BUG - product_attributes_option_type v3.0

[mmcfadden]

If you are using paypal standard (not sure about other payment modules) the text values for option type text are saved to the ORDERS_PRODUCTS_ATTRIBUTES as the word "TEXT" rather than the actual text value entered by the user.

 

I isolated where the problem is occurring - includes/modules/payment/paypal_standard.php, function Confirmation().

 

This function grabs the attribute values from the PRODUCTS_ATTRIBUTES and PRODUCTS_OPTIONS_VALUES tables rather than from the CUSTOMERS_BASKET_ATTRIBUTES...Comfirmation() function code from paypal_standard.php below with section I think is the problem bolded.

 

However, I am new to php and to osCommerce so I am unsure how to fix the problem. Any help would be greatly appreciated. Or if anyone knows where an existing fix to this bug is, please point me in that direction.

 

Thank you!!

 

=====================

 

function confirmation() {

global $cartID, $cart_PayPal_Standard_ID, $customer_id, $languages_id, $order, $order_total_modules;

 

if (tep_session_is_registered('cartID')) {

$insert_order = false;

 

if (tep_session_is_registered('cart_PayPal_Standard_ID')) {

$order_id = substr($cart_PayPal_Standard_ID, strpos($cart_PayPal_Standard_ID, '-')+1);

 

$curr_check = tep_db_query("select currency from " . TABLE_ORDERS . " where orders_id = '" . (int)$order_id . "'");

$curr = tep_db_fetch_array($curr_check);

 

if ( ($curr['currency'] != $order->info['currency']) || ($cartID != substr($cart_PayPal_Standard_ID, 0, strlen($cartID))) ) {

$check_query = tep_db_query('select orders_id from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int)$order_id . '" limit 1');

 

if (tep_db_num_rows($check_query) < 1) {

tep_db_query('delete from ' . TABLE_ORDERS . ' where orders_id = "' . (int)$order_id . '"');

tep_db_query('delete from ' . TABLE_ORDERS_TOTAL . ' where orders_id = "' . (int)$order_id . '"');

tep_db_query('delete from ' . TABLE_ORDERS_STATUS_HISTORY . ' where orders_id = "' . (int)$order_id . '"');

tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS . ' where orders_id = "' . (int)$order_id . '"');

tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_ATTRIBUTES . ' where orders_id = "' . (int)$order_id . '"');

tep_db_query('delete from ' . TABLE_ORDERS_PRODUCTS_DOWNLOAD . ' where orders_id = "' . (int)$order_id . '"');

}

 

$insert_order = true;

}

} else {

$insert_order = true;

}

 

if ($insert_order == true) {

$order_totals = array();

if (is_array($order_total_modules->modules)) {

reset($order_total_modules->modules);

while (list(, $value) = each($order_total_modules->modules)) {

$class = substr($value, 0, strrpos($value, '.'));

if ($GLOBALS[$class]->enabled) {

for ($i=0, $n=sizeof($GLOBALS[$class]->output); $i<$n; $i++) {

if (tep_not_null($GLOBALS[$class]->output[$i]['title']) && tep_not_null($GLOBALS[$class]->output[$i]['text'])) {

$order_totals[] = array('code' => $GLOBALS[$class]->code,

'title' => $GLOBALS[$class]->output[$i]['title'],

'text' => $GLOBALS[$class]->output[$i]['text'],

'value' => $GLOBALS[$class]->output[$i]['value'],

'sort_order' => $GLOBALS[$class]->sort_order);

}

}

}

}

}

 

$sql_data_array = array('customers_id' => $customer_id,

'customers_name' => $order->customer['firstname'] . ' ' . $order->customer['lastname'],

'customers_company' => $order->customer['company'],

'customers_street_address' => $order->customer['street_address'],

'customers_suburb' => $order->customer['suburb'],

'customers_city' => $order->customer['city'],

'customers_postcode' => $order->customer['postcode'],

'customers_state' => $order->customer['state'],

'customers_country' => $order->customer['country']['title'],

'customers_telephone' => $order->customer['telephone'],

'customers_email_address' => $order->customer['email_address'],

'customers_address_format_id' => $order->customer['format_id'],

'delivery_name' => $order->delivery['firstname'] . ' ' . $order->delivery['lastname'],

