PHP Pro Bid - Bug Tracker http://www.phpprobid.com/dev/bugs/ PHP Pro Bid - Bug Tracker PHP Pro Bid: Recently closed tasks 2017-11-14T07:30:28Z FS#383: Email to Friend Flawed and Possible Spam Tool http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=383 2017-11-14T07:30:28Z Antar We tested the email listing to a friend feature and it is possible to repeat the same email address hundreds of times in the Email Addresses field and the page will take a while but process all the requests in the form. 1- Same email address was addressed 100 times - Script allowed it to go through and we received 100 emails to same email. Not good!2- Works the same way even if a list of comma delimited emails is pasted there. Not good either! This opens up the server operator to grey and blacklisting when this feature is abused either intentionally or not. It’s like having an open relay! The form should not allow the same email address more than once, it should remove dupes. Also a limit on the number of email addresses allowed, perhaps the easiest fix is a max length on the email addresses field itself. We tested the email listing to a friend feature and it is possible to repeat the same email address hundreds of times in the Email Addresses field and the page will take a while but process all the requests in the form.

1- Same email address was addressed 100 times - Script allowed it to go through and we received 100 emails to same email. Not good!
2- Works the same way even if a list of comma delimited emails is pasted there. Not good either!

This opens up the server operator to grey and blacklisting when this feature is abused either intentionally or not. It’s like having an open relay!

The form should not allow the same email address more than once, it should remove dupes. Also a limit on the number of email addresses allowed, perhaps the easiest fix is a max length on the email addresses field itself.

]]>
FS#359: ISSUE: HTML EDITOR IS NOT RENDERING SOME HTML PROPERLY! http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=359 2017-11-01T08:19:01Z Antar As mentioned to you in a separate email, custom html pasted in the online html editor does not render certain tags at all, such as line breaks, unordered and ordered lists. Our initial test was from Visual Studio and Dreamweaver html editors. Further testing now confirms that the online html editor is also useless and does not render any kind of lists as well as line breaks. This is simply unacceptable if we are going to charge money for listings. If you look at any listings on marketplaces such as eBay, Amazon, Wayfair, Etsy, Rakuten etc…, the vast majority, if not all of listings utilize disc style lists to display items specs. We cannot ask out users to use special tags that override bootstrap css! We can try something like this in our version, but if we start playing around with our CSS and code at the get go, we will end up with a custom version in a week! @import url(’//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-theme.min.css’);ul {list-style-type: disc !important;padding-left:1em !important;margin-left:1em;} We strongly recommend that you do something about this in your next version and looking forward for your recommendation to fix the online html editor! As mentioned to you in a separate email, custom html pasted in the online html editor does not render certain tags at all, such as line breaks, unordered and ordered lists. Our initial test was from Visual Studio and Dreamweaver html editors. Further testing now confirms that the online html editor is also useless and does not render any kind of lists as well as line breaks. This is simply unacceptable if we are going to charge money for listings. If you look at any listings on marketplaces such as eBay, Amazon, Wayfair, Etsy, Rakuten etc…, the vast majority, if not all of listings utilize disc style lists to display items specs. We cannot ask out users to use special tags that override bootstrap css!

We can try something like this in our version, but if we start playing around with our CSS and code at the get go, we will end up with a custom version in a week!

@import url(’//netdna.bootstrapcdn.com/bootstrap/3.0.0/css/bootstrap-theme.min.css’);
ul {
list-style-type: disc !important;
padding-left:1em !important;
margin-left:1em;
}

We strongly recommend that you do something about this in your next version and looking forward for your recommendation to fix the online html editor!

]]>
FS#371: Enable Force Payment display issue http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=371 2017-10-31T12:34:00Z Antar When this setting is enabled in the admin section, only minutes are allowed. If we want to set it up for three days, we enter 4320 minutes. Now when the user sees this on their end, it looks funny and unprofessional. This is what the user see: “If this option is enabled, sales will automatically cancelled unless marked as paid within 4320 minutes.” This needs to have proper conversion on the user’s end, so the user reads something that makes sense. This is like telling someone, see in 1440 minutes instead of saying see you tomorrow. When this setting is enabled in the admin section, only minutes are allowed. If we want to set it up for three days, we enter 4320 minutes. Now when the user sees this on their end, it looks funny and unprofessional. This is what the user see: “If this option is enabled, sales will automatically cancelled unless marked as paid within 4320 minutes.”

This needs to have proper conversion on the user’s end, so the user reads something that makes sense. This is like telling someone, see in 1440 minutes instead of saying see you tomorrow.

