Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Just in Case you overlooked


Qim

Recommended Posts

Tonight I discovered a flaw in catalog/includes/classes/shopping_cart.php

 

Which doubled the prices in the shopping cart. On lines 271 and 272 you may have:

 

271 $this->total += tep_add_tax($products_price, $products_tax) * $qty;

272 $this->total += $currencies->calculate_price($products_price, $products_tax, $qty);

 

using both doubles the prices in the cart! I suggest that you comment out the first one, in case you allow multiple currencys.

 

Regards

Sara

Link to comment
Share on other sites

I have 3 versions of osC and none of them even have 272 lines in shopping_cart.php

:huh:

 

They don't even have 250.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

I have 3 versions of osC and none of them even have 272 lines in shopping_cart.php

:huh:

 

They don't even have 250.

 

O' sorry for that. My shop is heavily modified. ( I have MS2.2).

 

Still you might have those two lines of code. Go and search, and let others know...

Link to comment
Share on other sites

O' sorry for that. My shop is heavily modified. ( I have MS2.2).

 

Still you might have those two lines of code. Go and search, and let others know...

stock has

 

// products price

$product_query = tep_db_query("select products_id, products_price, products_tax_class_id, products_weight from " . TABLE_PRODUCTS . " where products_id = '" . (int)$products_id . "'");

if ($product = tep_db_fetch_array($product_query)) {

$prid = $product['products_id'];

$products_tax = tep_get_tax_rate($product['products_tax_class_id']);

$products_price = $product['products_price'];

$products_weight = $product['products_weight'];

 

$specials_query = tep_db_query("select specials_new_products_price from " . TABLE_SPECIALS . " where products_id = '" . (int)$prid . "' and status = '1'");

if (tep_db_num_rows ($specials_query)) {

$specials = tep_db_fetch_array($specials_query);

$products_price = $specials['specials_new_products_price'];

}

 

$this->total += $currencies->calculate_price($products_price, $products_tax, $qty);

$this->weight += ($qty * $products_weight);

}

 

// attributes price

if (isset($this->contents[$products_id]['attributes'])) {

reset($this->contents[$products_id]['attributes']);

while (list($option, $value) = each($this->contents[$products_id]['attributes'])) {

$attribute_price_query = tep_db_query("select options_values_price, price_prefix from " . TABLE_PRODUCTS_ATTRIBUTES . " where products_id = '" . (int)$prid . "' and options_id = '" . (int)$option . "' and options_values_id = '" . (int)$value . "'");

$attribute_price = tep_db_fetch_array($attribute_price_query);

if ($attribute_price['price_prefix'] == '+') {

$this->total += $currencies->calculate_price($attribute_price['options_values_price'], $products_tax, $qty);

} else {

$this->total -= $currencies->calculate_price($attribute_price['options_values_price'], $products_tax, $qty);

}

}

}

}

}

 

so looks like you may have had an error in editing.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...