Camper News doesn't show comments unless authenticated #209
Milestone
Comments
|
While trying to fix this I think I've ran into a bigger problem. Which is how the stories/comments are submitted. First, the comments aren't showing up because of a js error. A variable named 'user' is being set containing a json string of the req.user object (which is the reason for #213). When a user isn't logged in they have an empty req.user object and that causes the output to create invalid js code. https://github.com/FreeCodeCamp/freecodecamp/blob/master/controllers/story.js#L151 But once the errors are fixed, depending on how you fix it, you can now post comments without being logged in. The comment submission relies on the 'user' variable to get the username, profile picture, and user id of the author which are all submitted when a comment is. None of it is checked server side. You can can submit comments on the live site right now without being logged in. I haven't tried to fix anything yet since it looks like it might be stories, comments and comment replies that are doing this and with the site being moved to react I don't know if it's worth changing everything when it'll just be changed again soon. |
|
It may be easier than all that. Adding something like |
|
Awesome, looks like that fixes it! |
ghost
closed this as
raisedadead
pushed a commit
that referenced
this issue
Sep 27, 2018
ValeraS
pushed a commit
to ValeraS/freeCodeCamp
that referenced
this issue
Oct 12, 2018
ValeraS
pushed a commit
to ValeraS/freeCodeCamp
that referenced
this issue
Oct 12, 2018
# [3.2.0](freeCodeCamp/curriculum@v3.1.2...v3.2.0) (2018-09-20) ### Bug Fixes * **challenges:** a sentence didn't make sense, so I modified it ([3d77920](freeCodeCamp/curriculum@3d77920)), closes [freeCodeCamp#18046](https://github.com/freeCodeCamp/curriculum/issues/18046) * **challenges:** add missing test to check for for css class ([6e42f53](freeCodeCamp/curriculum@6e42f53)), closes [freeCodeCamp#254](freeCodeCamp/curriculum#254) * **challenges:** add note at bottom of description in d3 challenge ([c60d332](freeCodeCamp/curriculum@c60d332)), closes [freeCodeCamp#17767](https://github.com/freeCodeCamp/curriculum/issues/17767) * **challenges:** add solution, test to project euler problems ([f572324](freeCodeCamp/curriculum@f572324)) * **challenges:** add solutions to first 3 debugging challenges ([c2e5794](freeCodeCamp/curriculum@c2e5794)) * **challenges:** add test to check user is using \W in Regex ([296cf44](freeCodeCamp/curriculum@296cf44)) * **challenges:** add test to lookahead regex challenge ([e044de4](freeCodeCamp/curriculum@e044de4)), closes [freeCodeCamp#209](freeCodeCamp/curriculum#209) * **challenges:** added code tags ([065036b](freeCodeCamp/curriculum@065036b)), closes [freeCodeCamp#18054](https://github.com/freeCodeCamp/curriculum/issues/18054) * **challenges:** added solutions to project euler problems 28, 31 ([5e12499](freeCodeCamp/curriculum@5e12499)) * **challenges:** adding code tags to description ([57d5b55](freeCodeCamp/curriculum@57d5b55)), closes [freeCodeCamp#17911](https://github.com/freeCodeCamp/curriculum/issues/17911) * **challenges:** adding negative integer to challenge to improve tests ([freeCodeCamp#211](freeCodeCamp/curriculum#211)) ([2adc516](freeCodeCamp/curriculum@2adc516)) * **challenges:** allow user to comment out undesired code ([72c2407](freeCodeCamp/curriculum@72c2407)) * **challenges:** challenge description is formatted and concised ([dcd8e45](freeCodeCamp/curriculum@dcd8e45)) * **challenges:** change challengeType to fix help button ([ddcc661](freeCodeCamp/curriculum@ddcc661)) * **challenges:** change definition of complementary colors ([freeCodeCamp#299](freeCodeCamp/curriculum#299)) ([c022dff](freeCodeCamp/curriculum@c022dff)) * **challenges:** check for shorthand character in regex ([freeCodeCamp#238](freeCodeCamp/curriculum#238)) ([0bf8d32](freeCodeCamp/curriculum@0bf8d32)) * **challenges:** commented output was wrong ([3cb972e](freeCodeCamp/curriculum@3cb972e)) * **challenges:** converts delete html test to regex ([d80d98d](freeCodeCamp/curriculum@d80d98d)), closes [freeCodeCamp#251](freeCodeCamp/curriculum#251) * **challenges:** corrected challenge instructions ([159203a](freeCodeCamp/curriculum@159203a)) * **challenges:** fix [freeCodeCamp#17155](https://github.com/freeCodeCamp/curriculum/issues/17155) ([cb21e59](freeCodeCamp/curriculum@cb21e59)) * **challenges:** fix confusing destructuring es6 challenge ([1a4f6a8](freeCodeCamp/curriculum@1a4f6a8)), closes [freeCodeCamp#213](freeCodeCamp/curriculum#213) * **challenges:** fix description in css variable fallback challenge ([bc33a03](freeCodeCamp/curriculum@bc33a03)), closes [freeCodeCamp#17546](freeCodeCamp#17546) * **challenges:** fix flex direction row regex ([25ea07e](freeCodeCamp/curriculum@25ea07e)), closes [freeCodeCamp#260](freeCodeCamp/curriculum#260) * **challenges:** fix grammar and spelling errors ([freeCodeCamp#244](freeCodeCamp/curriculum#244)) ([b0c0b74](freeCodeCamp/curriculum@b0c0b74)) * **challenges:** fix grid-gap shorthand regex ([freeCodeCamp#232](freeCodeCamp/curriculum#232)) ([a49f45e](freeCodeCamp/curriculum@a49f45e)), closes [freeCodeCamp#229](freeCodeCamp/curriculum#229) * **challenges:** fix grid-gap shorthand regex ([freeCodeCamp#237](freeCodeCamp/curriculum#237)) ([b369fa0](freeCodeCamp/curriculum@b369fa0)), closes [freeCodeCamp#229](freeCodeCamp/curriculum#229) * **challenges:** fix regex in a JS challenge ([freeCodeCamp#257](freeCodeCamp/curriculum#257)) ([6058da3](freeCodeCamp/curriculum@6058da3)) * **challenges:** fix typo in wrap-reverse description ([434ea5c](freeCodeCamp/curriculum@434ea5c)) * **challenges:** fixed challenge accepted without any new code ([96b39c1](freeCodeCamp/curriculum@96b39c1)), closes [freeCodeCamp#198](freeCodeCamp/curriculum#198) * **challenges:** fixed esc chars in managing packages with npm lesson ([6335a15](freeCodeCamp/curriculum@6335a15)) * **challenges:** fixed tests to check for pre operators ([ded4705](freeCodeCamp/curriculum@ded4705)), closes [freeCodeCamp#199](freeCodeCamp/curriculum#199) * **challenges:** fixed typo in algorithms and ds ([31957a4](freeCodeCamp/curriculum@31957a4)) * **challenges:** Incorrect html closing tag ([a1464f0](freeCodeCamp/curriculum@a1464f0)) * **challenges:** insufficient objectives for javascript_algorithm/es6/19 ([7707b18](freeCodeCamp/curriculum@7707b18)) * **challenges:** missing space in code example ([c50cc4e](freeCodeCamp/curriculum@c50cc4e)) * **challenges:** remove race condition from react lifecycle challenge ([a20ac56](freeCodeCamp/curriculum@a20ac56)) * **challenges:** removed duplicate css top property ([0a79c58](freeCodeCamp/curriculum@0a79c58)) * **challenges:** rephrased wording in applied visual design ([freeCodeCamp#268](freeCodeCamp/curriculum#268)) ([d560d58](freeCodeCamp/curriculum@d560d58)) * **challenges:** replaced em tags with code tags ([68daaf7](freeCodeCamp/curriculum@68daaf7)), closes [freeCodeCamp#18048](https://github.com/freeCodeCamp/curriculum/issues/18048) * **challenges:** reword test text and improve test accuracy ([f834a98](freeCodeCamp/curriculum@f834a98)) * **challenges:** small edit to correct sematic issues ([322bf80](freeCodeCamp/curriculum@322bf80)) * clickjacking challenge description ([037990c](freeCodeCamp/curriculum@037990c)) * **challenges:** spelling and grammar errors addressed ([8f17adf](freeCodeCamp/curriculum@8f17adf)) * **challenges:** typo ([4f7faba](freeCodeCamp/curriculum@4f7faba)) * **challenges:** update test and add solution for DS challenge ([d1b2075](freeCodeCamp/curriculum@d1b2075)), closes [freeCodeCamp#164](freeCodeCamp/curriculum#164) * **challenges:** Update test to include whitespace ([freeCodeCamp#272](freeCodeCamp/curriculum#272)) ([77689f4](freeCodeCamp/curriculum@77689f4)), closes [freeCodeCamp#271](freeCodeCamp/curriculum#271) * **schema:** change schema and unpack script ([b014b23](freeCodeCamp/curriculum@b014b23)) ### Features * **challenges:** add browser fallback challenge ([b090e8b](freeCodeCamp/curriculum@b090e8b)), closes [freeCodeCamp#17546](freeCodeCamp#17546)
This was referenced Jan 9, 2023
This issue was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
No description provided.
The text was updated successfully, but these errors were encountered: