnsubscribeEmail.ftl
+++ b/ecommerce/template/email/ContactListUnsubscribeEmail.ftl
@@ -20,12 +20,5 @@ under the License.
<body>
<p>Hello ${partyName.firstName!} ${partyName.lastName!}
${partyName.groupName!}!</p>
<p>Successfully unsubscribed from ${contactList.contactListName} contact
list.</p>
-
- <#--assign verifyUrl = baseEcommerceSecureUrl
+'updateContactListPartyNoUserLogin?contactListId='+contactListParty.contactListId+'&partyId='+contactListParty.partyId+'&fromDate='+contactListParty.fromDate+'&statusId=CLPT_SUBS_PENDING&optInVerifyCode='+contactListPartyStatus.optInVerifyCode+'&baseLocation='+baseLocation!>
- <#if (contactListParty.preferredContactMechId)??>
- <#assign verifyUrl=
verifyUrl+"&preferredContactMechId="+contactListParty.preferredContactMechId>
- </#if>
- <a href="${verifyUrl}">If this was by mistake, click here subscribe
again.</a-->
-
</body>
</html>
diff --git a/ecommerce/template/email/ContactListUnsubscribeVerifyEmail.ftl
b/ecommerce/template/email/ContactListUnsubscribeVerifyEmail.ftl
index 86ef198..d87f6c1 100644
--- a/ecommerce/template/email/ContactListUnsubscribeVerifyEmail.ftl
+++ b/ecommerce/template/email/ContactListUnsubscribeVerifyEmail.ftl
@@ -32,6 +32,9 @@ under the License.
<p>We have received a request for unsubscription to the
${contactList.contactListName} contact list.</p>
<p>To complete your unsubscription click the on the following link:</p>
+ <#if baseLocation == "/ecomseo">
+ <#assign baseLocation = "/ecommerce">
+ </#if>
<#assign verifyUrl =
baseEcommerceSecureUrl+'contactListOptOut?contactListId='+contactListParty.contactListId+'&communicationEventId='+communicationEventId!+'&partyId='+contactListParty.partyId+'&fromDate='+contactListParty.fromDate+'&statusId=CLPT_UNSUBSCRIBED&optInVerifyCode='+contactListPartyStatus.optInVerifyCode>
<#if (contactListParty.preferredContactMechId)??>
<#assign verifyUrl=
verifyUrl+"&preferredContactMechId="+contactListParty.preferredContactMechId>
diff --git a/ecommerce/template/email/ContactListVerifyEmail.ftl
b/ecommerce/template/email/ContactListVerifyEmail.ftl
index 1ce8965..78c322d 100644
--- a/ecommerce/template/email/ContactListVerifyEmail.ftl
+++ b/ecommerce/template/email/ContactListVerifyEmail.ftl
@@ -32,6 +32,9 @@ under the License.
<p>We have received a request for subscription to the
${contactList.contactListName} contact list.</p>
<p>To complete your subscription click the on the following link:</p>
+ <#if baseLocation == "/ecomseo">
+ <#assign baseLocation = "/ecommerce">
+ </#if>
<#assign verifyUrl =
baseEcommerceSecureUrl+'/'+'updateContactListPartyNoUserLogin?contactListId='+contactListParty.contactListId+'&partyId='+contactListParty.partyId+'&fromDate='+contactListParty.fromDate+'&statusId=CLPT_ACCEPTED&optInVerifyCode='+contactListPartyStatus.optInVerifyCode+'&baseLocation='+baseLocation!>
<#if (contactListParty.preferredContactMechId)??>
<#assign verifyUrl=
verifyUrl+"&preferredContactMechId="+contactListParty.preferredContactMechId>
