VirtueMart Forum

in

Quoteadministrator/index.php?option=com_virtuemart&view=orders

I have canceled orders in the list and I want to delete them.
After I try to delete, I get a error message: "An invoice has been issue, you are not allowed to delete this order QWERTY"
How to solve this problem?

At present, after a (pdf) invoice has been generated, you can't delete the order from the VirtueMart administration anymore in VM 3.2.14+. This was recently implemented due to a new french law, but probably isn't the final solution to comply with that law yet. You should be able to delete the invoice in the xxxxx_virtuemart_invoices table with for example phpmyadmin and afterwards delete the order from the VM orders view.

Accidental order deletion and invoice removal has been a problem for some time.  It is not just an issue with French businesses.

If VirtueMart is producing invoices (it does not have to) then records of these invoices should be maintained.

The changes in the latest release help to prevent the removal of records that have resulted in an invoice being produced through normal administrator operations.

This will help maintain a sequential record of invoice data which is a legal requirement in many countries.

This is understandable but this solution is troublesome. it would be useful to have a temporary option for administrator for testing - similar to the sandbox option in paypal. :-)
I removed tested orders from the database using the older version of Virtuemart [3.2.12]

I see the legal requirement, and I had this trouble with other shop software as well. The "solution" is really useless, though - if anyone actually wants to mess with the data, he can easily do that in the database. No fraud protection here. You'd need a blockchain for that, or similar. Maybe every transaction transferred directly to a state controlled safe location. Not that I propose this, just thoughts.

QuoteThe "solution" is really useless, though - if anyone actually wants to mess with the data, he can easily do that in the database. No fraud protection here.

This is designed for the average user who does not want to commit fraud - if you want to - you will find a way.

You could just delete the whole database and yes be done with it, in the same way that you could destroy paper invoices or delete all your other accounting records by formatting your hard disk.

So it's just to protect users from accidental deletion, right? Then why not just have an extra warning, "Are you sure you want to delete this???"

It is also to prevent malicious deletion by a member of staff with admin access.

QuoteSo it's just to protect users from accidental deletion, right?

No - that is not what I said.

The average user will not know how to manipulate a database

QuoteThen why not just have an extra warning, "Are you sure you want to delete this???

Because that will still allow deletion and that is not what the developers wanted to achieve.

I understand, but we did not use this to issue the bill. Anyone who is doing this is the solution here:
administrator / components / com_virtuemart / models / order.php

Search this line(2268-2271. line):

if ($invoice) {
$removedOrderMsgs [$order['details']['BT']->order_number]= 'COM_VIRTUEMART_ORDER_NOT_ALLOWED_TO_DELETE';
continue;
}


Replace:

/*if ($invoice) {
$removedOrderMsgs [$order['details']['BT']->order_number]= 'COM_VIRTUEMART_ORDER_NOT_ALLOWED_TO_DELETE';
continue;
}*/


Sorry my bad english!

Why are you suggestion changing code??

QuoteI understand, but we did not use this to issue the bill. Anyone who is doing this is the solution here:
administrator / components / com_virtuemart / models / order.php

There has been some misunderstanding somewhere along the way.

Just configure the system correctly - so that it does not think it is "issuing invoices"

"but we did not use this to issue the bill. "

If you do not issue invoices from VM you can delete the orders.

Ensure that NO order status is set to generate an invoice

Then you can delete whatever you want.

admin/configuration/order statuses

Create Invoice - set to No

@AH
The restriction is not the only problem, Virtuemart is bugged because task value is set 2 times !
I'm wondered that all other function work in this form ?
Here why
<?php echo $this->addStandardHiddenToForm (); ?>
<input type="hidden" name="task" value="<?php echo vRequest::getCmd('task'); ?>">
addStandardHiddenToForm already add the task and the second line add the task a second time
Bug found in  3.2.14, but i dont checked if this is the case for other release.

@studio42 

Cannot see this in 3.2.15

Things seem to be working fine.

this is another stupid solution in VM. its owners eshop. he could have right to delete everything he wants.. who cares about some french laws..? if i remove .pdf invoices in folder, whats the point i cant delete this orders records? if you want to protect accidentally removing you could restrict this to only superuser for example and add warning too. but this is just stupid that we have to go to database or change the code to remove useless orders records...

