[#MDL-9168] nested site policy when forcelogin enabled and policy file stored in coursefiles

Issue Details (XML | Word | Printable)

Key:	MDL-9168
Type:	Bug
Status:	Resolved
Resolution:	Fixed
Priority:	Major
Assignee:	Petr Škoda (skodak)
Reporter:	Andrea Bicciolo
Votes:	0
Watchers:	1

Operations

Add/Edit UI Mockup to this issue

If you were logged in you would be able to see more operations.

Moodle

nested site policy when forcelogin enabled and policy file stored in coursefiles

Created: 02/Apr/07 06:28 PM Updated: 14/May/07 03:42 AM

Component/s:

Authentication

Affects Version/s:

1.8

Fix Version/s:

1.8.1

File Attachments:

None

Image Attachments:

1. script.gif
(4 kB)

Issue Links:

Relates

This issue has been marked as being related by:

~~MDL-9798~~ IE times out on policy page because of object tag

Participants:	Andrea Bicciolo, Petr Škoda (skodak) and Ray Lawrence
Security Level:	None
Resolved date:	14/May/07
Affected Branches:	MOODLE_18_STABLE
Fixed Branches:	MOODLE_18_STABLE

Description

« Hide

When uploading an html file and filling the policy location on the Moodle Amdin Settings, policy.php page shows itself in a nested fashion in the iframe where the uploaded html should appear. To reproduce:
1. create a html file, either ISO8559-1 or UTF8 encoded, either using strict or loose DTD.
2. upload the file and fill the policy admin setting
3. logoff and manually create a new account
4. after receiving the email confirmation, click on the link to confirm the new account
5. look at the policy.php page, nesting istelf in the IFRAME.

The problem appears both on IE7 and Firefox 1.5. Apparently in a random fashion, the problem may not appear, so to fully troubleshoot the problem please try again if the page displays correclty.

All

Comments

Change History

Version Control

Sort Order:

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 02/Apr/07 10:40 PM

What is your forcelogin setting?

You can not view uploaded files before confirming the policy if forcelogin enabled. The randomness could be caused by browser caching.

I am evaluating option to skip require login in file.php for policy file itself...

[ Permalink | « Hide ]

Andrea Bicciolo added a comment - 02/Apr/07 10:45 PM

Forcelogin is enabled. Would it be simpler to let admins edit policies directly using a browser rather than uploading a file? Would it leave easier teh solution?

[ Permalink | « Hide ]

Andrea Bicciolo added a comment - 02/Apr/07 11:03 PM

Another possible solution to this issue: let people accept the policy when creating a new account.

Currently formslib support all the existing mdl_users database fields, including "policyagreed". Thus:
1. add a flag into admin settings, "new account must agree policy" (instead of policy path)
2. add a editor box where policy can be added
3. if new "account must agree" is true, then signup_form.php will display a checkbox and the text entered in point.2
4. checkbox shall be stored in "policyagreed" into mdl_user table.

Very rough code to be refined prior to add to signup_form.php:

$privacystring = 'I agree.......';
$mform->addElement('checkbox', 'policyagreed', $privacystring);
$mform->setType('policyagreed', PARAM_BOOL);
$mform->addRule('policyagreed', 'You have to accept policy to create e new account', 'required', null, 'client');

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 03/Apr/07 12:07 AM

I have already discussed the site policy on signup page - it will be in 1.9, no new features in 1.8.x, sorry

I am going to commit a patch soon and some other fixes too.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 03/Apr/07 12:07 AM

oh
... discussed with Martin...

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 03/Apr/07 12:15 AM

should be fixed in cvs, thanks for the report.

[ Permalink | « Hide ]

Ray Lawrence added a comment - 13/May/07 06:15 PM

Updated to latest 1.8+ today. This issue is still present i.e. policy is still nested. Policy file is a html file in site files.

Causes lock up in IE 6.

Force log in is off.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 13/May/07 10:54 PM

hmm, it always worked with forcelogin off, I think this is different problem. Please describe exacts steps needed to reproduce the problem (file names, locations, etc.) and please send me a test account via email and URL (skodak at moodle dot org).

thanks

[ Permalink | « Hide ]

Ray Lawrence added a comment - 14/May/07 12:02 AM

Create a html file policy.html
Upload to site files in 1.8.+ site
Enter path to above file at .....moodle/admin/settings.php?section=sitepolicies i.e http://mysite.co.uk/moodle/file.php/1/policy.html
Attempt to log in.
Site policy "pane" was filled with nested site policies on client machine, now testing in office and site policy is displayed without nesting.
On both computers when the button is clicked to accept the policy the browser hangs.

Only in IE 6, FF works fine

[ Permalink | « Hide ]

Ray Lawrence added a comment - 14/May/07 12:09 AM

Update, I received this warning in IE6. When I cleared the message I was able to accept the policy and enter.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 14/May/07 12:29 AM

Works fine for me in nonIE browsers, you could try to fix the policy file to contain valid HTML (it is missing html and body tags).

[ Permalink | « Hide ]

Ray Lawrence added a comment - 14/May/07 12:38 AM

Fixed. Still not working in IE6. Confirm works fine here using Firefox.

[ Permalink | « Hide ]

Petr Škoda (skodak) added a comment - 14/May/07 03:35 AM

the problem is in IE itself, it can not redirect when the policy page contains object tag

I am going to file a new issue for it.

All content on this web site is made available under the GNU General Public License, unless otherwise stated.