]]>
FS#360: ISSUE: IMAGE UPLOAD PROCESSING ISSUES – MULTIPLE ISSUES! http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=360 2017-10-25T10:43:35Z Antar 1- This can be reproduced by dragging one or more jpeg image(s) and dropping over the select images green button or anywhere near It. The loader will start uploading to images and media at the same time. Image will succeed unless below scenario is true, media will obviously not! 2- Uploading a group of images will fail all together, if one of them happen to be over the upload size limit. Again, all will fail after quite a wait and without any error messages. Example: Maximum image upload is set to 8 MB per image with 12 images being uploaded at once. Image 1,2,3,4,5,6,7,8,9,11,12 are under 8 MB, while image 10 is 15 MB. After waiting for quite some time, the upload failed all together and no warning was displayed on the screen upon return to the station. Repeated the process and same thing happened. The size of the image must be checked prior to wasting server resources and then breaking the code! 3- Another test was done on single files over the upload limit, no warning is being shown on media or images over the limit 4- Media file upload limits not working. Testing was first done with 10 MB mp4 file. Our set limit is 20 MB for each video with 5 allowed for free. The server set limit is 30MB for each upload. The 10 MB file mp4 was taken with a Windows phone. It does not upload and no warning is shown in the listing page. It shows the progress bar then bar disappears and no warning or video uploaded. We used handbrake to bring it down in size and it worked! We tested again with three videos and nothing over 10 MB is uploading. Here is the confirmation on the back end side of our set limits. 5- The order/language of the upload form text is not logical (images and media uploads): You can upload up to 15 images. Order Arrange images by drag and drop.(+$0.25 / image)First 12 uploaded images are free. Additional images are $0.25 per image. 6- We noticed that images are not being renamed on upload. This is not a good practice. Image names should be renamed and optimized. See optimizing issues to follow… 7- Uploaded image increased in file size three folds! We tested an optimized 500KB jpeg (batched with jpeg @ 80% quality in Adobe Fireworks) and downloaded it back to find out the size is now 1.57 MB. How is that possible? The original image was 1900 x 1337 @ 314 dpi (taken with an average consumer grade Olympus camera) and although it was sized down to 1200 x 844 on the server, the file size increased three folds (both files attached). I tested this again with other images, and again the size increased on the server by at least 1MB with each image. Image uploads must have proper optimization done prior to saving on the server. So far, we tested 20 images, 15 had file size increases. 8- Since the optimization on the images are buggy, the listing loaded slowly and large images loaded so slow, like we are back on dial up! 1- This can be reproduced by dragging one or more jpeg image(s) and dropping over the select images green button or anywhere near It. The loader will start uploading to images and media at the same time. Image will succeed unless below scenario is true, media will obviously not!

2- Uploading a group of images will fail all together, if one of them happen to be over the upload size limit. Again, all will fail after quite a wait and without any error messages. Example: Maximum image upload is set to 8 MB per image with 12 images being uploaded at once. Image 1,2,3,4,5,6,7,8,9,11,12 are under 8 MB, while image 10 is 15 MB. After waiting for quite some time, the upload failed all together and no warning was displayed on the screen upon return to the station. Repeated the process and same thing happened. The size of the image must be checked prior to wasting server resources and then breaking the code!

3- Another test was done on single files over the upload limit, no warning is being shown on media or images over the limit

4- Media file upload limits not working. Testing was first done with 10 MB mp4 file. Our set limit is 20 MB for each video with 5 allowed for free. The server set limit is 30MB for each upload. The 10 MB file mp4 was taken with a Windows phone. It does not upload and no warning is shown in the listing page. It shows the progress bar then bar disappears and no warning or video uploaded. We used handbrake to bring it down in size and it worked! We tested again with three videos and nothing over 10 MB is uploading. Here is the confirmation on the back end side of our set limits.

5- The order/language of the upload form text is not logical (images and media uploads):
You can upload up to 15 images. Order Arrange images by drag and drop.
(+$0.25 / image)
First 12 uploaded images are free. Additional images are $0.25 per image.

6- We noticed that images are not being renamed on upload. This is not a good practice. Image names should be renamed and optimized. See optimizing issues to follow…

7- Uploaded image increased in file size three folds! We tested an optimized 500KB jpeg (batched with jpeg @ 80% quality in Adobe Fireworks) and downloaded it back to find out the size is now 1.57 MB. How is that possible? The original image was 1900 x 1337 @ 314 dpi (taken with an average consumer grade Olympus camera) and although it was sized down to 1200 x 844 on the server, the file size increased three folds (both files attached). I tested this again with other images, and again the size increased on the server by at least 1MB with each image. Image uploads must have proper optimization done prior to saving on the server. So far, we tested 20 images, 15 had file size increases.

8- Since the optimization on the images are buggy, the listing loaded slowly and large images loaded so slow, like we are back on dial up!

