Opened 4 years ago
Last modified 4 years ago
#8433 new defect (bug)
Posting comments to activity failing in new_activity_comment ajax
Reported by: |
|
Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 7.1.0 |
Component: | Activity | Keywords: | close |
Cc: |
Description
This is a follow-up to #8403.
On my site, I've been debugging as to why comment replies can't be posted. It looks similar to the defect in #8403.
The ajax call is reporting a 403 Forbidden and the 'link has expired' - i.e. the typical invalid nonce response.
Here's the request payload when the Post comment button is pressed
XHRPOSThttps://www.getoutwiththekids.co.uk/wp-admin/admin-ajax.php
[HTTP/2 403 Forbidden 1255ms]
action "new_activity_comment"
cookie "bp-members-scope%3Dall%26bp-members-filter%3Dnewest"
comment_id "12887"
form_id "12887"
content "test"
_bp_as_nonce_12887 "06e8279c68"
1
action=new_activity_comment&cookie=bp-members-scope%253Dall%2526bp-members-filter%253Dnewest&comment_id=12887&form_id=12887&content=test&_bp_as_nonce_12887=06e8279c68
Within the HTML there are two nonce values:
<input type="hidden" id="_bp_as_nonce_12887" name="_bp_as_nonce_12887" value="06e8279c68">
<input type="hidden" id="_wpnonce_new_activity_comment" name="_wpnonce_new_activity_comment" value="e89b7147cc">
The website https://getoutwiththekids.co.uk
Wordpress version 5.6.1
Buddypress version 7.1.0
Hi,
Please check if your theme contains an activity/entry.php template. If so, make sure the second argument of the wp_nonce_field() function is:
'_wpnonce_new_activity_comment_' . bp_get_activity_id()
(This might be needed if your theme is overriding the activity/entry.php template)
See line 148 of https://buddypress.trac.wordpress.org/browser/tags/7.1.0/src/bp-templates/bp-legacy/buddypress/activity/entry.php#L148