Moved rid parameter to a separate constant. Fixes #911

controllers/phish.go

@@ -127,13 +127,19 @@ func PhishHandler(w http.ResponseWriter, r *http.Request) {
 	if fn == "" {
 		fn = f.Address
 	}
+
+	phishURL, _ := url.Parse(c.URL)
+	q := phishURL.Query()
+	q.Set(models.RecipientParameter, rs.RId)
+	phishURL.RawQuery = q.Encode()
+
 	rsf := struct {
 		models.Result
 		URL  string
 		From string
 	}{
 		rs,
-		c.URL + "?rid=" + rs.RId,
+		phishURL.String(),
 		fn,
 	}
 	err = tmpl.Execute(&htmlBuff, rsf)
@@ -156,7 +162,7 @@ func setupContext(r *http.Request) (error, *http.Request) {
 		Logger.Println(err)
 		return err, r
 	}
-	id := r.Form.Get("rid")
+	id := r.Form.Get(models.RecipientParameter)
 	if id == "" {
 		return ErrInvalidRequest, r
 	}

controllers/phish_test.go

@@ -16,7 +16,7 @@ func (s *ControllersSuite) getFirstCampaign() models.Campaign {
 }
 
 func (s *ControllersSuite) openEmail(rid string) {
-	resp, err := http.Get(fmt.Sprintf("%s/track?rid=%s", ps.URL, rid))
+	resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	defer resp.Body.Close()
 	body, err := ioutil.ReadAll(resp.Body)
@@ -27,7 +27,7 @@ func (s *ControllersSuite) openEmail(rid string) {
 }
 
 func (s *ControllersSuite) openEmail404(rid string) {
-	resp, err := http.Get(fmt.Sprintf("%s/track?rid=%s", ps.URL, rid))
+	resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	defer resp.Body.Close()
 	s.Nil(err)
@@ -35,7 +35,7 @@ func (s *ControllersSuite) openEmail404(rid string) {
 }
 
 func (s *ControllersSuite) clickLink(rid string, campaign models.Campaign) {
-	resp, err := http.Get(fmt.Sprintf("%s/?rid=%s", ps.URL, rid))
+	resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	defer resp.Body.Close()
 	body, err := ioutil.ReadAll(resp.Body)
@@ -44,7 +44,7 @@ func (s *ControllersSuite) clickLink(rid string, campaign models.Campaign) {
 }
 
 func (s *ControllersSuite) clickLink404(rid string) {
-	resp, err := http.Get(fmt.Sprintf("%s/?rid=%s", ps.URL, rid))
+	resp, err := http.Get(fmt.Sprintf("%s/?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	defer resp.Body.Close()
 	s.Nil(err)
@@ -88,11 +88,11 @@ func (s *ControllersSuite) TestNoRecipientID() {
 
 func (s *ControllersSuite) TestInvalidRecipientID() {
 	rid := "XXXXXXXXXX"
-	resp, err := http.Get(fmt.Sprintf("%s/track?rid=%s", ps.URL, rid))
+	resp, err := http.Get(fmt.Sprintf("%s/track?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	s.Equal(resp.StatusCode, http.StatusNotFound)
 
-	resp, err = http.Get(fmt.Sprintf("%s/?rid=%s", ps.URL, rid))
+	resp, err = http.Get(fmt.Sprintf("%s/?%s=%s", ps.URL, models.RecipientParameter, rid))
 	s.Nil(err)
 	s.Equal(resp.StatusCode, http.StatusNotFound)
 }

models/campaign.go

@@ -91,6 +91,9 @@ var ErrPageNotFound = errors.New("Page not found")
 // ErrSMTPNotFound indicates a sending profile specified by the user does not exist in the database
 var ErrSMTPNotFound = errors.New("Sending profile not found")
 
+// RecipientParameter is the URL parameter that points to the result ID for a recipient.
+const RecipientParameter = "rid"
+
 // Validate checks to make sure there are no invalid fields in a submitted campaign
 func (c *Campaign) Validate() error {
 	switch {

models/maillog_test.go

@@ -254,7 +254,7 @@ func (s *ModelsSuite) TestURLTemplateRendering(ch *check.C) {
 
 	ch.Assert(PostCampaign(&campaign, campaign.UserId), check.Equals, nil)
 	result := campaign.Results[0]
-	expectedURL := fmt.Sprintf("http://127.0.0.1/%s/?rid=%s", result.Email, result.RId)
+	expectedURL := fmt.Sprintf("http://127.0.0.1/%s/?%s=%s", result.Email, RecipientParameter, result.RId)
 
 	m := &MailLog{}
 	err := db.Where("r_id=? AND campaign_id=?", result.RId, campaign.Id).