newbieonekenobie Posted February 17, 2009 Share Posted February 17, 2009 (edited) I was about to install the 2.6 version of this contribution and noticed a discrepancy in the "find" this code an "replace" with this code for updating the account_history_info.php file in a just installed version of 2.2RC2 (no other contributions installed). Code to find in the account_history_info.php file - per the contribution $customer_info_query = tep_db_query("select customers_id from " . TABLE_ORDERS . " where orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "'"); $customer_info = tep_db_fetch_array($customer_info_query); if ($customer_info['customers_id'] != $customer_id) { tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL')); } Code I find in the account_history_info.php file $customer_info_query = tep_db_query("select o.customers_id from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_STATUS . " s where o.orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.public_flag = '1'"); $customer_info = tep_db_fetch_array($customer_info_query); if ($customer_info['customers_id'] != $customer_id) { tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL')); } Says to replace with this code... $customer_info_query = tep_db_query("select customers_id, orders_status from " . TABLE_ORDERS . " where orders_id = '". (int)$HTTP_GET_VARS['order_id'] . "'"); $customer_info = tep_db_fetch_array($customer_info_query); $orders_status = $customer_info['orders_status']; if ($customer_info['customers_id'] != $customer_id) { tep_redirect(tep_href_link(FILENAME_ACCOUNT_HISTORY, '', 'SSL')); } Any suggestions? Joe Edited February 17, 2009 by newbieonekenobie Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.