Development issueshttps://lab.civicrm.org/groups/dev/-/issues2019-08-08T03:27:12Zhttps://lab.civicrm.org/dev/core/-/issues/1109Contact Reference fields are not updated when merging contacts2019-08-08T03:27:12ZPatrick Figelpfigel@greenpeace.orgContact Reference fields are not updated when merging contactsWhen contacts are merged, any Contact Reference custom fields pointing to the contact that was deleted will not be updated to point to the remaining contact.
This is not a recent regression. It used to work in 4.6, but was broken at som...When contacts are merged, any Contact Reference custom fields pointing to the contact that was deleted will not be updated to point to the remaining contact.
This is not a recent regression. It used to work in 4.6, but was broken at some point after that. (Confirmed as broken in 5.7, 5.13 and master.)5.17.0https://lab.civicrm.org/dev/core/-/issues/562Remove instances of $dao->free2019-08-08T21:13:29ZeileenRemove instances of $dao->freeThe DAO object since ? 4.7.x? has been freed on _destruct. Using the $dao->free action has been demonstrated to create some rare bugs - ie. because query sets from the outer loop can be lost. There is no benefit in calling it any more an...The DAO object since ? 4.7.x? has been freed on _destruct. Using the $dao->free action has been demonstrated to create some rare bugs - ie. because query sets from the outer loop can be lost. There is no benefit in calling it any more and some harmhttps://lab.civicrm.org/dev/core/-/issues/1174CIVICRM_DEBUG_LOG_QUERY causes PHP to run out of memory (unreleased regression)2019-08-09T19:26:55ZPatrick Figelpfigel@greenpeace.orgCIVICRM_DEBUG_LOG_QUERY causes PHP to run out of memory (unreleased regression)When `CIVICRM_DEBUG_LOG_QUERY` is enabled, PHP seems to run out of memory on most (or all) pages:
Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 20480 bytes) in /Users/patrick/buildkit/build/xxx/we...When `CIVICRM_DEBUG_LOG_QUERY` is enabled, PHP seems to run out of memory on most (or all) pages:
Fatal error: Allowed memory size of 1073741824 bytes exhausted (tried to allocate 20480 bytes) in /Users/patrick/buildkit/build/xxx/web/sites/all/modules/civicrm/Civi/Core/Paths.php on line 91
I've bisected this down to 79ccdcdf4996dd1e54c36fb34b95c00ae45cde8a (https://github.com/civicrm/civicrm-core/pull/14222).
Not sure if this just affects `CIVICRM_DEBUG_LOG_QUERY` or if there's a more general memory usage regression around logging.
ping @mfb @eileenhttps://lab.civicrm.org/dev/financial/-/issues/31Text / Numeric Quantity fields in price sets allow negative value2019-08-12T21:15:44ZEvanText / Numeric Quantity fields in price sets allow negative valueWhen using a Text / Numeric Quantity field with a unit value of $1 (set to not show the price) in a price set as a method of collecting an "additional donation" during an event registration (or membership signup), the user can input a ne...When using a Text / Numeric Quantity field with a unit value of $1 (set to not show the price) in a price set as a method of collecting an "additional donation" during an event registration (or membership signup), the user can input a negative number, which basically enables an unscrupulous person to register for events and memberships for free.
While I have read some issues in the old issue tracker that suggest allowing a negative value for the unit price to be by design, I don't see where allowing a negative quantity value is a use case that should be supported. At the very least, perhaps these types of fields in price sets should have a "minimum value" that can be set on the field itself, in addition to the maximum value option that's already in place? I know there's a Minimum Price field on the Price Set, but this isn't ideal as an event might have multiple prices for different event experiences e.g. conference only, conference plus food, conference plus food and lodging. Setting the minimum price on the price set to the lowest price in the event reg options would still enable an unscrupulous person to use the negative amount in a text field to get free food and lodging, using this example.
**To replicate on dmaster.demo.civicrm.org:**
1. Create a new Event price set with a radial button price field that has one price option of $X amount (I set it to $1000) and a text / numeric quantity field with a price value of $1 and a hidden price
2. Set up and event that uses this price set, I used the Paid Conference with Online Registration template as my starter and added the price set I created above
3. Go to the event registration page, and be amazed that you can register for ZERO DOLLARS by entering "-1000" in the text / numeric quantity field.
*And don't even get me started on how an automagic CiviDiscount appears to break the "Total Fee(s) for this participant" during this test I created. ;)*
So, this might be 'by design' or even 'functioning as expected' territory, but I feel it's worth looking at something to mitigate the potential risks. Open to ideas on how to handle this. Ideas?
