You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Potential Bug 1: Unauthenticated Users Can Post Reports
Description
Users can post reports without logging in or signing up when accessing the application through mobile/web services.
To Reproduce
Steps to reproduce the behavior:
Go to Ushahidi deployed site.
Click on the "Add a new post" button.
Fill out the post form.
Submit the form without logging in or signing up.
Report gets posted successfully without any authentication.
Expected behavior
Users should be required to log in or sign up before being able to post reports.
Solution
Implement authentication requirements for posting reports. This can be achieved by:
Requiring users to log in or sign up before accessing the report submission form.
Adding a check to the report submission process to ensure that the user is authenticated before allowing the submission to proceed.
Preferred Resolution Method
Implementing authentication requirements for posting reports is the preferred resolution method as it ensures that only authenticated users can submit reports, thereby enhancing security and accountability.
Screenshots
Potential Bug 2: Lack of Email Validation and Verification During Signup
Description
There is a lack of validation and verification mechanisms for email IDs during the signup process.
To Reproduce
Steps to reproduce the behavior:
Go to Ushahidi's deployed site.
Fill out the signup form with a gibberish email ID.
Submit the form.
Signup process completes without validating or verifying the email ID.
Expected behavior
During signup, email IDs should undergo validation and verification processes to ensure they are legitimate.
Solution
Implement email validation and verification mechanisms during the signup process. This can be achieved by:
Validating email format to ensure it follows standard conventions.
Sending a verification link or code to the provided email address and requiring users to confirm their email before completing the signup process.
Implementing CAPTCHA or similar human verification mechanisms to prevent bots from registering with fake email IDs.
Preferred Resolution Method
Implementing email validation and verification mechanisms during the signup process is the preferred resolution method as it enhances the authenticity of user accounts and reduces the risk of spam or misuse of the platform.
Potential Bug 1: Unauthenticated Users Can Post Reports
Description
Users can post reports without logging in or signing up when accessing the application through mobile/web services.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Users should be required to log in or sign up before being able to post reports.
Solution
Implement authentication requirements for posting reports. This can be achieved by:
Preferred Resolution Method
Implementing authentication requirements for posting reports is the preferred resolution method as it ensures that only authenticated users can submit reports, thereby enhancing security and accountability.
Screenshots
Potential Bug 2: Lack of Email Validation and Verification During Signup
Description
There is a lack of validation and verification mechanisms for email IDs during the signup process.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
During signup, email IDs should undergo validation and verification processes to ensure they are legitimate.
Solution
Implement email validation and verification mechanisms during the signup process. This can be achieved by:
Preferred Resolution Method
Implementing email validation and verification mechanisms during the signup process is the preferred resolution method as it enhances the authenticity of user accounts and reduces the risk of spam or misuse of the platform.
Screenshots
@Angamanga @dukedanny
The text was updated successfully, but these errors were encountered: