nested conditional shortcode causes exception "You must be logged in to view this page"
The below-described bad behavior was not happening in CiviCRM 5.35.2 but does happen after upgrading to 5.47.4. Can someone suggest what might have changed that would cause this?
Setup:
- The custom WordPress theme on this site provides an enclosing-content shortcode
[member_short_code]
which will only display its content if the user is logged in. E.g.[member_short_code]Only logged in users see this[/member_short_code]
. - On a given post, the [member_short_code] shortcode is used, and its contents contain is an instance of
[civicrm component="user-dashboard" hijack="0"]
, with the intention that this page will display the user dashboard only if the user is logged in.
Previous behavior under CiviCRM 5.35.2:
- When viewing the given post, logged-in users see the civiCRM user dashboard; anonymous users see nothing.
New & undesirable behavior under CiviCRM 5.47.4:
- When viewing the given post, logged-in users see the civiCRM user dashboard; anonymous users get a CiviCRM fatal error with the message "You must be logged in to view this page".
Why this fatal error happens under CiviCRM 5.47.4?
- WordPress is processing the contents of the
[member_short_code]
shortcode, even when its contents will not be displayed; I believe that's just how WordPress works, and it's not a problem per se. - When that content includes
[civicrm component="user-dashboard" hijack="0"]
, CiviCRM is testing whether the user has a ContactID, and if not it throws the above-mentioned exception. Reference UserDashBoard.php line 79.
Why this fatal error didn't happen under CiviCRM 5.35.2?
- I don't know. Any ideas?
- Was the civicrm WordPress plugin doing something to catch such exceptions and handle them more elegangly?
- Worth noting, I've compared the civicrm codebase from pre-upgrade backups and github master, and don't see any core hacks that would have accounted for this.
Workaround in CiviCRM 5.47.4:
Naturally this is not ideal, but this changes addresses the problem behavior:
diff --git a/CRM/Contact/Page/View/UserDashBoard.php b/CRM/Contact/Page/View/UserDashBoard.php
index 9cb559bf47..0a1af9751b 100644
--- a/CRM/Contact/Page/View/UserDashBoard.php
+++ b/CRM/Contact/Page/View/UserDashBoard.php
@@ -77,7 +77,7 @@ class CRM_Contact_Page_View_UserDashBoard extends CRM_Core_Page {
*/
public function preProcess() {
if (!$this->_contactId) {
- throw new CRM_Core_Exception(ts('You must be logged in to view this page.'));
+ return '';
}
list($displayName, $contactImage) = CRM_Contact_BAO_Contact::getDisplayAndImage($this->_contactId);
{Joinery internal reference: F#724)