Community Awards

Reaction controller plugin doesn't check canView on the ReactionContent entity

Status: This content is read-only, or is not open for further replies.

Kirby

Guest

\XF\ControllerPlugin\Reaction::actionReactions

PHP:

Code:

$reactionsFinder = $reactionRepo->findContentReactions($contentType, $contentId, $reactionId)
    ->limitByPage($page, $perPage, 1);

$reactions = $reactionsFinder->fetch();

if (!count($reactions))
{
    return $this->message(\XF::phrase('no_one_has_reacted_to_this_content_yet'));
}

$hasNext = count($reactions) > $perPage;
$reactions = $reactions->slice(0, $perPage);

$tabSummary = $reactionRepo->getContentTabSummary($contentType...

Share this page

Facebook Reddit Pinterest WhatsApp Email Link

Latest threads

Discussion Minecraft discussion question
- Started by kevy0128
- Wednesday at 9:20 AM
- Replies: 0
Minecraft
🔥CLOUDBLAST.IO🔥// AMD Epyc VPS ☁️ 10 Gbps ☁️ 2.5Tbps DDoS Protection ☁️ Hourly Billing 🤯 (FREE UPGRADE OFFER) 🤯
- Started by cloudblast
- Wednesday at 8:06 AM
- Replies: 0
Jobs & Services
Free Themes [REQUEST] OneNav WP Theme
- Started by DragoCom
- Tuesday at 3:33 AM
- Replies: 0
WordPress
Not much being uploaded but...
- Started by DragoCom
- Monday at 12:38 AM
- Replies: 1
The Lounge
console warning about a bug to be fixed by Spigot
- Started by siflogui
- Sunday at 12:02 AM
- Replies: 1
The Lounge

Forum statistics

Threads: 66,447

Messages: 98,954

Members: 63,625

Latest member: meksikan

This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.

Accept Learn more…

Top Bottom