silence
Well-known member
It's coming but we are fixing as many bugs as possible before release.Any news here?
It's coming but we are fixing as many bugs as possible before release.Any news here?
Do you have a hotfix for the Donations nav tab exploit? because its awkward that guest visitors can see that we have donations while otherwise my board is totally private............
public static function navigationTabs(array &$extraTabs, $selectedTabId)
{
$xenOptions = XenForo_Application::getOptions();
$visitor = XenForo_Visitor::getInstance();
if ($xenOptions->addm_navigationLocation == 0 || $xenOptions->addm_navigationLocation == 99 && $visitor->hasPermission('general', 'addm')) {
$extraTabs['addm'] = array(
'title' => new XenForo_Phrase('addm_donations'),
'href' => XenForo_Link::buildPublicLink('donations'),
'linksTemplate' => 'addm_navigation',
'position' => $xenOptions->addm_navigationBarPosition
);
}
}
edit library/Audentio/DonationManager
Oops sorry, something must have been missed when I copied the path. library/Audentio/DonationManager /Listener/CodeEvent.phpThat is a folder... can you be more precise please... I am sure you meant a .php file. Which is it exactly?
edit library/Audentio/DonationManager and replace the entire navigationTabs function with this:
Code:public static function navigationTabs(array &$extraTabs, $selectedTabId) { $xenOptions = XenForo_Application::getOptions(); $visitor = XenForo_Visitor::getInstance(); if ($xenOptions->addm_navigationLocation == 0 || $xenOptions->addm_navigationLocation == 99 && $visitor->hasPermission('general', 'addm')) { $extraTabs['addm'] = array( 'title' => new XenForo_Phrase('addm_donations'), 'href' => XenForo_Link::buildPublicLink('donations'), 'linksTemplate' => 'addm_navigation', 'position' => $xenOptions->addm_navigationBarPosition ); } }
Hmmm.... Maybe I am blind but I can not see any difference in the functions of the file and what you have posted...
View attachment 141341
Nope, everything looks right there and the permission check is already in place, go to Users -> User Group Permissions -> Unregistered / Unconfirmed and make sure they don't have any of the Donation Manager permissions
public static function navigationTabs(array &$extraTabs, $selectedTabId)
{
$xenOptions = XenForo_Application::getOptions();
$visitor = XenForo_Visitor::getInstance();
if ($xenOptions->addm_navigationLocation == 0 || ($xenOptions->addm_navigationLocation == 99 && $visitor->hasPermission('general', 'addm'))) {
$extraTabs['addm'] = array(
'title' => new XenForo_Phrase('addm_donations'),
'href' => XenForo_Link::buildPublicLink('donations'),
'linksTemplate' => 'addm_navigation',
'position' => $xenOptions->addm_navigationBarPosition
);
}
}
The permissions are set to "no" for the unregistered user group and I havent changed anything in the permissions. The bug came with your last update.go to Users -> User Group Permissions -> Unregistered / Unconfirmed and make sure they don't have any of the Donation Manager permissions
The permissions are set to "no" for the unregistered user group and I havent changed anything in the permissions. The bug came with your last update.
($xenOptions->addm_navigationLocation == 99 && $visitor->hasPermission('general', 'addm')))
Could you check if the tables exist in your database for the addon?Getting errors in ACP with new version:
Code:ErrorException: Undefined index: campaign_id - library/Audentio/DonationManager/Model/Campaign.php:682
Code:ErrorException: Undefined index: donation_values - library/Audentio/DonationManager/Model/Campaign.php:422
Code:ErrorException: Undefined index: campaign_type - library/Audentio/DonationManager/Model/Campaign.php:388
Code:ErrorException: Undefined index: total_progress - library/Audentio/DonationManager/Model/Campaign.php:386
Oops, put the parenthesis in the wrong place, sorry just made the edit quickly in the reply box. Replace that if statement with this:I see what you did there, but unfortunately it did not solve the issue...
if (($xenOptions->addm_navigationLocation == 0 || $xenOptions->addm_navigationLocation == 99) && $visitor->hasPermission('general', 'addm')) {
Oops, put the parenthesis in the wrong place, sorry just made the edit quickly in the reply box. Replace that if statement with this:
PHP:if (($xenOptions->addm_navigationLocation == 0 || $xenOptions->addm_navigationLocation == 99) && $visitor->hasPermission('general', 'addm')) {
Okay, THAT worked...!
BUT: I of course tested the other navigation locations too. They all behave okay with one exception: "Footer" (alone) location is still present even when you have no permission and are logged out.
The footer location is a bit different, it's done with just a template modification that checks if it's using that location
I also tried the setting named "all locations" and there the footer location is removed when logged out.
It seems that it only shows up if you have the permission to see the donation page but not to donate, which is intended. Is there another occurrence you were talking about?Okay, THAT worked...!
BUT: I of course tested the other navigation locations too. They all behave okay with one exception: "Footer" (alone) location is still present even when you have no permission and are logged out.
I am talking about being logged out (unregistered guest) and having no permission at all while the link location is set to "footer". Then the link is still shown in the footer – but it shouldn't.It seems that it only shows up if you have the permission to see the donation page but not to donate, which is intended. Is there another occurrence you were talking about?
We use essential cookies to make this site work, and optional cookies to enhance your experience.