Skip to:
Content

BuddyPress.org

Opened 4 months ago

Closed 4 months ago

#8545 closed defect (bug) (fixed)

The Activity Reply Action tries to validate the wrong nonce

Reported by: imath Owned by: imath
Milestone: 9.1.0 Priority: normal
Severity: normal Version: 7.0.0
Component: Activity Keywords: has-patch
Cc:

Description

This is a regression introduced in #8004 where we've fixed a duplicate ID issues making the nonce field unique. We simply forgot to update this action as it's only reached when JavaScript is disabled.

Attachments (1)

8545.patch (2.3 KB) - added by imath 4 months ago.

Download all attachments as: .zip

Change History (3)

@imath
4 months ago

#1 @imath
4 months ago

In 13041:

Activity: update the nonce used by the Activity Reply JS Fallback

If JavaScript is unavailable (whether it was disabled or it errored), posting an activity uses the bp_activity_action_post_comment() PHP function after a page load. Unlike the Ajax action, the nonce used into this function has not been updated in [12735]. The main goal of this commit is to fix this oversight. The secondary goal is to improve code formatting.

See #8545 (trunk)

#2 @imath
4 months ago

  • Resolution set to fixed
  • Status changed from assigned to closed

In 13042:

Activity: update the nonce used by the Activity Reply JS Fallback

If JavaScript is unavailable (whether it was disabled or it errored), posting an activity uses the bp_activity_action_post_comment() PHP function after a page load. Unlike the Ajax action, the nonce used into this function has not been updated in [12735]. The main goal of this commit is to fix this oversight. The secondary goal is to improve code formatting.

Fixes #8545 (branch 9.0)

Note: See TracTickets for help on using tickets.