Good afternoon,
After updating to Joomla 2.5.16, the added price in the custom fields isn't showing correct anymore.
I have a dropdown custom field for gift wrapping. Before, it showed the choices: 'no giftwrapping' and 'yes, giftwrapping + € 1,50'.
But after the update the choice for 'yes...' shows 'yes, giftwrapping +1'. Besides that, the productprice updates correctly when choosing 'yes...'.
This seems to be a bug. So is using the backup (Joomla 2.5.14) really the best solution for this, as advised in the Dutch forum (http://forum.joomlanl.nl/forum/64-2-5-x-joomla-extensies/42440-afronding-prijs-custom-field)? Or does somebody here have a solution to this? Thanks.
J! 2.5.16 - VM 2.0.24
Could you repost here some additional info from your thread on Dutch forum? I can't reach it from my country area.
Hello Maxim,
There's no additional info, just a link to an example. But perhaps you can't reach that either, so I've made some printscreens.
In img1 there's the original productprice, the tax and the custom field dropdown. Here is chosen for 'no giftwrapping', so no extra costs.
In img2 is chosen for 'yes, giftwrapping'. The additional € 1,50 is added to the productprice, but isn't showing in the custom field dropdown anymore. Instead you just see 'yes +1'.
On the Dutch forum one user reacted saying he uses the same J!- and VM-versions and experienced the same problem. He chose to use the backup instead.
And a bit later one of the moderators said they also just found out that this is occuring and using the backup might be the best solution for now.
[attachment cleanup by admin]
This might give you additional info
http://forum.virtuemart.net/index.php?topic=120119.0
Good morning!
I think I found something. That's to say: it's working, but I don't know if it is safe enough...
After comparing some files of the update-2.5.16-package with the ones in the 2.5.14-version, I noticed that file 'libraries/joomla/methods.php' is quite different. So I replaced the new one with the old one of the 2.5.14-version.
The result: when choosing 'giftwrapping', it now shows again: 'yes, +1,50 €'!
Please, can anyone tell me whether or not it is safe enough to use the 'old' file again? Thanks!
The 2.5.16-version:
<?php
/**
* @package Joomla.Platform
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE
*/
defined('JPATH_PLATFORM') or die;
/**
* Route handling class
*
* @package Joomla.Platform
* @since 11.1
*/
class JRoute
{
/**
* Translates an internal Joomla URL to a humanly readible URL.
*
* @param string $url Absolute or Relative URI to Joomla resource.
* @param boolean $xhtml Replace & by & for XML compilance.
* @param integer $ssl Secure state for the resolved URI.
* 1: Make URI secure using global secure site URI.
* 0: Leave URI in the same secure state as it was passed to the function.
* -1: Make URI unsecure using the global unsecure site URI.
*
* @return The translated humanly readible URL.
*
* @since 11.1
*/
public static function _($url, $xhtml = true, $ssl = null)
{
// Get the router.
$app = JFactory::getApplication();
$router = $app->getRouter();
// Make sure that we have our router
if (!$router)
{
return null;
}
if ((strpos($url, '&') !== 0) && (strpos($url, 'index.php') !== 0))
{
return $url;
}
// Build route.
$uri = $router->build($url);
$url = $uri->toString(array('path', 'query', 'fragment'));
// Replace spaces.
$url = preg_replace('/\s/u', '%20', $url);
/*
* Get the secure/unsecure URLs.
*
* If the first 5 characters of the BASE are 'https', then we are on an ssl connection over
* https and need to set our secure URL to the current request URL, if not, and the scheme is
* 'http', then we need to do a quick string manipulation to switch schemes.
*/
if ((int) $ssl)
{
$uri = JURI::getInstance();
// Get additional parts.
static $prefix;
if (!$prefix)
{
$prefix = $uri->toString(array('host', 'port'));
}
// Determine which scheme we want.
$scheme = ((int) $ssl === 1) ? 'https' : 'http';
// Make sure our URL path begins with a slash.
if (!preg_match('#^/#', $url))
{
$url = '/' . $url;
}
// Build the URL.
$url = $scheme . '://' . $prefix . $url;
}
if ($xhtml)
{
$url = htmlspecialchars($url);
}
return $url;
}
}
/**
* Text handling class.
*
* @package Joomla.Platform
* @subpackage Language
* @since 11.1
*/
class JText
{
/**
* javascript strings
*
* @var array
* @since 11.1
*/
protected static $strings = array();
/**
* Translates a string into the current language.
*
* Examples:
* <script>alert(Joomla.JText._('<?php echo JText::_("JDEFAULT", array("script"=>true));?>'));</script>
* will generate an alert message containing 'Default'
* <?php echo JText::_("JDEFAULT");?> it will generate a 'Default' string
*
* @param string $string The string to translate.
* @param mixed $jsSafe Boolean: Make the result javascript safe.
* @param boolean $interpretBackSlashes To interpret backslashes (\\=\, \n=carriage return, \t=tabulation)
* @param boolean $script To indicate that the string will be push in the javascript language store
*
* @return string The translated string or the key is $script is true
*
* @since 11.1
*/
public static function _($string, $jsSafe = false, $interpretBackSlashes = true, $script = false)
{
$lang = JFactory::getLanguage();
if (is_array($jsSafe))
{
if (array_key_exists('interpretBackSlashes', $jsSafe))
{
$interpretBackSlashes = (boolean) $jsSafe['interpretBackSlashes'];
}
if (array_key_exists('script', $jsSafe))
{
$script = (boolean) $jsSafe['script'];
}
if (array_key_exists('jsSafe', $jsSafe))
{
$jsSafe = (boolean) $jsSafe['jsSafe'];
}
else
{
$jsSafe = false;
}
}
if (!(strpos($string, ',') === false))
{
$test = substr($string, strpos($string, ','));
if (strtoupper($test) === $test)
{
$strs = explode(',', $string);
foreach ($strs as $i => $str)
{
$strs[$i] = $lang->_($str, $jsSafe, $interpretBackSlashes);
if ($script)
{
self::$strings[$str] = $strs[$i];
}
}
$str = array_shift($strs);
$str = preg_replace('/\[\[%([0-9]+):[^\]]*\]\]/', '%\1$s', $str);
$str = vsprintf($str, $strs);
return $str;
}
}
if ($script)
{
self::$strings[$string] = $lang->_($string, $jsSafe, $interpretBackSlashes);
return $string;
}
else
{
return $lang->_($string, $jsSafe, $interpretBackSlashes);
}
}
/**
* Translates a string into the current language.
*
* Examples:
* <?php echo JText::alt("JALL","language");?> it will generate a 'All' string in English but a "Toutes" string in French
* <?php echo JText::alt("JALL","module");?> it will generate a 'All' string in English but a "Tous" string in French
*
* @param string $string The string to translate.
* @param string $alt The alternate option for global string
* @param mixed $jsSafe Boolean: Make the result javascript safe.
* @param boolean $interpretBackSlashes To interpret backslashes (\\=\, \n=carriage return, \t=tabulation)
* @param boolean $script To indicate that the string will be pushed in the javascript language store
*
* @return string The translated string or the key if $script is true
*
* @since 11.1
*/
public static function alt($string, $alt, $jsSafe = false, $interpretBackSlashes = true, $script = false)
{
$lang = JFactory::getLanguage();
if ($lang->hasKey($string . '_' . $alt))
{
return self::_($string . '_' . $alt, $jsSafe, $interpretBackSlashes);
}
else
{
return self::_($string, $jsSafe, $interpretBackSlashes);
}
}
/**
* Like JText::sprintf but tries to pluralise the string.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* The last argument can take an array of options:
*
* array('jsSafe'=>boolean, 'interpretBackSlashes'=>boolean, 'script'=>boolean)
*
* where:
*
* jsSafe is a boolean to generate a javascript safe strings.
* interpretBackSlashes is a boolean to interpret backslashes \\->\, \n->new line, \t->tabulation.
* script is a boolean to indicate that the string will be push in the javascript language store.
*
* Examples:
* <script>alert(Joomla.JText._('<?php echo JText::plural("COM_PLUGINS_N_ITEMS_UNPUBLISHED", 1, array("script"=>true));?>'));</script>
* will generate an alert message containing '1 plugin successfully disabled'
* <?php echo JText::plural("COM_PLUGINS_N_ITEMS_UNPUBLISHED", 1);?> it will generate a '1 plugin successfully disabled' string
*
* @param string $string The format string.
