The customer search under admin/customers/Reward Point in reward point module tend to create problem due to same variable name for session, input field and a variable used in query. It gives a Mysql Query error due to invalid search option.
the bug was spotted in the file admin/customers_reward_points.php
search for following code
if(isset($_SESSION['search']))
$search=" WHERE (c.customers_lastname LIKE '%".$_SESSION['search']."%' OR c.customers_firstname LIKE '%".$_SESSION['search']."%' OR c.customers_id LIKE '%".$_SESSION['search']."%' OR c.customers_email_address LIKE '%".$_SESSION['search']."%')";
else
if(isset($_SESSION['customer_sort_index']))
if($_SESSION['customer_sort_order']==1)
$search=" WHERE c.customers_firstname LIKE '".$_SESSION['customer_sort_index']."%'";
else
$search=" WHERE c.customers_lastname LIKE '".$_SESSION['customer_sort_index']."%'";
else
$search="";
and change the it to
if(isset($_SESSION['search']))
$search2=" WHERE (c.customers_lastname LIKE '%".$_SESSION['search']."%' OR c.customers_firstname LIKE '%".$_SESSION['search']."%' OR c.customers_id LIKE '%".$_SESSION['search']."%' OR c.customers_email_address LIKE '%".$_SESSION['search']."%')";
else
if(isset($_SESSION['customer_sort_index']))
if($_SESSION['customer_sort_order']==1)
$search2=" WHERE c.customers_firstname LIKE '".$_SESSION['customer_sort_index']."%'";
else
$search2=" WHERE c.customers_lastname LIKE '".$_SESSION['customer_sort_index']."%'";
else
$search2="";
Also change the $search variable in the query to $search2 as shown below. variable name can be changed to coder's choice.
$customer_query_raw = "select c.customers_id, c.customers_lastname, c.customers_firstname, c.customers_group_pricing, r.pending_points, r.reward_points, gp.group_name, rm.redeem_ratio from ".TABLE_CUSTOMERS." as c LEFT JOIN (".TABLE_REWARD_CUSTOMER_POINTS." as r) ON (r.customers_id=c.customers_id) LEFT JOIN(".TABLE_GROUP_PRICING." as gp) ON (gp.group_id=c.customers_group_pricing) LEFT JOIN(".TABLE_REWARD_MASTER." as rm) ON ((c.customers_group_pricing!=0 AND rm.scope=".SCOPE_GROUP." AND rm.scope_id=c.customers_group_pricing) OR (c.customers_group_pricing=0 AND rm.scope=".SCOPE_GLOBAL." AND rm.scope_id=0))".$index.$search2.$group_by.$order_by.$limit.";";
Bookmarks