Quotewho cares about some french laws..?

This is not a French law specific function - many regions require that you do not "remove data" from invoiced orders/transactions.

Some people like this new solution, some do not, you are able to change whatever you need to meet your specific requirements.  Old "useless" order records - for some users are potentially "useful", it just depends on your particular situation.

Most single user solutions end up have only one user - which is the super user - thus rendering redundant any solution to prevent accidental deletion by all but the super user.

VM is a FREE open source e-commerce solution which meant that if you require it to have the ability to delete orders that have had an invoice - then you can modify the code accordingly.

and as I assume your old testing orders are just that .. tests .. then u only have to dump them once to clean in up .. surely not a huge effort?

If u don't want this to happen with your tests simply disable any invoice creation (pdf) while testing .. then you can delete the orders from the admin

"Ensure that NO order status is set to generate an invoice" and how exactly is this done please?  When I go into the order status I want to change, I see the Order status Configuration parameters but do not see how to change them.

Configuration->emails

Jörgen @ Kreativ Fotografi

Please learn and investigate the software as you would have to do with any other software....

Quote from: Studio 42 on September 10, 2018, 16:59:08 PM
@AH
The restriction is not the only problem, Virtuemart is bugged because task value is set 2 times !
I'm wondered that all other function work in this form ?
Here why

Code Select Expand

<?php echo $this->addStandardHiddenToForm (); ?>
<input type="hidden" name="task" value="<?php echo vRequest::getCmd('task'); ?>">
addStandardHiddenToForm already add the task and the second line add the task a second time
Bug found in  3.2.14, but i dont checked if this is the case for other release.

Thank you, yes I fixed that. It worked, because the task is set by js. So I just removed it to make it cleaner.

Yes but European Law is above French! In GDPR you must  not keep personal data for longer than you need it. You should also periodically review the data you hold, and erase or anonymise it when you no longer need it

QuoteIn GDPR you must  not keep personal data for longer than you need it. You should also periodically review the data you hold, and erase or anonymise it when you no longer need it

Many store owners achieve this via manual database updates and file handling processes - which gives the flexibility to achieve exactly what the business needs.  Anonymising data is always necessary in order to create testbeds with "real data".

Maybe you would support the development of a "plugin or component to achieve this need"

Users, Orders, Invoices  should be considered as separate elements each with a retention period aligned to the business need

With the ability to anonymise specified fields. If anonymise is not possible (thinking of stored PDFS) then removal of the file.

Process would be manually invoked via admin - with relevant Access control to said functions - maybe separated by data type

Quote from: Capogr on April 10, 2019, 10:51:09 AM
Yes but European Law is above French! In GDPR you must  not keep personal data for longer than you need it. You should also periodically review the data you hold, and erase or anonymise it when you no longer need it

Personal datas and business datas is not same.
You can remove anything but not invoices, i think that the law is same for all countries in EU ?

Quote from: Moskito on June 18, 2018, 11:14:13 AM
I understand, but we did not use this to issue the bill. Anyone who is doing this is the solution here:
administrator / components / com_virtuemart / models / order.php

Search this line(2268-2271. line):

Code Select Expand


if ($invoice) {
$removedOrderMsgs [$order['details']['BT']->order_number]= 'COM_VIRTUEMART_ORDER_NOT_ALLOWED_TO_DELETE';
continue;
}


Replace:

Code Select Expand


/*if ($invoice) {
$removedOrderMsgs [$order['details']['BT']->order_number]= 'COM_VIRTUEMART_ORDER_NOT_ALLOWED_TO_DELETE';
continue;
}*/


Sorry my bad english!

usefull to remove test transactions; which are obligatory when using a shop in something else then english. 

Quote from: Capogr on April 10, 2019, 10:51:09 AM
Yes but European Law is above French! In GDPR you must  not keep personal data for longer than you need it. You should also periodically review the data you hold, and erase or anonymise it when you no longer need it

but why they have to deal with EU GDPRs when there is a FRENCH LAW :D::D
and than they said, you sould mantain users data manualy in database or develop your own component to delete orders wich they can do with on line of code? :D:D:D
niceeeeeee :D