Support

Akeeba Ticket System

#40544 Email showing on public tickets if email as username

Posted in ‘Akeeba Ticket System for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
4.4.3
PHP version
8.2
Akeeba Ticket System version
5.3.4

Latest post by peterader on Thursday, 11 April 2024 09:19 CDT

Monday, 08 April 2024 05:30 CDT

peterader

Hi,

Merely a question for your opinion or possibly feature request: I'm using Membership Pro with the option "email as username" enabled. When a user now creates a public ticket their email is shown to anybody who can see public tickets. Obviously nothing that should ever happen. I've created a template override to remove the @ sign and anything that follows from the username, which is an ok solution in my opinion (not great, not terrible). For your reference: preg_replace('/@.*$/', '',$creator->username)

What do you think is a good way to handle this? Would it make sense to add it as a config option in ATS to switch frontend display between username and name for example?

Best regards,
Pete

Monday, 08 April 2024 06:34 CDT

nicholas

My opinion is that email addresses should never be used as usernames. Usernames, by definition, are public information.

Given that you allow email addresses as usernames on your site, you could a template override where instead of a username you get something like "User 123" where 123 is their user ID. This still suffers from the fact that you are leaking the user ID which needn't be public (even though it's not exactly private either).

Which leaves us with the last solution. A template override where non-manager users are simply displayed as "Client" when the person logged in is neither a manager, nor the user himself.

As for doing that as a config option, no, this won't happen. I am against config options for things which should be a template override. A litany of config options makes it very hard for us, the developers, to refactor the interface (e.g. whenever we will inevitably need to go to a newer version of Bootstrap), and it makes it extremely difficult for site integrators to make template overrides. The latter means that even more things need config options, which makes it ever harder for us to manager the interface etc. It creates a feedback loop which results in an unmaintainable interface.

This is not speculation, or me being a jerk; we've been there, and done that with Akeeba Subscriptions back in 2012. We said yes to every kind of config option which changes the interface. Within a year we could no longer maintain the interface. We needed a hard reset so badly, I had to do something I have never done since: discontinue a product without a replacement (every product I've discontinued since is because it's been included in Joomla! itself).

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Thursday, 11 April 2024 09:19 CDT

peterader

Thanks for the detailed response. I understand your reasoning and will go with the suggestion to show different names for managers and non-managers. Thank you for taking the time.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!