mahara-contributors team mailing list archive

[Wen-Chang Chien(簡文章) <wcchien@xxxxxxxxxxx>]

Public bug reported:

A popup window of TinyMCE on top of shared pages that allow anonymous
comments.

Here's how to replicate the specific bug: 
 
0. Clean install of Mahara
1. Log in as admin
2. Got to Administration -> Configure site -> Ste options -> User Settings
3. Set [Anonymous comments] ON
4. Go to Portfilio -> Creat a new Page -> Store some data on this page.
5. Edit this new page access -> Enable [Share with public] and [Allow comments].
6. Log out.
7. Open this page as guest role . 
8. A window of TinyMCE  will popup on top of this page. 
 
I  found the cause of this bug. 
 
In /artefact/comment/lib.php, Line 728
==================================================
public static function add_comment_form( .....
        :
        :
        if (!$USER->is_logged_in()) {
            $form['spam'] = array(
                'secret'       => get_config('formsecret'),
                'mintime'      => 1,         
                'hash'         => array('authorname', 'message', 'ispublic', 'message', 'submit'),
            );
==================================================================
 
[message]  is a TinyMCE type element.
For logined user message element ID is "add_feebackform_message".
For guset user message element ID is  "add_feebackform_XXXXXXXXXXXXXXX"( XXXXXXXXXXXXXXX is hash code).
But  in /js/viewmenu.js,  TinyMCE type element ID is fixed string: "add_feebackform_message".

I suggest            
              'hash'         => array('authorname', 'message', 'ispublic', 'message', 'submit'),
chang to:
               'hash'         => array('authorname', 'ispublic', 'submit'),

** Affects: mahara
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Mahara
Contributors, which is subscribed to Mahara.
Matching subscriptions: Subscription for all Mahara Contributors -- please ask on #mahara-dev or mahara.org forum before editing or unsubscribing it!
https://bugs.launchpad.net/bugs/1460316

Title:
  A popup window of TinyMCE on top of Shared Pages that allow Anonymous
  comments.

Status in Mahara ePortfolio:
  New

Bug description:
  A popup window of TinyMCE on top of shared pages that allow anonymous
  comments.

  Here's how to replicate the specific bug: 
   
  0. Clean install of Mahara
  1. Log in as admin
  2. Got to Administration -> Configure site -> Ste options -> User Settings
  3. Set [Anonymous comments] ON
  4. Go to Portfilio -> Creat a new Page -> Store some data on this page.
  5. Edit this new page access -> Enable [Share with public] and [Allow comments].
  6. Log out.
  7. Open this page as guest role . 
  8. A window of TinyMCE  will popup on top of this page. 
   
  I  found the cause of this bug. 
   
  In /artefact/comment/lib.php, Line 728
  ==================================================
  public static function add_comment_form( .....
          :
          :
          if (!$USER->is_logged_in()) {
              $form['spam'] = array(
                  'secret'       => get_config('formsecret'),
                  'mintime'      => 1,         
                  'hash'         => array('authorname', 'message', 'ispublic', 'message', 'submit'),
              );
  ==================================================================
   
  [message]  is a TinyMCE type element.
  For logined user message element ID is "add_feebackform_message".
  For guset user message element ID is  "add_feebackform_XXXXXXXXXXXXXXX"( XXXXXXXXXXXXXXX is hash code).
  But  in /js/viewmenu.js,  TinyMCE type element ID is fixed string: "add_feebackform_message".

  I suggest            
                'hash'         => array('authorname', 'message', 'ispublic', 'message', 'submit'),
  chang to:
                 'hash'         => array('authorname', 'ispublic', 'submit'),

To manage notifications about this bug go to:
https://bugs.launchpad.net/mahara/+bug/1460316/+subscriptions