Details
Major
Description
Please log hours on this issue to http://dev.nysenate.gov/issues/7723
======================================================
1. Create a new column called hash in civicrm_mailing. Copy the format of the civicrm_contact hash column
a. All new mailing creation populates this hash column. The hash should follow the same pattern of generating the contact hash, but is restricted to 16 characters. Please check and centralize this code (send in a parameter for the hash size)
b. Updates of Mailing record should check and populate the hash column if null.
c. The upgrade script keeps this column null
2. Create a new setting called:
"Hashed Mailing URL's" in the civimail settings screen (http://drupal.demo.civicrm.org/civicrm/admin/mail?reset=1)
Setting is BOOLEAN, setting field is a checkbox. The default value for this setting is FALSE.
3. When user changes value of this field to CHECKED, display jScript confirmation dialog:
"WARNING: If you enable hashed mailing URLs, users will no longer be able to view new or updated mailings using the mailing ID In the URL. If you want users to 'view this mailing in a browser', then use the mailing.viewURL token to include links with a valid hashed URL in your mailings."
4. If this setting is False, we retain current behavior
5. If this setting is True, we modify:
a. The mailing.viewURL token to now uses hash value instead of the mailing ID in the id= key of the querystring (the mailing/view url stays the same, but the value of the 'id' key is the hash).
b. In the mailing view page code, if the setting is enabled, use the hash to find the relevant mailing id. If not found, throw a permission denied error. If found, render the mailing view.
NOTE: In order to accommodate mailings sent prior to the setting being enabled, we will render mailing view via ID for mailings where the hash is NULL. If SELECT via id=hash returns empty set, then query on id=id. If we find a mailing and mailing.hash is NULL then render the mailing view.