1. Add a new field type for Price Sets called "Other Amount" that is a text / numeric field and functions the same way the "Allow Other Amounts" field works when you configure a contribution page w/o a price set
2. Add a Minimum Amount parameter to Price Fields
3. Decide that negative amounts should be disallowed and put form validation in place to enforce
4. Other?https://lab.civicrm.org/dev/core/-/issues/63Clarify profile permissions2019-08-14T08:30:09ZherbdoolClarify profile permissionsThe profile permissions (listings, listings and forms, view/create/edit) are quite vague and confusing, even for seasoned devs like myself. Most of them don't have descriptions nor warnings. This is at least in Drupal but maybe others as...The profile permissions (listings, listings and forms, view/create/edit) are quite vague and confusing, even for seasoned devs like myself. Most of them don't have descriptions nor warnings. This is at least in Drupal but maybe others as well.
![Screenshot_from_2018-04-16_10-36-50](/uploads/6bb35484ff0f5bdbecd612d42526d7b9/Screenshot_from_2018-04-16_10-36-50.png)
For instance, in the code "CiviCRM: profile listings and forms" is described as "all powerful". And in the guide https://docs.civicrm.org/user/en/latest/initial-set-up/permissions-and-access-control/ it doesn't really clarify that this is a dangerous permission for anon/authenticated users. In fact, it even implies that anonymous roles are given this permission!
![Screenshot_from_2018-04-16_10-45-18](/uploads/45c5a8f36699cac403b81177de1a43b7/Screenshot_from_2018-04-16_10-45-18.png)
But ironically, "CiviCRM: profile create" sounds dangerous--can the user create forms?--when in fact it just means they can fill out a form.
It wouldn't be hard to just clarify these for everyone.https://lab.civicrm.org/dev/financial/-/issues/65Editing a financial account pops up a blank new form2019-08-15T01:07:22ZDaveDEditing a financial account pops up a blank new formSeems like this combo of recent commits prevents the $this->_values from getting filled in and so it ends up in a limbo of thinking it's an edit but with no existing values. Given the nature of the second one I'm not sure the best fix - ...Seems like this combo of recent commits prevents the $this->_values from getting filled in and so it ends up in a limbo of thinking it's an edit but with no existing values. Given the nature of the second one I'm not sure the best fix - revert both?
https://github.com/civicrm/civicrm-core/commit/e03e16417a7054d229ee8b28952afae44cd6825c#diff-15cfbac79d793ca9dc2cb062a8cc44da
https://github.com/civicrm/civicrm-core/commit/f93f8e8b642fde961d8f878af58e3e585417e95e5.16.2https://lab.civicrm.org/dev/user-interface/-/issues/1Remove "Backend" from the Access CiviCRM permission label2019-08-15T06:52:49ZmarshRemove "Backend" from the Access CiviCRM permission labelon admin>people/permissions the name of Access CiviCRM has changed to "Access CiviCRM backend and API".
This is confusing for two reasons:
- backend infers something behind Civi, not Civi itself
- there are many references to Access Civ...on admin>people/permissions the name of Access CiviCRM has changed to "Access CiviCRM backend and API".
This is confusing for two reasons:
- backend infers something behind Civi, not Civi itself
- there are many references to Access CiviCRM in the notes on the page.
Would it be more prudent to change the label to "Access CiviCRM (and API)", or am I just being pedantic?https://lab.civicrm.org/dev/core/-/issues/974.ics files should be whitelisted as file types for upload2019-08-15T14:00:20ZStoob.ics files should be whitelisted as file types for uploadCurrently an uploaded .ics file to Civi has the 'unknown' suffix appended. To offer some background, .ics file is a common format used by Google, Outlook and many other calendar software https://en.wikipedia.org/wiki/ICalendar. Indeed ...Currently an uploaded .ics file to Civi has the 'unknown' suffix appended. To offer some background, .ics file is a common format used by Google, Outlook and many other calendar software https://en.wikipedia.org/wiki/ICalendar. Indeed you will see this filetype attached to many email invitations you get for meetings.
