Fix EZP-22095: eZ Star Rating does not work for anonymous #14
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Quick feedback...
|
| @@ -58,7 +58,10 @@ public static function rate( $args ) | |||
|
|
|||
| // Provide extra session protection on 4.1 (not possible on 4.0) by expecting user | |||
| // to have an existing session (new session = mostlikely a spammer / hacker trying to manipulate rating) | |||
| if ( class_exists( 'eZSession' ) && eZSession::userHasSessionCookie() !== true ) | |||
| if ( class_exists( 'eZSession' ) && | |||
There was a problem hiding this comment.
while on it, class_exists( 'eZSession' ) can be removed
|
seems ok to me but the relation between UseUserSession, AllowAnonymousRating and the Session/ForceStart settings should be clarified because it's unclear to me if all combinations of those can work or not. |
|
@dpobel Regarding sessions :
|
|
+1 |
| @@ -186,7 +188,8 @@ function userHasRated( $returnRatedObject = false ) | |||
| */ | |||
| function store( $fieldFilters = null ) | |||
| { | |||
| if ( $this->attribute( 'user_id' ) == eZUser::currentUserID() ) | |||
| if ( $this->attribute( 'user_id' ) == eZUser::currentUserID() && | |||
| eZINI::instance()->variable( 'eZStarRating', 'UseUserSession' ) === 'enabled' ) | |||
There was a problem hiding this comment.
CS
if (
$this->attribute( 'user_id' ) == eZUser::currentUserID()
&& eZINI::instance()->variable( 'eZStarRating', 'UseUserSession' ) === 'enabled'
)
|
Looks good, besides my comments +1 |
yannickroger
added a commit
that referenced
this pull request
Dec 19, 2013
Fix EZP-22095: eZ Star Rating does not work for anonymous
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Link: https://jira.ez.no/browse/EZP-22095
Description
Since we added an antispam feature in 4.1, using star rating for anonymous user was not working anymore. This patch reintroduce the anonymous rating by using a new setting that bypasses the spam feature (some user might be in a spam free environment such as some intranets). It also makes sure to create sessions only when needed.
Tests
Manual tests