martin0w

Please forget the issue. I checked it further…. The culprit turned out to be the following line in UserOnline_Core -> get_title() :

			$page_title = wp_title( '»', false );

You are using the wp_title correctly, but my theme hooked into the wp_title filter in an incorrect way, which caused the said text output.

A bit of further info on this issue.

The problem is not apparent in native WordPress. However, many plugins make use of do_action(‘new_to_publish’) or do_action(‘draft_to_publish’) in order to push new posts to social media etc. These hooks are fired from within wp_insert_post, causing the trouble.

In my case, I use NextScripts: Social Networks Auto-Poster which hooks to new_to_publish action hook to relay the content of the new post to facebook. It then renders the post content whereupon WordPress fires the_content action hook, engaging KK I LIke it in the said manner.

While this is a conflict between different plugins, I believe that you should be checking for valid post id in your function(s), according to this suggestion:

public function getPostVoters($id){

// Hack Martin 2014-02-07:
if ( empty($id) ) {
return 0;
}

… etc.

Correction: not sure if the same bug weren’t present already in the preceing versions of the plugin.

I agree that this is a critical bug that prevails in the current version (1.7) of the plugin. Sadly, it allows a malicious user to “unlike” the counter on someone else’s post down to 0.

Thanks @radiourionline for the hack, which solves the problem.

Since there is no excuse for the rating plugin to err in the math department, this is a serious issue, but fortunately a breeze for the plugin author to fix. I hope this is incorporated ASAP in a forthcoming version of this otherwise brilliant plugin.