* @param integer $n The number of items
*
* @return string The translated strings or the key if 'script' is true in the array of options
*
* @since 11.1
*/
public static function plural($string, $n)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 1)
{
// Try the key from the language plural potential suffixes
$found = false;
$suffixes = $lang->getPluralSuffixes((int) $n);
array_unshift($suffixes, (int) $n);
foreach ($suffixes as $suffix)
{
$key = $string . '_' . $suffix;
if ($lang->hasKey($key))
{
$found = true;
break;
}
}
if (!$found)
{
// Not found so revert to the original.
$key = $string;
}
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$key, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
if (array_key_exists('script', $args[$count - 1]) && $args[$count - 1]['script'])
{
self::$strings[$key] = call_user_func_array('sprintf', $args);
return $key;
}
}
else
{
$args[0] = $lang->_($key);
}
return call_user_func_array('sprintf', $args);
}
elseif ($count > 0)
{
// Default to the normal sprintf handling.
$args[0] = $lang->_($string);
return call_user_func_array('sprintf', $args);
}
return '';
}
/**
* Passes a string thru a sprintf.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* The last argument can take an array of options:
*
* array('jsSafe'=>boolean, 'interpretBackSlashes'=>boolean, 'script'=>boolean)
*
* where:
*
* jsSafe is a boolean to generate a javascript safe strings.
* interpretBackSlashes is a boolean to interpret backslashes \\->\, \n->new line, \t->tabulation.
* script is a boolean to indicate that the string will be push in the javascript language store.
*
* @param string $string The format string.
*
* @return string The translated strings or the key if 'script' is true in the array of options.
*
* @since 11.1
*/
public static function sprintf($string)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 0)
{
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$string, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
if (array_key_exists('script', $args[$count - 1]) && $args[$count - 1]['script'])
{
self::$strings[$string] = call_user_func_array('sprintf', $args);
return $string;
}
}
else
{
$args[0] = $lang->_($string);
}
$args[0] = preg_replace('/\[\[%([0-9]+):[^\]]*\]\]/', '%\1$s', $args[0]);
return call_user_func_array('sprintf', $args);
}
return '';
}
/**
* Passes a string thru an printf.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* @param format $string The format string.
*
* @return mixed
*
* @since 11.1
*/
public static function printf($string)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 0)
{
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$string, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
}
else
{
$args[0] = $lang->_($string);
}
return call_user_func_array('printf', $args);
}
return '';
}
/**
* Translate a string into the current language and stores it in the JavaScript language store.
*
* @param string $string The JText key.
* @param boolean $jsSafe Ensure the output is JavaScript safe.
* @param boolean $interpretBackSlashes Interpret \t and \n.
*
* @return string
*
* @since 11.1
*/
public static function script($string = null, $jsSafe = false, $interpretBackSlashes = true)
{
if (is_array($jsSafe))
{
if (array_key_exists('interpretBackSlashes', $jsSafe))
{
$interpretBackSlashes = (boolean) $jsSafe['interpretBackSlashes'];
}
if (array_key_exists('jsSafe', $jsSafe))
{
$jsSafe = (boolean) $jsSafe['jsSafe'];
}
else
{
$jsSafe = false;
}
}
// Add the string to the array if not null.
if ($string !== null)
{
// Normalize the key and translate the string.
self::$strings[strtoupper($string)] = JFactory::getLanguage()->_($string, $jsSafe, $interpretBackSlashes);
}
return self::$strings;
}
}
And the 2.5.14-version:
<?php
/**
* @package Joomla.Platform
*
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE
*/
defined('JPATH_PLATFORM') or die;
/**
* Route handling class
*
* @package Joomla.Platform
* @since 11.1
*/
class JRoute
{
/**
* Translates an internal Joomla URL to a humanly readible URL.
*
* @param string $url Absolute or Relative URI to Joomla resource.
* @param boolean $xhtml Replace & by & for XML compilance.
* @param integer $ssl Secure state for the resolved URI.
* 1: Make URI secure using global secure site URI.
* 0: Leave URI in the same secure state as it was passed to the function.
* -1: Make URI unsecure using the global unsecure site URI.
*
* @return The translated humanly readible URL.
*
* @since 11.1
*/
public static function _($url, $xhtml = true, $ssl = null)
{
// Get the router.
$app = JFactory::getApplication();
$router = $app->getRouter();
// Make sure that we have our router
if (!$router)
{
return null;
}
if ((strpos($url, '&') !== 0) && (strpos($url, 'index.php') !== 0))
{
return $url;
}
// Build route.
