Author Topic: Possible bug: Table "_virtuemart_order_histories"  (Read 1378 times)

Studio 42

  • Contributing Developer
  • Sr. Member
  • *
  • Posts: 3765
  • Joomla & Virtuemart developper
    • Studio 42 - Virtuemart & Joomla extentions
  • VirtueMart Version: 2.6 & 3
Re: Possible bug: Table "_virtuemart_order_histories"
« Reply #15 on: August 02, 2018, 20:04:25 pm »
Really max, why you dont check to find a better solution?
I dont think that escaping all special char is needed, else Joomla and wordpress had more vulnerability about this.
If you save JSON, this need only to escape the double quotes too.
Your solution have many drawback, eg if you need to compare or search an encoded string.

GJC Web Design

  • 3rd party VirtueMart Developer
  • Super Hero
  • *
  • Posts: 8873
  • Virtuemart, Joomla & php developer
    • GJC Web Design
  • VirtueMart Version: 2.6.22 & 3.2.14
Re: Possible bug: Table "_virtuemart_order_histories"
« Reply #16 on: August 02, 2018, 21:58:09 pm »
yes..  but replace the "comments"

next tr up

the customer_note is only if the shopper left an original comment -- the code below is the last comment left by the admin when changing the status etc

echo vmText::sprintf('COM_VIRTUEMART_MAIL_SHOPPER_QUESTION',nl2br(htmlspecialchars_decode($this->orderDetails['history'][$nb-1]->comments, ENT_COMPAT)));
GJC Web Design
VirtueMart and Joomla Developers - php developers http://www.gjcwebdesign.com
VM3 AusPost Shipping Plugin - e-go Shipping Plugin - VM3 Postcode Shipping Plugin - Radius Shipping Plugin - VM3 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
http://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation

EsSa55

  • Jr. Member
  • **
  • Posts: 53
    • 4FootyFans & 4MovieTVmusicFans
  • Skype Name: talk2-4footyfans
  • VirtueMart Version: Live: 3.4.2
Re: Possible bug: Table "_virtuemart_order_histories"
« Reply #17 on: August 02, 2018, 22:26:12 pm »
So,

<?php $nb=count($this->orderDetails['history']);
if($this->orderDetails['history'][$nb-1]->customer_notified && !(empty($this->orderDetails['history'][$nb-1]->comments))) { ?>
<tr>
<td width="580" colspan="3" style="border: 1px solid #CCCCCC;">
<?php echo vmText::sprintf('COM_VIRTUEMART_MAIL_SHOPPER_QUESTION',nl2br(htmlspecialchars_decode($this->orderDetails['history'][$nb-1]->comments, ENT_COMPAT))); ?>
</td>
</tr>
<?php } ?>
<?php if(!empty($this->orderDetails['details']['BT']->customer_note)){ ?>
<tr>
<td width="580" colspan="3" style="border: 1px solid #CCCCCC;">
<?php echo vmText::sprintf('COM_VIRTUEMART_MAIL_SHOPPER_QUESTION',nl2br($this->orderDetails['details']['BT']->customer_note)) ?>
</td>
</tr>

ES-> ?

dstockman

  • Beginner
  • *
  • Posts: 6
    • dstockman.com
Re: Possible bug: Table "_virtuemart_order_histories"
« Reply #18 on: February 28, 2019, 21:55:27 pm »
I know this is a bit out of date but I had the same problem on a client site when suddenly their html customer email messages that came from Status Updates in an Order weren't rendering and just came out as flat text, no line breaks or anything. Unfortunately the htmlspecialchars_decode fix did not work and I wound up using html_entity_decode for this.

<?php echo html_entity_decode($this->orderDetails['history'][$nb-1]->comments); ?>

I would not recommend that for customer comments but in my case this is only for the Admin order updates to customers that my client just copy/pastes in with shipping link/info. Also since this isn't the customer comments the earlier replies did not really use the right language constant. I am not sure what it should be since I just used the bare echo here.

GJC Web Design

  • 3rd party VirtueMart Developer
  • Super Hero
  • *
  • Posts: 8873
  • Virtuemart, Joomla & php developer
    • GJC Web Design
  • VirtueMart Version: 2.6.22 & 3.2.14
Re: Possible bug: Table "_virtuemart_order_histories"
« Reply #19 on: March 01, 2019, 16:04:56 pm »
hi Eddie

yes

use

<?php echo vmText::sprintf('COM_VIRTUEMART_MAIL_SHOPPER_QUESTION',nl2br(htmlspecialchars_decode($this->orderDetails['history'][$nb-1]->comments, ENT_COMPAT))); ?>
GJC Web Design
VirtueMart and Joomla Developers - php developers http://www.gjcwebdesign.com
VM3 AusPost Shipping Plugin - e-go Shipping Plugin - VM3 Postcode Shipping Plugin - Radius Shipping Plugin - VM3 NZ Post Shipping Plugin - AusPost Estimator
Samport Payment Plugin - EcomMerchant Payment Plugin - ccBill payment Plugin
VM2 Product Lock Extension - VM2 Preconfig Adresses Extension - TaxCloud USA Taxes Plugin - Virtuemart  Product Review Component
http://extensions.joomla.org/profile/profile/details/67210
Contact for any VirtueMart or Joomla development & customisation