When you enable the contact form, but do not set up any categories, users without permission to administer the contact form will see "The contact form has not been configured. Add one or more categories to the form." When they click on the link, they get an access denied. I think the the ideal behavior would be to not show users this message at all, and instead show them a 404 (or 403), until the contact form is setup and ready for them to use. Attached is a patch for the 404 option. I put in a "die" right after the drupal_not_found() b/c otherwise it double-themes the page. Perhaps this is not the correct way to do it in this situation.
Ian
Comment | File | Size | Author |
---|---|---|---|
#10 | 282858-contact-no-categories-D7.patch | 7.4 KB | Dave Reid |
#7 | 282858-contact-no-categories-D7.patch | 5.92 KB | Dave Reid |
#4 | contact-282858-4_enabled_no_categories.patch | 2.16 KB | Ian Ward |
#2 | contact-282858-2_enabled_no_categories.patch | 958 bytes | Ian Ward |
contact_enabled_no_categories.patch | 976 bytes | Ian Ward | |
Comments
Comment #1
Damien Tournoud CreditAttribution: Damien Tournoud commentedOk, I understand the issue there, but the patch needs work.
contact_mail_page()
is not a page callback but a form function. We should not exit() from there. My suggestion is to display a slightly different message if the user doesn't have the administer site-wide contact form permission. For example:Comment #2
Ian Ward CreditAttribution: Ian Ward commentedHi Damien, thanks for your feedback and pointer.
I feel like it would be good if nothing about the contact form is said to the user if they're unable to do anything with it. What do you think about this new patch, which returns false, which is checked in the page callback itself, which then sets the 404?
Ian
Comment #3
Ian Ward CreditAttribution: Ian Ward commentedSorry, disregard that last patch (#2) I need to rework this again.
Comment #4
Ian Ward CreditAttribution: Ian Ward commentedHere is a new patch, which does what the patch in #2 was supposed to do. The checks on the # of categories is now done in the page callback, and the arguments are passed on to the form.
Ian
Comment #5
Ian Ward CreditAttribution: Ian Ward commentedJust fixing the status.
Comment #6
Anonymous (not verified) CreditAttribution: Anonymous commentedThe last submitted patch failed testing.
Comment #7
Dave ReidRevised patch:
1. If there are no categories:
1a. and the current user has the 'administer site-wide contact form' permission, will show a blank page with the message "'The contact form has not been configured. Add one or more categories to the form." (with link to add a category)
1b. otherwise, return drupal_not_found(), or a 404 error. This will help search engines to not index this page when it is not ready.
2. Cleans up some of the code in the site-wide contact form:
Those are the only changes in the form code, and it really helps simplify the code while keeping the original functionality.
Comment #8
Dave ReidComment #10
Dave ReidThis one should pass all the tests.
Comment #11
Dries CreditAttribution: Dries commentedCommitted to CVS HEAD. Thanks.