$uri = $router->build($url);
$url = $uri->toString(array('path', 'query', 'fragment'));
// Replace spaces.
$url = preg_replace('/\s/u', '%20', $url);
/*
* Get the secure/unsecure URLs.
*
* If the first 5 characters of the BASE are 'https', then we are on an ssl connection over
* https and need to set our secure URL to the current request URL, if not, and the scheme is
* 'http', then we need to do a quick string manipulation to switch schemes.
*/
if ((int) $ssl)
{
$uri = JURI::getInstance();
// Get additional parts.
static $prefix;
if (!$prefix)
{
$prefix = $uri->toString(array('host', 'port'));
}
// Determine which scheme we want.
$scheme = ((int) $ssl === 1) ? 'https' : 'http';
// Make sure our URL path begins with a slash.
if (!preg_match('#^/#', $url))
{
$url = '/' . $url;
}
// Build the URL.
$url = $scheme . '://' . $prefix . $url;
}
if ($xhtml)
{
$url = htmlspecialchars($url);
}
return $url;
}
}
/**
* Text handling class.
*
* @package Joomla.Platform
* @subpackage Language
* @since 11.1
*/
class JText
{
/**
* javascript strings
*
* @var array
* @since 11.1
*/
protected static $strings = array();
/**
* Translates a string into the current language.
*
* Examples:
* <script>alert(Joomla.JText._('<?php echo JText::_("JDEFAULT", array("script"=>true));?>'));</script>
* will generate an alert message containing 'Default'
* <?php echo JText::_("JDEFAULT");?> it will generate a 'Default' string
*
* @param string $string The string to translate.
* @param mixed $jsSafe Boolean: Make the result javascript safe.
* @param boolean $interpretBackSlashes To interpret backslashes (\\=\, \n=carriage return, \t=tabulation)
* @param boolean $script To indicate that the string will be push in the javascript language store
*
* @return string The translated string or the key is $script is true
*
* @since 11.1
*/
public static function _($string, $jsSafe = false, $interpretBackSlashes = true, $script = false)
{
$lang = JFactory::getLanguage();
if (is_array($jsSafe))
{
if (array_key_exists('interpretBackSlashes', $jsSafe))
{
$interpretBackSlashes = (boolean) $jsSafe['interpretBackSlashes'];
}
if (array_key_exists('script', $jsSafe))
{
$script = (boolean) $jsSafe['script'];
}
if (array_key_exists('jsSafe', $jsSafe))
{
$jsSafe = (boolean) $jsSafe['jsSafe'];
}
else
{
$jsSafe = false;
}
}
if ($script)
{
self::$strings[$string] = $lang->_($string, $jsSafe, $interpretBackSlashes);
return $string;
}
else
{
return $lang->_($string, $jsSafe, $interpretBackSlashes);
}
}
/**
* Translates a string into the current language.
*
* Examples:
* <?php echo JText::alt("JALL","language");?> it will generate a 'All' string in English but a "Toutes" string in French
* <?php echo JText::alt("JALL","module");?> it will generate a 'All' string in English but a "Tous" string in French
*
* @param string $string The string to translate.
* @param string $alt The alternate option for global string
* @param mixed $jsSafe Boolean: Make the result javascript safe.
* @param boolean $interpretBackSlashes To interpret backslashes (\\=\, \n=carriage return, \t=tabulation)
* @param boolean $script To indicate that the string will be pushed in the javascript language store
*
* @return string The translated string or the key if $script is true
*
* @since 11.1
*/
public static function alt($string, $alt, $jsSafe = false, $interpretBackSlashes = true, $script = false)
{
$lang = JFactory::getLanguage();
if ($lang->hasKey($string . '_' . $alt))
{
return self::_($string . '_' . $alt, $jsSafe, $interpretBackSlashes);
}
else
{
return self::_($string, $jsSafe, $interpretBackSlashes);
}
}
/**
* Like JText::sprintf but tries to pluralise the string.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* The last argument can take an array of options:
*
* array('jsSafe'=>boolean, 'interpretBackSlashes'=>boolean, 'script'=>boolean)
*
* where:
*
* jsSafe is a boolean to generate a javascript safe strings.
* interpretBackSlashes is a boolean to interpret backslashes \\->\, \n->new line, \t->tabulation.
