News:

You may pay someone to create your store, or you visit our seminar and become a professional yourself with the silver certification

Main Menu

KlikAndPay doesn't check if it is the payment method on shopper cancel.

Started by WebStuff, March 23, 2016, 18:11:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

WebStuff

March 23, 2016, 18:11:04 PM
Bug in the KlikAndPay payment plugin.
If KlikAndPay plugin has not been used and a shopper cancels their order the plugin tries to search #_virtuemart_payment_plg_klikandpay which doesn't exist. This causes a SQL error page and the order isn't cancelled.

Jörgen

#1
April 04, 2016, 11:28:55 AM
http://forum.virtuemart.net/index.php?topic=79799.0

Do You use the Klikandpay? If not unpublish it.

If it is as You say the, Klikandpay does not have a check for the correct payment id in the start of the function that handles the cancel return call. This bug should then be corrected.

After these lines in the clickandpay cancel
Code Select
function plgVmOnUserPaymentCancel() {

if (!class_exists('VirtueMartModelOrders')) {
require(VMPATH_ADMIN . DS . 'models' . DS . 'orders.php');
}
$order_number = vRequest::getUword('on');
if (!$order_number) {
return FALSE;
}


Something like this should be added after line 293 in klikandpay.php
Code Select
if (empty($order_number) or empty($virtuemart_paymentmethod_id) or !$this->selectedThisByMethodId($virtuemart_paymentmethod_id)) {
return NULL;

Not tested

regards

Jörgen @ Kreativ Fotografi
Joomla 3.9.18
Virtuemart 3.4.x
Olympiantheme Hera (customized)
This reflects current status when viewing old post.

WebStuff

#2
April 05, 2016, 17:47:27 PM
Thanks Jörgen,
I added this to the top of plgVmOnUserPaymentCancel method in klikandpay.php
Code Select
if (!($this->_currentMethod = $this->getVmPluginMethod($order['details']['BT']->virtuemart_paymentmethod_id))) {
return NULL; // Another method was selected, do nothing
}
if (!$this->selectedThisElement($this->_currentMethod->payment_element)) {
return FALSE;
}

I have never used klikandpay and it was not published but it still seemed to be called which was odd.
Perhaps the true error is in the payments backend accessing all plugins even if they are unpublished. :-)

Jörgen

#3
April 06, 2016, 08:33:49 AM
Hello

Nice that You got it working. Have You confirmed that it works as expected?

Are You sure that the plugins are unpublished? If they are, this is very strange and the routing is somehow bypassing the published check. This does not sound good.

regards

Jörgen @ Kreativ Fotografi
Joomla 3.9.18
Virtuemart 3.4.x
Olympiantheme Hera (customized)
This reflects current status when viewing old post.
Print
Go Up Pages1
User actions