User can see orders from other users.

  • Posts: 45
  • Thank you received: 0
13 years 1 month ago #32106

In the control panel if you enter in the filter field some simple value (eg "1"), the user sees orders from other users.
(you can see in the demo www.demo.hikashop.com/index.php?option=c...er&Itemid=96&lang=en )
How can I fix this?
So that users can see only their orders!

Last edit: 13 years 1 month ago by slydog.

Please Log in or Create an account to join the conversation.

  • Posts: 83103
  • Thank you received: 13413
  • MODERATOR
13 years 1 month ago #32140

Indeed, that should not be happening.
You can change the line:
$query = 'FROM '.hikashop_table('order').' AS a WHERE '.implode(' AND ',$filters).$order;

to:
$query = 'FROM '.hikashop_table('order').' AS a WHERE ('.implode(') AND (',$filters).') '.$order;

in the file components/com_hikashop/views/order/view.html.php to fix that.

We've also updated the HikaShop install package to correct the problem in HikaShop.

Please Log in or Create an account to join the conversation.

  • Posts: 45
  • Thank you received: 0
13 years 1 month ago #32148

yes in orders now it's fixed, thanks

And need some fix in affiliate/sales.php ... :)


and I can see that in affiliate/clicks,
in leads maybe too (clicks and leads did not interest me, I do not use those)

Last edit: 13 years 1 month ago by slydog.

Please Log in or Create an account to join the conversation.

  • Posts: 83103
  • Thank you received: 13413
  • MODERATOR
13 years 1 month ago #32151

You need to replace :
$filter = implode(" LIKE $searchVal OR ",$searchMap)." LIKE $searchVal";
by:
$filter = '('.implode(" LIKE $searchVal OR ",$searchMap)." LIKE $searchVal".')';

in the file components/com_hikashop/views/affiliate/view.html.php to fix that.

Please Log in or Create an account to join the conversation.

  • Posts: 45
  • Thank you received: 0
13 years 1 month ago #32168

Thanks, Nicolas!
As always helped quickly.
Now everything is perfect.

Please Log in or Create an account to join the conversation.

Time to create page: 0.059 seconds
Powered by Kunena Forum