* script is a boolean to indicate that the string will be push in the javascript language store.
*
* Examples:
* <script>alert(Joomla.JText._('<?php echo JText::plural("COM_PLUGINS_N_ITEMS_UNPUBLISHED", 1, array("script"=>true));?>'));</script>
* will generate an alert message containing '1 plugin successfully disabled'
* <?php echo JText::plural("COM_PLUGINS_N_ITEMS_UNPUBLISHED", 1);?> it will generate a '1 plugin successfully disabled' string
*
* @param string $string The format string.
* @param integer $n The number of items
*
* @return string The translated strings or the key if 'script' is true in the array of options
*
* @since 11.1
*/
public static function plural($string, $n)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 1)
{
// Try the key from the language plural potential suffixes
$found = false;
$suffixes = $lang->getPluralSuffixes((int) $n);
array_unshift($suffixes, (int) $n);
foreach ($suffixes as $suffix)
{
$key = $string . '_' . $suffix;
if ($lang->hasKey($key))
{
$found = true;
break;
}
}
if (!$found)
{
// Not found so revert to the original.
$key = $string;
}
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$key, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
if (array_key_exists('script', $args[$count - 1]) && $args[$count - 1]['script'])
{
self::$strings[$key] = call_user_func_array('sprintf', $args);
return $key;
}
}
else
{
$args[0] = $lang->_($key);
}
return call_user_func_array('sprintf', $args);
}
elseif ($count > 0)
{
// Default to the normal sprintf handling.
$args[0] = $lang->_($string);
return call_user_func_array('sprintf', $args);
}
return '';
}
/**
* Passes a string thru a sprintf.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* The last argument can take an array of options:
*
* array('jsSafe'=>boolean, 'interpretBackSlashes'=>boolean, 'script'=>boolean)
*
* where:
*
* jsSafe is a boolean to generate a javascript safe strings.
* interpretBackSlashes is a boolean to interpret backslashes \\->\, \n->new line, \t->tabulation.
* script is a boolean to indicate that the string will be push in the javascript language store.
*
* @param string $string The format string.
*
* @return string The translated strings or the key if 'script' is true in the array of options.
*
* @since 11.1
*/
public static function sprintf($string)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 0)
{
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$string, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
if (array_key_exists('script', $args[$count - 1]) && $args[$count - 1]['script'])
{
self::$strings[$string] = call_user_func_array('sprintf', $args);
return $string;
}
}
else
{
$args[0] = $lang->_($string);
}
return call_user_func_array('sprintf', $args);
}
return '';
}
/**
* Passes a string thru an printf.
*
* Note that this method can take a mixed number of arguments as for the sprintf function.
*
* @param format $string The format string.
*
* @return mixed
*
* @since 11.1
*/
public static function printf($string)
{
$lang = JFactory::getLanguage();
$args = func_get_args();
$count = count($args);
if ($count > 0)
{
if (is_array($args[$count - 1]))
{
$args[0] = $lang->_(
$string, array_key_exists('jsSafe', $args[$count - 1]) ? $args[$count - 1]['jsSafe'] : false,
array_key_exists('interpretBackSlashes', $args[$count - 1]) ? $args[$count - 1]['interpretBackSlashes'] : true
);
}
else
{
$args[0] = $lang->_($string);
}
return call_user_func_array('printf', $args);
}
return '';
}
/**
* Translate a string into the current language and stores it in the JavaScript language store.
*
* @param string $string The JText key.
* @param boolean $jsSafe Ensure the output is JavaScript safe.
* @param boolean $interpretBackSlashes Interpret \t and \n.
*
* @return string
*
* @since 11.1
*/
public static function script($string = null, $jsSafe = false, $interpretBackSlashes = true)
{
if (is_array($jsSafe))
{
if (array_key_exists('interpretBackSlashes', $jsSafe))
{
$interpretBackSlashes = (boolean) $jsSafe['interpretBackSlashes'];
}
if (array_key_exists('jsSafe', $jsSafe))
{
$jsSafe = (boolean) $jsSafe['jsSafe'];
}
else
{
$jsSafe = false;
}
}
// Add the string to the array if not null.
if ($string !== null)
{
// Normalize the key and translate the string.
self::$strings[strtoupper($string)] = JFactory::getLanguage()->_($string, $jsSafe, $interpretBackSlashes);
}
return self::$strings;
}
}
It is not rounding price, just cutting off all after a comma in displayed text for HTML select option, value is unaffected. It can better sanitizing data against javascript exploits. It has nothing to do with PHP version.
