Deleted Accounts Break Multiple Views

380
Defect
Jack
3.3
3.2.2
Core
Fixed
Highest
Blocker
4 years ago
3 years ago
0

Description

What did you do to cause this?

Deleted some spam accounts that had been created during a period of high traffic on an older version of Traq.

What page were you on?

Examples of pages and how they break when users are removed:

What PHP and MariaDB versions do you run?

PHP: 5.3.3-7+squeeze17

MySQL: 5.1.66-0+squeeze1-log

Describe the defect:

There should be some sort of failover in the event of deleted accounts, especially since there does not appear to be a way to restore the account once it has been deleted.

Because of this, it means numerous pages (as well as any page which depends on that page) are either no longer accessible, or have all formatting and style stripped while providing only partial content.

Since recent changes have allowed for the removal of elements from the timeline, I would imagine the ideal solution would be maintain the event / reference to the specific account which used to exist; however, do not provide a link to the user view.

In lieu of this, due to the scope of such a change, a fast compromise would be to, on inability to find an account reference, fill the field with "Anonymous" until a more suitable solution can be found. As it stands now, large portions of our Traq install are now inaccessible.

Ticket History

4 years and 1 month ago by Tilius

Note from Jamie:

This appears to be some sort of weird issue per http://bugs.traq.io/traq/tickets/379.

Basically just wanted to say that, I was able to make an "interim" fix with the following edits:

vendor\traq\views\default\projects\timeline.phtml, lines 27-37

<?php if (is_object($row->ticket())) { echo HTML::link(
    l("timeline.{$row->action}",
        array(
            'ticket_summary'     => htmlspecialchars($row->ticket()->summary),
            'ticket_id'          => $row->ticket()->ticket_id,
            'ticket_type_name'   => $row->ticket()->type->name,
            'ticket_status_name' => ($row->action == 'ticket_updated' ? null : $row->ticket_status()->name)
        )
    ),
    $row->ticket()->href()
); } else { echo "Deleted"; } ?>

vendor\traq\views\default\projects\timeline.phtml, line 48:

if (is_object($row->user)) { echo l('timeline.by_x', HTML::link(strshorten($row->user->name, 20), $row->user->href())); } else { echo "Deleted"; }

vendor\traq\views\default\tickets\index.phtml, line 30:

if (is_object($ticket->user)) { echo HTML::link(strshorten($ticket->user->name, 20), $ticket->user->href()); } else { echo "Deleted"; }

vendor\traq\views\default\tickets\view.phtml, line 19:

if (is_object($ticket->user)) { echo HTML::link(strshorten($ticket->user->name, 20), $ticket->user->href()); } else { echo "Deleted"; }

It is worth noting that these were just the spots I had to do a quick and dirty hack to allow our pages to load, but a more robust / appropriate solution would be desirable - especially since this does not address every possible use case.

4 years and 1 month ago by Jamie R. McPeek

Point of clarification:

Ticket #379 and #380 are not related.

Whatever is causing Ticket #379 to occur was preventing me from viewing this ticket (502 Bad Gateway), only when logged in, until Tilius added a comment, thus the reason for having him add updated information.

4 years and 1 month ago by Jamie R. McPeek

Another location on the main tickets page, being the history / comments:

vendor\traq\views\default\tickets\view.phtml, line 125:

(is_object($update->user)) ? HTML::link(strshorten($update->user->name, 20), $update->user->href()) : "Deleted"

4 years and 1 month ago by Jack

  • Changed Status from New to Accepted
  • Assigned ticket to Jack

I think the way I will handle this and stop it from happening in the future is to use the Anonymous user.

3 years and 12 months ago by Jack

  • Set Component to Core
  • Changed Severity from Normal to Blocker
  • Changed Priority from Normal to Highest
  • Changed Status from Accepted to Started

3 years and 12 months ago by Jack

  • Closed ticket as Fixed

This should be fixed, I ran a quick test locally and it worked. However you may want to test it before running it on a production database, or at least after backing it up.