I suggest that this filetype should be whitelisted by CiviCRM and uploaded without modification, for use in all places where attachments are allowed: CiviMail, custom data fields, etc. Since the filetype contains only data (similar to JSON or XML) there are no security issues I'm aware of, but I will rely on security experts to judge ultimately be the judge. Here's an example of part of the problem CiviCRM's appended suffix causes. The ".unknown" file cannot be recognized nor easily opened. @eileen @seamuslee
![ics](/uploads/f3f6c8c202dba00da35eda94eecdd974/ics.png)
![ics2](/uploads/3823eebea44838c339af41bb241e3d07/ics2.png)5.14.0seamusleeseamusleehttps://lab.civicrm.org/dev/core/-/issues/377{Membership.Fee} appears on Membership Renewal Reminder emails with 9 decimal...2019-08-15T20:09:19Zpaulorokonui{Membership.Fee} appears on Membership Renewal Reminder emails with 9 decimal placesSimilar to the previously reported issue.....
https://github.com/civicrm/civicrm-core/pull/12186
Screenshots and comments can be found on above thread
civiCRM 5.4.0 on Drupal 7Similar to the previously reported issue.....
https://github.com/civicrm/civicrm-core/pull/12186
Screenshots and comments can be found on above thread
civiCRM 5.4.0 on Drupal 75.18.0https://lab.civicrm.org/dev/core/-/issues/1185Activity profile on Update multiple activities action displays duplicate assi...2019-08-16T07:10:06ZscardiniusActivity profile on Update multiple activities action displays duplicate assigneesActivity profile always displays *Added By*, *With Contact* and *Assigned to* fields.
*Assigned to* contains own contact and contacts for previous processed activities.
* 1st -> only own contact(s)
* 2nd -> own contact(s) and previous ...Activity profile always displays *Added By*, *With Contact* and *Assigned to* fields.
*Assigned to* contains own contact and contacts for previous processed activities.
* 1st -> only own contact(s)
* 2nd -> own contact(s) and previous contacts (from 1st)
* 3rd -> own contact(s) and previous contacts (from 1st and 2nd)
* 4th -> ...
I'm preparing PR5.18.0https://lab.civicrm.org/dev/core/-/issues/1189Profile Summary Overlay don't show work phone numbers2019-08-16T07:22:43ZJankProfile Summary Overlay don't show work phone numbersI changed the reserved Profile "Summary Overlay" to show additional the work phone.
The field appears in the overlay but without value.I changed the reserved Profile "Summary Overlay" to show additional the work phone.
The field appears in the overlay but without value.https://lab.civicrm.org/dev/core/-/issues/1188Fix Psalm issue Class or interface CiviCRM_API3_Exception does not exist2019-08-18T07:35:05ZprondubuisiFix Psalm issue Class or interface CiviCRM_API3_Exception does not existWhile Scanning with static analysis tool through civi-core folder `api/v3/examples` I have the following error `Class or interface CiviCRM_API3_Exception does not exist` appearing multiple times This can be fixed by calling the `api/Exce...While Scanning with static analysis tool through civi-core folder `api/v3/examples` I have the following error `Class or interface CiviCRM_API3_Exception does not exist` appearing multiple times This can be fixed by calling the `api/Exception.php` class [here](https://github.com/civicrm/civicrm-core/blob/master/CRM/Core/ClassLoader.php#L207)5.18.0https://lab.civicrm.org/dev/core/-/issues/947PCP honour roll hide amount2019-08-19T11:33:28ZMartinPCP honour roll hide amountA feature request - When filling out a PCP contribution page, the donor has the option to be shown on the honor roll or not (with some additional options). Could we add an extra option here to ask if the donor would like to hide the dona...A feature request - When filling out a PCP contribution page, the donor has the option to be shown on the honor roll or not (with some additional options). Could we add an extra option here to ask if the donor would like to hide the donation amount or not?
If this request is accepted I may be able to provide the code changes for it.kcristianokcristianohttps://lab.civicrm.org/dev/core/-/issues/1192ENOTICE when creating activity from contact search results / aka Repeat Activ...2019-08-20T01:12:34ZDaveDENOTICE when creating activity from contact search results / aka Repeat Activity accordion section missing when using Add Activity from contact search resultsI'm not sure which one is the actual bug: Is it intentional that you can't create a repeating activity in this situation, in which case the bug is just the ENOTICE, or is it that it was an oversight and you are supposed to be able to cre...I'm not sure which one is the actual bug: Is it intentional that you can't create a repeating activity in this situation, in which case the bug is just the ENOTICE, or is it that it was an oversight and you are supposed to be able to create repeat activities?
