Fixed Reporting from a user's profile respects user privacy settings

X

Xon

Well-known member
Affected version
2.2.5
PHP: 
public function actionReport(ParameterBag $params)
{
   $user = $this->assertViewableUser($params->user_id);
   if (!$user->canBeReported($error))

assertViewableUser is being called with $basicProfileOnly = false

This means the members/report route only works if the user's privacy settings allow accessing the full profile page.

It doesn't make much sense to gate this behind a profile visibility check, as it is handy for custom styles to add this user report link elsewhere.
 
Thank you for reporting this issue, it has now been resolved. We are aiming to include any changes that have been made in a future XF release (2.2.6).

Change log:
Allow users to be reported regardless of their profile privacy settings
Click to expand...
There may be a delay before changes are rolled out to the XenForo Community.
 

Similar threads

Alteran Ancient
  • Question Question
XF 1.4 Override User Privacy Settings w/ Usergroup?
Replies
3
Views
1K
Alteran Ancient
Alteran Ancient
CTXMedia
  • Question Question
How do I directly link to a user's profile page without the user card popping up?
Replies
2
Views
665
CTXMedia
CTXMedia
Back
Top Bottom