Posted by mysocom on June 26, 2009 at 8:43am
Jump to:
| Project: | Drupal core |
| Version: | 6.14 |
| Component: | base system |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | closed (fixed) |
Issue Summary
After succesefull webform submission Anonymous do not see any messages! They can submit and webform is working (I recived email) but it's a little bit confusing without status messages. Even if I grant all permission to the Anonymous user.
Comments
#1
Anonymous users are never allowed to edit their submissions because there's a high probability of mistaken access (say two computers within a computer lab that are sharing the same IP address because they're behind a router). You wouldn't want the person next to you to be able to see and edit your submission just because you had the same IP address.
#2
Perhaps the solution here is integration with Session API module (http://drupal.org/project/session_api)?
#3
Thank you for a great module, Nathan.
I think mysocom was referring to something other than the ability for anonymous users to view or edit their Webform submissions. I just came across the same problem.
The Confirmation Message does not get displayed after successful form submission if browser has cookies disabled. Validation and error reporting works fine even with cookies disabled.
I am using Webform 6.x-2.9 and have a form accessible to anonymous users and everything works just fine except if user has cookies disabled the DIV tag
<div class="messages status">... status message text ...</div>does not get displayed after the form gets submitted.The
<div class="messages error">... error message text ...</div>shows up correctly even when cookies are disabled.I don't know enough about Drupal yet, but I think the status messages are called with the
theme_status_messages()function and the problem may be in core.If there was a way to check if cookies are enabled and alert the user, it sure would eliminate all sorts of issues.
Any suggestions on how to get around this?
#4
Unfortunately all forms within Drupal that do POST requests will not work if cookies are disabled. You can't even log into a Drupal site if cookies are disabled. The user's Session ID (stored in the cookies) is a critical part of Drupal's security architecture to prevent spoofed form submissions.
I don't think adding a warning to Webform is necessarily the correct solution, since this limitation exists for all forms in Drupal.
#5
I am not expecting anyone being able to log into Drupal without cookies enabled.
The form works, only the message status does not get inserted into the page after successful submission.
As it is now, anonymous user is able to submit the form even when cookies are disabled and the submited data comes through.
However, the user does not know if the submission is successful or not since the status message does not show.
Is it possible to add some cookie validation to the Additional Validation field under Webform advanced settings?
I understand that this is not really a Webform issue, but problem in core. Any application that requires cookies to be enabled should let the user know.
I was hoping that the http://drupal.org/project/cookie_check module would help in this case. However, it only works for the login.
#6
I just submitted a contact form at Lullabot www.lullabot.com/contact/general using a browser with cookies disabled and after clicking the submit button I got redirected to the front page without any indication if my submission was successful or not.
I understand that on a technical website like Lullabot you can expect your visitors to be technically savvy about issues related to cookies and adjust their browser settings appropriately.
However, not all websites build with Drupal are technically oriented and many sites provide anonymous access to content. Visitors to these sites still need to be able to fill in contact forms or subscribe to newsletters and receive some type of feedback once they hit the submit button.
I understand this is not Webform issue and am moving this to core. Feel free to assign this to a different project queue component if this is not the correct one.
I would welcome any suggestions on how to deal with this issue and make my Drupal site more user friendly. I am aware of the /project/cookie_check module and am already using it. However, the Cookie Check module only deals with logins.
#7
quicksketch is correct, status messages are stored in $_SESSION['messages'] and this just isn't going to work without cookies. Even pressflow, which removes anonymous session cookies, sets a temporary cookie following a form POST.
BTW I have also seen this happen for all anon. users when UID 0 is missing from the database. You might want to check your {users} table if it happens with cookies enabled.
#8
Hi grendzy,
I understand the fact that cookies are necessary. What I am trying to figure out is how to configure Drupal to alert the user that he/she needs to enable cookies.
http://drupal.org/project/cookie_check provides this functionality for the login form.
The missing users.uid = 0 is a different issue.
#9
Hi
I am closing this issue to clean up the issue queue. Feel free to reopen the issue if there is new information and the problem still resides. If not please make sure you close your issues that you don't need any more.
Maybe you can get support from the local user group. Please take a look at this list at groups.drupal.org.
#10
Automatically closed -- issue fixed for 2 weeks with no activity.