template override / alternative layout seen as task

  • Posts: 290
  • Thank you received: 22
1 year 5 months ago #352527

-- HikaShop version -- : 4.7.3
-- Joomla version -- : 4.3.2
-- PHP version -- : 8.1

Hi,

We are building an alternative layout for making the display of the prices easier en are facing an issue that we don't understand.

For some reasons, we have not yet figured out, our override is seen and used as a task (listing-custom).
So now when we assign our override and go to this menu it gives us an "Access forbidden" message.
Although this is the name of the override.xml (listing-custom.xml) we cannot understand why this is used as task and authorised as such.

Maybe you know why this is and what we need to change to make it work?

Thanks in advance for any tips.

Last edit: 1 year 4 months ago by nico.van.leeuwen. Reason: solved

Please Log in or Create an account to join the conversation.

  • Posts: 82863
  • Thank you received: 13372
  • MODERATOR
1 year 5 months ago #352530

Hi,

I'm sorry but I don't understand what you did nor what is the problem. So it will be hard to tell you anything useful for now.

From what I understand, a view override is for a php file. So I don't understand why you're talking about a xml file.
The "access forbidden" message is usually displayed when you try to access a task which doesn't exist. But a task is not linked to view overrides, so again, I don't understand what's going on.
Please provide more context.

Please Log in or Create an account to join the conversation.

  • Posts: 29
  • Thank you received: 2
1 year 5 months ago #352539

Hi Nicolas,

Let me try to assist Nico.

From what I understand, a view override is for a php file. So I don't understand why you're talking about a xml file.


You are partially right. Usually a template override is just a PHP file. However, with an Alternative Layout an XML file comes into play. A PHP file isn't even required then. The XML file makes it possible to modify behaviour of the view and adds an additional menu item type for creation of menu items. In our case we wanted some extra settings for the "Categories listing" view. So we created an Alternative Layout with an XML file named listing-custom.xml (.../templates/yootheme/html/com_hikashop/category/listing-custom.xml).

In my development environment this worked flawlessly. That site was a quite recent backup of Nico's installation. Apparently Nico changed something since that backup which now causes an access denied error. The link of the menu item causing the error looks like this: index.php?option=com_hikashop&view=category&layout=yootheme:listing-custom. As you can see, Nico uses YOOtheme and you can also recognize the name of the override's XML file. For reasons I am not aware of, the layout name is used by HikaShop as a task name and the task name is verified against an array with a limited set of names: list, show, cancel (.../administrator/components/com_hikashop/helpers/helper.php, line 2431). Obviously this fails, resulting in the access denied error.

Is this enough information for you to help us solve the problem?

Please Log in or Create an account to join the conversation.

  • Posts: 82863
  • Thank you received: 13372
  • MODERATOR
1 year 5 months ago #352541

Hi,

So Joomla uses the MVC design pattern.
Before reaching a view, when a URL is requested, it will first be processed by a controller.
A controller can have several tasks whihc can be called and then the task will usually process something and then display something with a layout in the corresponding view.
The "view" parameter in the URL is actually the controller / view name, and the "layout" parameter is the task / layout
The controller will verify that the task / layout being called is valid. This is to ensure that someone doesn't access a function he is not supposed to in the controller.
For example in the product controller you can find the function getAjaxCartData which outputs the content of the cart in a json. This is called by the "updatecart" function / task to send the response from an add to cart request made in AJAX. We don't want that getAjaxCartData function to be called directly, as it might output errors which we didn't plan for. So that's why we're checking the layout parameter against the available tasks we implemented.

So based on what I described above and what you said, it is normal you get that "access forbidden" error as HikaShop considers you're trying to use something we didn't plan for. I'm actually surprised you didn't get the same issue on your development environment.
I'm actually not familiar with the capability of creating XML overrides. Could you provide the necessary files and instructions to implement what you did on a test website so that I can reproduce the issue and better understand the situation code-wise ?

Please Log in or Create an account to join the conversation.

  • Posts: 290
  • Thank you received: 22
1 year 5 months ago #352546

Hi Nicolas, I just send an email with the files and some instructions.

Please Log in or Create an account to join the conversation.

  • Posts: 82863
  • Thank you received: 13372
  • MODERATOR
1 year 5 months ago #352550

Hi,

Thanks. I see what it is. I was able to reproduce the problem on my end. From what I could analyze @pjdevries should also have the same issue in his development environment unless he modified the main helper file of HikaShop to disable the layout name check.
I've made several modifications in HikaShop to be able to support that, and I have a working solution on my end. We'll include these in the next version of HikaShop, which is to be released next week.

Please Log in or Create an account to join the conversation.

  • Posts: 290
  • Thank you received: 22
1 year 4 months ago #352813

Hi Nicolas,

Thank you, the update solved our issue.

The following user(s) said Thank You: nicolas

Please Log in or Create an account to join the conversation.

Time to create page: 0.075 seconds
Powered by Kunena Forum