- Affected version
- 2.2.12
Steps to reprodue
Reactions # 25 to # 6 are being shown (eg. including the reaction for post # 21 is being shown, but probably without a link to the inaccessible post) and a button Next to load the remaining reactions (# 5 to # 1 is displayed)
OR
Reactions # 25 to # 5 are being shown (eg. reaction for post # 21 is not being shown) and a button Next to load the remaining reactions (# 4 to # 1) is displayed
Actual Result
Reactions # 25 to #5 are being shown (eg. reaction for post # 21 is not being shown) but no button Next is displayed
Manually accessing page 2 displays reactions # 5 to # 1
So effecively this bug causes users to only be able to view reactions until they hit a "page" that contains at least one inaccessible content - if they do it is not possible to move on to the next page.
The reason for this is that the algorith used in
IMHO this needs to be redone using an entirely different approach (probaby based on offsets rather than page numbers).
- Create 25 posts with a fresh account
- Give a like reaction to each of those posts created in step 1) with another account
- Move post # 21 that was created in step 1) to a thread which can't be accesed by the user account used for step 1)
- Access route
account/reactionswith the account used for step 1)
Reactions # 25 to # 6 are being shown (eg. including the reaction for post # 21 is being shown, but probably without a link to the inaccessible post) and a button Next to load the remaining reactions (# 5 to # 1 is displayed)
OR
Reactions # 25 to # 5 are being shown (eg. reaction for post # 21 is not being shown) and a button Next to load the remaining reactions (# 4 to # 1) is displayed
Actual Result
Reactions # 25 to #5 are being shown (eg. reaction for post # 21 is not being shown) but no button Next is displayed
Manually accessing page 2 displays reactions # 5 to # 1
So effecively this bug causes users to only be able to view reactions until they hit a "page" that contains at least one inaccessible content - if they do it is not possible to move on to the next page.
The reason for this is that the algorith used in
XF\Pub\Controller\Account::actionReactions doesn't work at all due to accessibility checks.IMHO this needs to be redone using an entirely different approach (probaby based on offsets rather than page numbers).
