Hi there,
Since the upgrade to 3.7.9 we have been running into nonce errors.
Various browsers, various users etc.
Cleared all possible caches server side, cleared all CDN cache, did testing in browsers which have never ever accessed the website (as in Firefox dev edition, Safari Tech Preview and Chromium)
So I really think this is something that should be looked into.
Hope you can look into this soon, as this is preventing users from commenting all together.
And before you ask, I can not make a mirror / staging of this site. It's way to big for that 😉
Best regards,
Patrick
Ok this seems to be down to an issue I noted a while back already.
If someone changed there default upload dir in Wordpress it will throw a 500 error.
function wpdiscuz_ABSPATH() {
$path = join(DIRECTORY_SEPARATOR, ["wp-content", "plugins", "wpdiscuz", "utils", "ajax"]);
return str_replace($path, "", __DIR__);
}
This is in; wpdiscuz-ajax.php
The wp-content mention here should be gotten dynamically to make sure this can never be an issue.
So yes issue on my end, for customizing things.
But that does not mean leaving it hardcoded to be wp-content is a good option.
Do hope you can look into this in a future release.
Please let us know when you've updated the plugin? Also, let us know if the issue exists for the registered users or guests.
Please let us know when you've updated the plugin? Also, let us know if the issue exists for the registered users or guests.
Hi there, we last updated to 3.7.9.
But as explained the issue is due to the hardcoded option of wp-content in wpdiscuz-ajax.php
if that could be replaced to bee dynamic that would bee wondeful.
Sadly this still remains an issue even on current release.
You should be able to fix it with;
$uploadDir = wp_upload_dir();
$uploadBaseDir = wp_basename( $uploadDir['baseurl'] );
$path = join(DIRECTORY_SEPARATOR, [$uploadBaseDir, "plugins", "wpdiscuz", "utils", "ajax"]);
Can you incorporate this, or give me any way to overrule the function?
Cool when i tried to edit the above ... the time to edit expired 🙁
Above snippet is untested but something down that line should make it dynamically.
The reason why the wp-content should not be hardcoded is because a lot of clients/websites dont tend to use wp-content because of naming conventions, image seo and the like.
I do hope you can look into this. It would be truly appreciated for sure.
We may suggest you enable the "Use WordPress native AJAX functions" option. More info here: https://wpdiscuz.com/docs/wpdiscuz-7/plugin-settings/general-settings/#use-wordpress-native-ajax-functions
@asti so your solution is to use the slow ajax functions of native wordpress?
Sure it would work then, but that defeats the purpose of fixing that which is hardcoded currently. Also it would make the experience worse for endusers. That does not seem like a great solution in my book.
If only you could allow it to be changed / overridden with a hook/filter you would have a great solution.
Only hoping you would consider taking action on this.
Best regards.