The first one is easier/safer to fix, and is just [here](https://github.com/civicrm/civicrm-core/blob/5.16.2/CRM/Core/Form/RecurringEntity.php#L346). The second one seems to be coming from [here](https://github.com/civicrm/civicrm-core/blob/5.16.2/CRM/Activity/Form/Activity.php#L679), because `$this->_action` is actually `CRM_Core_Action::BASIC` in this situation, but might be more complex than just updating that line because recurring activities can be tricky, so might have been left out on purpose.
To clarify what I'm talking about:
1. Do a contact search.
1. Select a couple contacts or all.
1. From the actions dropdown choose "Add Activity".
1. On the resulting activity form there isn't the usual "Repeat Activity" section.
1. If you keep going and save you get the notice `Undefined index: allowRepeatConfigToSubmit in CRM_Core_Form_RecurringEntity::postProcess() (line 346 of /.../web/sites/all/modules/civicrm/CRM/Core/Form/RecurringEntity.php`5.18.0https://lab.civicrm.org/dev/core/-/issues/1181Navigation Menu disappears on update to 5.16.02019-08-20T13:40:50ZsbyrneNavigation Menu disappears on update to 5.16.0On updating to 5.16.0 our Navigation Menu disappeared from the top of the screen. Was still able to access other screens e.g. contacts via the dashboard and the civicrm/admin menu. Some screens (such as "Configure your dashboard") brough...On updating to 5.16.0 our Navigation Menu disappeared from the top of the screen. Was still able to access other screens e.g. contacts via the dashboard and the civicrm/admin menu. Some screens (such as "Configure your dashboard") brought up an error saying "couldn't connect to network". When viewing a contact a white space where the navigation menu would normally live was at the top of screen. Other than that all I could see was the normal Drupal 7 Admin menu (normally hidden when viewing Civi). I've managed to roll back to 5.15.1 for now. Not sure if anyone else has experienced similar.https://lab.civicrm.org/dev/core/-/issues/1196CRM_Utils_Array::crmInArray() should recurse properly2019-08-21T16:39:07ZhaystackCRM_Utils_Array::crmInArray() should recurse properlySeems that there's a minor error in `CRM_Utils_Array::crmInArray()` where the method is [called in global scope](https://lab.civicrm.org/dev/core/blob/master/CRM/Utils/Array.php#L378) instead of with `self::crmInArray()`. PR to follow.Seems that there's a minor error in `CRM_Utils_Array::crmInArray()` where the method is [called in global scope](https://lab.civicrm.org/dev/core/blob/master/CRM/Utils/Array.php#L378) instead of with `self::crmInArray()`. PR to follow.haystackhaystackhttps://lab.civicrm.org/dev/core/-/issues/1061Bad popup on update recurring screen2019-08-21T16:48:10ZeileenBad popup on update recurring screenWe are seeing a popup when checksum users attempt to update a recurring contribution.
![Screenshot_2019-06-12_at_18.50.39](/uploads/85512b40438dcd0e198fddc51dd64c00/Screenshot_2019-06-12_at_18.50.39.png)
This appears to date back to M...We are seeing a popup when checksum users attempt to update a recurring contribution.
![Screenshot_2019-06-12_at_18.50.39](/uploads/85512b40438dcd0e198fddc51dd64c00/Screenshot_2019-06-12_at_18.50.39.png)
This appears to date back to March 2018 when custom data was added to this form (by @mattwire ) - which means we don't need to target the rc & I'm inclined to focus on 'the right fix' on master.
Fundamentally we have a backoffice form that is being exposed for front end users. I have personally proposed doing similar to the 'Add Payment' form recently so it probably bares a little thought. In this case the custom data is not accessible to checksum accessors of the page & superficially the problem is not that it is not available but that it is noisily not available.
I feel like at a conceptual level we probably want to either
1) say front end forms are front end forms and back end forms are back end forms and never the twain shall meet or
2) set the front end form flag whenever a both-use-form is accessed with a checksum
In terms of the custom data I feel the safest option is just to say 'don't expose custom data on both-use forms to users without Access CiviCRM'. If people want to this might not be the right form approach for them - they can actually probably intervene by hook but the risk of exposing inappropriate custom data fields seems real.
This probably also impacts on theming & provides an obvious way not to present un-themed versions of these pages (@seamuslee @totten )5.17.0https://lab.civicrm.org/dev/core/-/issues/1037Hashed mailing URLs do not work with view mailing links2019-08-21T20:45:56ZJKingsnorthHashed mailing URLs do not work with view mailing linksCiviMail has a setting for 'Hashed Mailing URL's'
However, if this setting is enabled it is impossible to view the mailing.
Clicking 'View complete mailing' results in a server error:
![image](/uploads/a0a390d00cea3d19b3347897cdb2852e...CiviMail has a setting for 'Hashed Mailing URL's'
However, if this setting is enabled it is impossible to view the mailing.
Clicking 'View complete mailing' results in a server error:
![image](/uploads/a0a390d00cea3d19b3347897cdb2852e/image.png)
We are working on a fix for this.
Possibly related to https://lab.civicrm.org/dev/core/issues/911 ?https://lab.civicrm.org/dev/core/-/issues/1198Unable to view completed mailing if mailing hash enabled2019-08-22T01:00:07ZlcdwebUnable to view completed mailing if mailing hash enabledTo reproduce:
1. go to CiviMail > CiviMail Component Settings
2. select option for Hashed Mailing URL's
3. create and send a mailing
4. go to a contact who has received the mailing, click the Mailings tab, and View the mailing
The prev...To reproduce:
1. go to CiviMail > CiviMail Component Settings
2. select option for Hashed Mailing URL's
3. create and send a mailing
4. go to a contact who has received the mailing, click the Mailings tab, and View the mailing
The preview is handled through the API and expects the Mailing ID to be the actual mailing table ID. If hashed ID's is enabled, it fails the variable type validation check.lcdweblcdwebhttps://lab.civicrm.org/dev/core/-/issues/1186Datatables error when viewing contact multiple record custom field tab contai...2019-08-23T01:14:29ZAndrew ThompsonDatatables error when viewing contact multiple record custom field tab containing a file fieldWhen clicking on a tab for a contact custom field group (multiple record, tab with table) if the custom group contains a file field and a record exists with a file attached, the following error is displayed and the DataTable does not dis...When clicking on a tab for a contact custom field group (multiple record, tab with table) if the custom group contains a file field and a record exists with a file attached, the following error is displayed and the DataTable does not display:
`DataTables warning: table id=records-6 - Ajax error. For more information about this error, please see http://datatables.net/tn/7`
I am on CiviCRM 5.16.1 on Joomla 3.9.11. This is reproducible on dmaster. I am pretty sure that this was working recently, no more than 1-2 months ago.
Steps to reproduce:
1. Create a custom group for contacts, multiple records, tab with table
2. Add fields to the new group:
- Field1 Alphanumeric - text
- Field2 Integer - text
- File File - select
3. Go to a contact and open the tab for the custom field group
4. Add a record, enter "asdf", "123" and upload a file.
5. Error will be seen: `DataTables warning: table id=records-6 - Ajax error. For more information about this error, please see http://datatables.net/tn/7`
Firefox Network Monitor shows 500 Internal Server Error:
```
Request URL:https://dmaster.demo.civicrm.org/civicrm/ajax/multirecordfieldlist?snippet=4&cid=59&cgid=8&draw=1&columns%5B0%5D%5Bdata%5D=field1_14&columns%5B0%5D%5Bname%5D=&columns%5B0%5D%5Bsearchable%5D=true&columns%5B0%5D%5Borderable%5D=true&columns%5B0%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B0%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B1%5D%5Bdata%5D=field2_15&columns%5B1%5D%5Bname%5D=&columns%5B1%5D%5Bsearchable%5D=true&columns%5B1%5D%5Borderable%5D=true&columns%5B1%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B1%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B2%5D%5Bdata%5D=record_type_16&columns%5B2%5D%5Bname%5D=&columns%5B2%5D%5Bsearchable%5D=true&columns%5B2%5D%5Borderable%5D=true&columns%5B2%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B2%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B3%5D%5Bdata%5D=file_19&columns%5B3%5D%5Bname%5D=&columns%5B3%5D%5Bsearchable%5D=true&columns%5B3%5D%5Borderable%5D=true&columns%5B3%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B3%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B4%5D%5Bdata%5D=action&columns%5B4%5D%5Bname%5D=&columns%5B4%5D%5Bsearchable%5D=true&columns%5B4%5D%5Borderable%5D=false&columns%5B4%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B4%5D%5Bsearch%5D%5Bregex%5D=false&start=0&length=25&search%5Bvalue%5D=&search%5Bregex%5D=false&_=1565849608494
Request method:GET
Remote address:192.95.2.129:443
Status code:
500
Version:HTTP/1.1
Referrer Policy:no-referrer-when-downgrade
```5.16.3