Regrardless of my sanity, I have a solution to the little loophole I found - whether it solves the browser issues or not I don't know as I haven't been able to replicate it.
So in particular if you're using the distinct shopping cart option of multisite you might want to add this code to includes/modules/pages/index/header_php.php - this will prevent manipulation of the url giving the user access to a category that shouldn't be available in the shop they're browsing.
Put this in just above -PHP Code://bof multisite
//check that a cPath from another store is not attempting to be used.
if ($cPath > 0) {
$categories_query = "SELECT c.categories_id, cd.categories_name, c.categories_image, c.parent_id
FROM " . TABLE_CATEGORIES . " c, " . TABLE_CATEGORIES_DESCRIPTION . " cd
WHERE c.categories_id = :parentID
AND c.categories_id = cd.categories_id
AND cd.language_id = :languagesID
AND c.categories_status= '1'
ORDER BY sort_order, cd.categories_name";
$categories_query = $db->bindVars($categories_query, ':parentID', $cPath, 'integer');
$categories_query = $db->bindVars($categories_query, ':languagesID', $_SESSION['languages_id'], 'integer');
$category_status = $db->Execute(cat_filter($categories_query));
if ($category_status->RecordCount() == '0') {
$current_category_not_found = true;
}
}
//eof multisite
PHP Code:// -----
// Give an observer the chance to override the default handling for the category.
//


Reply With Quote
