Ulrick67 Posted June 16, 2011 Share Posted June 16, 2011 Hi, I've been searching in the forum but cannot see a solution that may help me. We had a hacker attack on our store. We cleaned everything and upgraded to ver 2.3.1 We then restored the database from the old store into the new. Everything seemed to work but I have a problem: Some of our customers cannot login, despite the fact that they change passwords. And in the administrator panel I cannot select them to review either their data or their orders. I'm not a stranger to using SQL (SQL Server actually) and do not have any experience with php, but I'm willing to try anything that may help us. We are losing sales and that's a big no. What could be the problem? Is the customers table? The address_book? I don't know. I saw a line in customers.php under case 'default': in which the where statement reads: "where a.customers_id = c.customers_id and c.customers_id = $HPP" I wonder if that line is the culprit, I commented out that instruction and created a new one, but the problem continues. Any help would be appreciated Regards Larry Link to comment Share on other sites More sharing options...
KDM Posted June 17, 2011 Share Posted June 17, 2011 What could be the problem? Is the customers table? The address_book? I don't know. I saw a line in customers.php under case 'default': in which the where statement reads: "where a.customers_id = c.customers_id and c.customers_id = $HPP" I wonder if that line is the culprit, I commented out that instruction and created a new one, but the problem continues. Any help would be appreciated Regards Larry In my catalog/admin/customers.php at default my where statement reads: where a.customers_id = c.customers_id and c.customers_id = '" . (int)$HTTP_GET_VARS['cID'] . "'"); $HPP if that is what you it have will never retrieve any information. The whole statement should be: $customers_query = tep_db_query("select c.customers_id, c.customers_gender, c.customers_firstname, c.customers_lastname, c.customers_dob, c.customers_email_address, a.entry_company, a.entry_street_address, a.entry_suburb, a.entry_postcode, a.entry_city, a.entry_state, a.entry_zone_id, a.entry_country_id, c.customers_telephone, c.customers_fax, c.customers_newsletter, c.customers_default_address_id from " . TABLE_CUSTOMERS . " c left join " . TABLE_ADDRESS_BOOK . " a on c.customers_default_address_id = a.address_book_id where a.customers_id = c.customers_id and c.customers_id = '" . (int)$HTTP_GET_VARS['cID'] . "'"); if you haven't modified customer.php you could just put the original Osc 2.3.1 file in place of the problem file in case there is other problems with it. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.