]]>
FS#384: Account Setting page issue with page title after an edit http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=384 2017-10-24T10:11:02Z Antar When editing info in account setting page, after submission, the title of the page shown is wrong “Edit User”! When editing info in account setting page, after submission, the title of the page shown is wrong “Edit User”!

]]>
FS#389: Submitting an item with same category and sub category allowed! http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=389 2017-10-17T11:18:52Z Antar This was tested in listings, auctions and classifieds and should not be allowed to happen. This was tested in listings, auctions and classifieds and should not be allowed to happen.

]]>
FS#402: Putting the site in Maintenance Mode does not prevent 404 errors sitewide http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=402 2017-10-17T10:40:15Z Antar Scenario: Admin puts website in Maintenance Mode. Search engines and users access website using indexed and stored urls such as: http://domain.com/login They get 404 Error Page cannot be found and header and footer load normally. This is just one of so many URLs that the Maintenance Mode does not redirect to the Maintenance Mode page. The website put in Maintenance Mode must let search engines know that this is a temporary state, not sure how to communicate 503 status. 404 Not Found simply put is that the server has not found a matching page and pages will be removed from the search engine’s index. The website needs to be put on a 503 state while it is down for maintenance and this needs to be communicated to search engines somehow. Please see: https://tools.ietf.org/html/rfc2616?__hstc=103427807.d9bf05570c90b0d8177c4e894df3a291.1488349862009.1488349862009.1488349862009.1&__hssc=103427807.1.1488349862010&__hsfp=3478827707 Scenario: Admin puts website in Maintenance Mode. Search engines and users access website using indexed and stored urls such as:

http://domain.com/login

They get 404 Error Page cannot be found and header and footer load normally.

This is just one of so many URLs that the Maintenance Mode does not redirect to the Maintenance Mode page.

The website put in Maintenance Mode must let search engines know that this is a temporary state, not sure how to communicate 503 status.

404 Not Found simply put is that the server has not found a matching page and pages will be removed from the search engine’s index.

The website needs to be put on a 503 state while it is down for maintenance and this needs to be communicated to search engines somehow.

Please see: https://tools.ietf.org/html/rfc2616?__hstc=103427807.d9bf05570c90b0d8177c4e894df3a291.1488349862009.1488349862009.1488349862009.1&__hssc=103427807.1.1488349862010&__hsfp=3478827707

]]>
FS#377: Edit vouchers, addresses, bank accounts opens in the wong section http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=377 2017-10-16T11:55:54Z Antar When a seller editing an existing voucher, the page opens outside of the section where the breadcrumbs are gone and the side menu location of the page is also lost! Unlike the create new voucher which stays in the same section / and retains the breadcrumbs. This issue was also reported while editing addresses and bank accounts. When a seller editing an existing voucher, the page opens outside of the section where the breadcrumbs are gone and the side menu location of the page is also lost! Unlike the create new voucher which stays in the same section / and retains the breadcrumbs. This issue was also reported while editing addresses and bank accounts.

]]>
FS#386: Add new address, add new bank pages issues http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=386 2017-10-16T11:55:20Z Antar Add new address, bank account pages and other sections in the members area break out of their sections and breadcrumbs. Also reported this with edits. Add new address, bank account pages and other sections in the members area break out of their sections and breadcrumbs.

Also reported this with edits.

]]>
FS#361: ISSUE: ACCOUNT DETAILS PAGE ISSUES & ADMIN USERNAME DISPLAYED TO USERS IN MESSAGES & EMAILS! http://www.phpprobid.com/dev/bugs/index.php?do=details&task_id=361 2017-10-16T11:30:33Z Antar 1- Account details divs and form elements are all over the place. Can use better arranging and spacing. 2- Both buttons above allow for MULTIPLE ZERO withdrawals and credits. We get this screen confirming a FREE withdrawal request and the admin gets the emails too. This bug needs to get fixed asap. Again, not production quality! 3- Finally, on the page and messages pages, messages sent from the admin accounts show the admin username. This is bad for site security! Why not just show Website Admin. Also, the email that the users gets of the incoming message, shows the admin username. Now a good hacker has one less hurdle. Crack the admin password and they have site control. 1- Account details divs and form elements are all over the place. Can use better arranging and spacing.

2- Both buttons above allow for MULTIPLE ZERO withdrawals and credits. We get this screen confirming a FREE withdrawal request and the admin gets the emails too. This bug needs to get fixed asap. Again, not production quality!

3- Finally, on the page and messages pages, messages sent from the admin accounts show the admin username. This is bad for site security! Why not just show Website Admin. Also, the email that the users gets of the incoming message, shows the admin username. Now a good hacker has one less hurdle. Crack the admin password and they have site control.

]]>