'delivery_company' => $order->delivery['company'],

'delivery_street_address' => $order->delivery['street_address'],

'delivery_suburb' => $order->delivery['suburb'],

'delivery_city' => $order->delivery['city'],

'delivery_postcode' => $order->delivery['postcode'],

'delivery_state' => $order->delivery['state'],

'delivery_country' => $order->delivery['country']['title'],

'delivery_address_format_id' => $order->delivery['format_id'],

'billing_name' => $order->billing['firstname'] . ' ' . $order->billing['lastname'],

'billing_company' => $order->billing['company'],

'billing_street_address' => $order->billing['street_address'],

'billing_suburb' => $order->billing['suburb'],

'billing_city' => $order->billing['city'],

'billing_postcode' => $order->billing['postcode'],

'billing_state' => $order->billing['state'],

'billing_country' => $order->billing['country']['title'],

'billing_address_format_id' => $order->billing['format_id'],

'payment_method' => $order->info['payment_method'],

'cc_type' => $order->info['cc_type'],

'cc_owner' => $order->info['cc_owner'],

'cc_number' => $order->info['cc_number'],

'cc_expires' => $order->info['cc_expires'],

'date_purchased' => 'now()',

'orders_status' => $order->info['order_status'],

'currency' => $order->info['currency'],

'currency_value' => $order->info['currency_value']);

 

tep_db_perform(TABLE_ORDERS, $sql_data_array);

 

$insert_id = tep_db_insert_id();

 

for ($i=0, $n=sizeof($order_totals); $i<$n; $i++) {

$sql_data_array = array('orders_id' => $insert_id,

'title' => $order_totals[$i]['title'],

'text' => $order_totals[$i]['text'],

'value' => $order_totals[$i]['value'],

'class' => $order_totals[$i]['code'],

'sort_order' => $order_totals[$i]['sort_order']);

 

tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array);

}

 

for ($i=0, $n=sizeof($order->products); $i<$n; $i++) {

$sql_data_array = array('orders_id' => $insert_id,

'products_id' => tep_get_prid($order->products[$i]['id']),

'products_model' => $order->products[$i]['model'],

'products_name' => $order->products[$i]['name'],

'products_price' => $order->products[$i]['price'],

'final_price' => $order->products[$i]['final_price'],

'products_tax' => $order->products[$i]['tax'],

'products_quantity' => $order->products[$i]['qty']);

 

tep_db_perform(TABLE_ORDERS_PRODUCTS, $sql_data_array);

 

$order_products_id = tep_db_insert_id();

 

$attributes_exist = '0';

if (isset($order->products[$i]['attributes'])) {

$attributes_exist = '1';

for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {

if (DOWNLOAD_ENABLED == 'true') {

$attributes_query = "select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix, pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename

from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa

left join " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad

on pa.products_attributes_id=pad.products_attributes_id

where pa.products_id = '" . $order->products[$i]['id'] . "'

and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'

and pa.options_id = popt.products_options_id

and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'

and pa.options_values_id = poval.products_options_values_id

and popt.language_id = '" . $languages_id . "'

and poval.language_id = '" . $languages_id . "'";

$attributes = tep_db_query($attributes_query);

} else {

$attributes = tep_db_query("select popt.products_options_name, poval.products_options_values_name, pa.options_values_price, pa.price_prefix from " . TABLE_PRODUCTS_OPTIONS . " popt, " . TABLE_PRODUCTS_OPTIONS_VALUES . " poval, " . TABLE_PRODUCTS_ATTRIBUTES . " pa where pa.products_id = '" . $order->products[$i]['id'] . "' and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "' and pa.options_id = popt.products_options_id and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "' and pa.options_values_id = poval.products_options_values_id and popt.language_id = '" . $languages_id . "' and poval.language_id = '" . $languages_id . "'");

}

$attributes_values = tep_db_fetch_array($attributes);

 

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'products_options' => $attributes_values['products_options_name'],

'products_options_values' => $attributes_values['products_options_values_name'],

'options_values_price' => $attributes_values['options_values_price'],

'price_prefix' => $attributes_values['price_prefix']);

 

tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);

 

if ((DOWNLOAD_ENABLED == 'true') && isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename'])) {

$sql_data_array = array('orders_id' => $insert_id,

'orders_products_id' => $order_products_id,

'orders_products_filename' => $attributes_values['products_attributes_filename'],

'download_maxdays' => $attributes_values['products_attributes_maxdays'],

'download_count' => $attributes_values['products_attributes_maxcount']);

 

tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);

}

}

}

}

 

$cart_PayPal_Standard_ID = $cartID . '-' . $insert_id;

tep_session_register('cart_PayPal_Standard_ID');

}

}

 

return false;

}