Unfortunatelly, it is a problem, which we now must to resolve without hacking.
One quick possible solution is to change currency decimal delimiter to point (dot).
Or, if you want to use a comma in your currency, do a little change in administrator/components/com_virtuemart/models/customfields.php around line 898:
from: $productCustom->text = $productCustom->custom_value . ' ' . $price;
to: $productCustom->text = JText::_($productCustom->custom_value) . ' ' . str_replace(",", ",", $price);
It is better to let core Joomla files as they are.
I have the same problem.
My delimiter is point.
It is a bug
We need quick new version with this bug fix
Quote from: servlet on November 09, 2013, 16:53:14 PM
I have the same problem.
My delimiter is point.
It is a bug
We need quick new version with this bug fix
It is not possible, because added core sanitizing is affecting only comma mark, other is untouched. Try to find your current currency in virtuemart and change its decimal to radix point.
I tried both of my fix methods, and all is working.
I do it. It works. But it needs to be changet for all VM users? how? with new version.
Let we think for all. Somebody maybe doesnt know....
Thanks for your idea. I fixed my shops.
Quote from: jurajvt on November 09, 2013, 17:06:30 PM
It is not possible, because added core sanitizing is affecting only comma mark, other is untouched. Try to find your current currency in virtuemart and change its decimal to radix point.
Why do you think this, which code do you mean?
I cannot reproduce this error. I have now latest joomla version and 2.0.24a and php 5.4.7
Where do I download 2.0.24a? Latest version on downloads is 2.0.24. I have now another site where my customer added some special fields himself. Even stranger behaviour. When I looked at the site yesterday I saw all prices with decimals. Decided to change one price and that one is now showing without decimals. Copied site to my own localhost environment (PHP 5.4.17), exactly the same as on live environment (PHP 5.3.10).
[attachment cleanup by admin]
I think I know now why. I big problems is also the precision. The new version sets the precision to 15. Please try
ini_set('precision', 15);
Quote from: Milbo on November 11, 2013, 11:18:18 AM
Quote from: jurajvt on November 09, 2013, 17:06:30 PM
It is not possible, because added core sanitizing is affecting only comma mark, other is untouched. Try to find your current currency in virtuemart and change its decimal to radix point.
Why do you think this, which code do you mean?
I cannot reproduce this error. I have now latest joomla version and 2.0.24a and php 5.4.7
method.php, which you can see in code above... There is a new condition in JText::_ added to search comma in input...
if (!(strpos($string, ',') === false))
{
$test = substr($string, strpos($string, ','));
if (strtoupper($test) === $test)
{
$strs = explode(',', $string);
foreach ($strs as $i => $str)
{
$strs[$i] = $lang->_($str, $jsSafe, $interpretBackSlashes);
if ($script)
{
self::$strings[$str] = $strs[$i];
}
}
$str = array_shift($strs);
$str = preg_replace('/\[\[%([0-9]+):[^\]]*\]\]/', '%\1$s', $str);
$str = vsprintf($str, $strs);
return $str;
}
}
Looks like the sanitize there something, but that means you cannot have a Comma, or a description with more than one Comma in it. Seems to be some security thing. But in fact, it is wrong to sanitize this kinds of values. It must be prevented that this function is called wrong.
It seems there must not be any digits at the end. If you have a "," in your string it is seperated in segments. If any of the segments is in upper case the same as in lower case, it maybe removed. Solution? add some char to the segment which is pure numbers, haha.
I sanitized comma to HTML entity , in my quick fix above... But, it doesn't resolve the security problem, I think.
So the conditions that it happens are quite clear now.
If there is a currency, which is ending at the value and not the currency sign and it is using Comma, then you get this problem. Solution is maybe to use instead of the comma, this
, ;
yehe remove the space between 44 and ; , but the forum is replacing it directly
Quote from: jurajvt on November 11, 2013, 15:18:28 PM
I sanitized comma to HTML entity , in my quick fix above... But, it doesn't resolve the security problem, I think.
This is the right method. We could now always for all calls using JText::_ or the dropdown list use this replacement.
But I just think the solution of joomla is wrong.
I think, that it is Joomla core fast fix, which will be replaced in new version. It is first time, when some minor change break logic of framework...
If you are interesting in JS XSS vulnerability, try this test http://escape.alf.nu/
if (!(strpos($string, ',') === false))
{
$test = substr($string, strpos($string, ','));
if (strtoupper($test) === $test)
{
$strs = explode(',', $string);
foreach ($strs as $i => $str)
This means look in the String for a Comma. For example we have "16x digitaal + €100,00"
if there is a comma cut the part after this comma into a new string => we get "00".
Then it is checked if "00" is equal if we create an upper case out of it "00" => "00"
If yes, then start to filter all segments. So it filters ""16x digitaal + €100" and "00". The 00 is assumingly filtered as octal.
Finally seems like one of the Joomla developers has a different opinion:
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_id=8103&tracker_item_id=32612
I updated the tracker on joomlacode http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_id=8103&tracker_item_id=32612
LOL, can anyone tell me why we need this?
http://joomlacode.org/gf/project/joomla/tracker/?action=TrackerItemEdit&tracker_item_id=31587
A feature added into a core feature having side effects. A very, very old core feature. I know, we have this also sometimes. But ... why changing this behaviour?
Quote from: vanWesten
Instead of doing:
SOME_STRING="Hello %s, Welcome to %s. You can log in with %s (%s)"
You can now do:
SOME_STRING="Hello [[%1:name]], Welcome to [[%2:sitename]]. You can log in with [[%3:username]] ([[%4:password]])"
I am interested how it impacts speed and memory use.
8) You're right. I think there are more important things to develop! Makes it a little bit easier to see what's the meaning of the %s in the language strings, but if this breaks other important extensions.......................................... :'(
To be clear and to help you search for a good solution, here are my screenshots.
Right after the update to Joomla 2.5.16:
(img1) and (img2)
The costs of the wrapping (€ 1,50) were added to the productprice, but weren't showing in the custom field dropdowns.
After the update and replacing the decimal sign from comma to point (dot):
(img3)
I don't know if it helps, but yes: I have the €-sign behind the amount. And there's also a space between the amount and the currency-sign, as was before.
[attachment cleanup by admin]
I have the same problem.
Virtuemart 2.0.24 and Joomla 2.5.16
I need to add eco tax for a French webshop but € 0,12 is rounded to € 0.
To be shure i tested it with € 0,90 and this is rounded to € 1
Really looks like this problem is a bug in Virtuemart.
postkat if you revert to J2.0.14 you will see the problem no more........
VM2.0.24a will have a "fix" for the change in Joomla code.
@ Postkat: you can keep the update, but be sure to use a point/dot as decimal-sign in VM, instead of a comma.
@ Jenkinhill: where can we find the 2.0.24a, or when can we expect this version?
In SVN or wait a few hours for the release.
Thanks! I'll look into it in the morning. :)
Maybe a delay as I think I have found another bug.....
Quote from: postkat on November 13, 2013, 22:44:59 PM
I have the same problem.
Virtuemart 2.0.24 and Joomla 2.5.16
I need to add eco tax for a French webshop but € 0,12 is rounded to € 0.
To be shure i tested it with € 0,90 and this is rounded to € 1
Really looks like this problem is a bug in Virtuemart.
Please, read this thread more carefully. It is not rounding problem, but just cutted description, values are not affected. Check your custom rounding in configuration of Virtuemart, there must be your problem.
Quote from: jurajvt on November 14, 2013, 00:07:24 AM
Quote from: postkat on November 13, 2013, 22:44:59 PM
I have the same problem.
Virtuemart 2.0.24 and Joomla 2.5.16
I need to add eco tax for a French webshop but € 0,12 is rounded to € 0.
To be shure i tested it with € 0,90 and this is rounded to € 1
Really looks like this problem is a bug in Virtuemart.
Please, read this thread more carefully. It is not rounding problem, but just cutted description, values are not affected. Check your custom rounding in configuration of Virtuemart, there must be your problem.
If it is not a rounding problem then why is 90 cents converted to 1 euro? And only in the custom fields not the product prices.
Maybe you have rounding problem somewhere. But in this case - in this thread we have solved other problem, which is caused by sanitizing code added in core method.
If you had reverted back to 2.5.14, or you had tried to do clean installation, problem is still same?
