Unanticipated User Role setting causes error #28
Description
I came across an issue which gets triggered by the scenario that a certain User Role is able to make a comment, but not allowed to view them. In this case the $view variable along with $view->addHelperPath is not set since this is currently dependent on the ability to view comments. Also in this scenario the Label as well as the flash message does not get output, since they currently reside in views/public/comments.php, which gets bypassed.
To fix the issue, I updated the showComments function in CommentingPlugin to the following:
public static function showComments($args = array())
{
echo "<div id='comments-container'>";
// presume we will need the view in any case
if(isset($args['view'])) {
$view = $args['view'];
} else {
$view = get_view();
}
$view->addHelperPath(COMMENTING_PLUGIN_DIR . '/helpers', 'Commenting_View_Helper_');
// output the header
echo $view->partial('commentingHeader.php');
if( (get_option('commenting_allow_public') == 1)
|| (get_option('commenting_allow_public_view') == 1)
|| is_allowed('Commenting_Comment', 'show') ) {
$options = array('threaded'=> get_option('commenting_threaded'), 'approved'=>true);
$comments = isset($args['comments']) ? $args['comments'] : $view->getComments($options);
echo $view->partial('comments.php', array('comments'=>$comments, 'threaded'=>$options['threaded']));
}
if( (get_option('commenting_allow_public') == 1)
|| is_allowed('Commenting_Comment', 'add') ) {
echo "<div id='comment-main-container'>";
echo $view->getCommentForm();
echo "</div>";
}
echo "</div>";
}
This presumes that we need the $views set in any case.
I also created a new file views/public/commentingHeader.php which contains:
<?php $label = get_option('commenting_comments_label'); ?>
<?php if ($label == ''):?>
<h2><?php echo __('Comments'); ?></h2>
<?php else: ?>
<h2><?php echo $label; ?></h2>
<?php endif; ?>
<div id='comments-flash'><?php echo flash(true); ?></div>
This code has been removed from views/public/comments.php.