I have not tried if it is this value, but you can check rounding digits on Baseprice modificator in Virtuemart/Configuration/Pricing
Quote from: jenkinhill on November 13, 2013, 23:20:27 PM
In SVN or wait a few hours for the release.
Where is this SVN?
http://docs.virtuemart.net/tutorials/34-development/100-svn-download.html
2.0.24a is available for download from http://dev.virtuemart.net/projects/virtuemart/files
Well, in my shop the problem isn't solved. I am using stockable variants with options like Size 6,5 and Size 7,5 but virtuemart is still showing 6 and 7. What do I have to do to solve this?
No fix in 24b. Isn't there any one else with the same problem? Can't use , in the custom fields after updating to joomla 2.5.16 and the latest version of Virtuemart. Could some one tell me where to look to solve this? Can't select the right sizes of my gloves at this moment.
It's not exactly the problem mentionned, but I unfortunately can confirm this. Did a quick test by adding those fields in a Joomla 2.5.16 / VM 2.0.24b and no comma's. Replaced methods.php with the one from 2.5.14 and comma's where there.
Difference is that with this one it also affects backend view.
So yes, it is related to methods.php I suppose.
Thank you for confirming the problem. Hope there will be a fix soon.
Check 2.0.22c
What do you mean by that? Downgrade? No use as methods.php from Joomla 2.5.16 is causing this! Only temporary solution is to use methods.php from Joomla 2.5.14.
Quote from: Margriet on November 24, 2013, 17:17:27 PM
What do you mean by that? Downgrade? No use as methods.php from Joomla 2.5.16 is causing this! Only temporary solution is to use methods.php from Joomla 2.5.14.
I think, that it was typo. He meant 2.0.24c - newest version...
Think so, but no change unfortunately.
[attachment cleanup by admin]
Quote from: Margriet on November 24, 2013, 17:46:09 PM
Think so, but no change unfortunately.
I have not tested this problem in newest versions, I am only checking accepting of this one problem http://forum.virtuemart.net/index.php?topic=120203.0
New VM versions have their own class vmText which is replacing Joomla JText (methods.php) and their own method _ in this class, which is replacing JText::_ method used in custom fields output. So here cannot be problem.
I can try it for you, but please, help me too, look on my problem described in link above, if I am right...
I have tested it right now on clean installation and all is working with comma in custom fields.
Have you tried it? Do you have some mods in your code?
PHP 5.3.10 on Ubuntu, Joomla 2.5.16, Virtuemart 2.0.24b.
[attachment cleanup by admin]
Oh, maybe I know, where is your problem... What type of custom field are you using? Did you installed also new version of Virtuemart AIO?
I don't need a solution for myself. Just trying to test GuidoS's problem. But will try to have a look at your currency problem.
Price issue was solved by Milbo last week or so. But problem as mentionned by GuidoS still exists.
Quote from: Margriet on November 24, 2013, 18:59:22 PM
Price issue was solved by Milbo last week or so. But problem as mentionned by GuidoS still exists.
Yes, I know. I am still running on my fix, somewhere on the beginning of this thread, because I have a lot of other modifications in VM code.
I understand problem now, because it is appearing in cart variant value, not price, as I meant before. I am looking on it.
Quote from: Margriet on November 24, 2013, 18:55:00 PM
I don't need a solution for myself. Just trying to test GuidoS's problem. But will try to have a look at your currency problem.
In case that you are using cart variant, you can try following fix:
Replace JText::_ method in
administrator/components/com_virtuemart/models/customfields.php around line 885
Instead of
$productCustom->text = JText::_($productCustom->custom_value) . ' ' . $price;you can use
$productCustom->text = vmText::_($productCustom->custom_value) . ' ' . $price;Or you can simply replace all occurences of JText::_ with vmText::_ in that file to see if it helps you.
I am not using stockable variants, so if little change described above doesn't help you, you can try to replace same method occurences in
administrator/components/com_virtuemart/plugins/vmcustom/stockable/stockable.php
Changed JText to vmText in the file stockable.php in the directory "plugins/vmcustom/stockable/" at line 284 and now everything is showing fine:)
$option[] = JHTML::_('select.option', $val, jText::_( $val ));
to
$option[] = JHTML::_('select.option', $val, vmText::_( $val ));
Thank you all for your help. Hope this could be fixed in the next release.