Results 1 to 1 of 1
  1. #1
    Join Date
    Mar 2009
    Posts
    1
    Plugin Contributions
    0

    Default bug reported in reward point module

    The customer search under admin/customers/Reward Point in reward point module tend to create problem due to same variable name for session, input field and a variable used in query. It gives a Mysql Query error due to invalid search option.

    the bug was spotted in the file admin/customers_reward_points.php

    search for following code

    if(isset($_SESSION['search']))
    $search=" WHERE (c.customers_lastname LIKE '%".$_SESSION['search']."%' OR c.customers_firstname LIKE '%".$_SESSION['search']."%' OR c.customers_id LIKE '%".$_SESSION['search']."%' OR c.customers_email_address LIKE '%".$_SESSION['search']."%')";
    else
    if(isset($_SESSION['customer_sort_index']))
    if($_SESSION['customer_sort_order']==1)
    $search=" WHERE c.customers_firstname LIKE '".$_SESSION['customer_sort_index']."%'";
    else
    $search=" WHERE c.customers_lastname LIKE '".$_SESSION['customer_sort_index']."%'";
    else
    $search="";

    and change the it to

    if(isset($_SESSION['search']))
    $search2=" WHERE (c.customers_lastname LIKE '%".$_SESSION['search']."%' OR c.customers_firstname LIKE '%".$_SESSION['search']."%' OR c.customers_id LIKE '%".$_SESSION['search']."%' OR c.customers_email_address LIKE '%".$_SESSION['search']."%')";
    else
    if(isset($_SESSION['customer_sort_index']))
    if($_SESSION['customer_sort_order']==1)
    $search2=" WHERE c.customers_firstname LIKE '".$_SESSION['customer_sort_index']."%'";
    else
    $search2=" WHERE c.customers_lastname LIKE '".$_SESSION['customer_sort_index']."%'";
    else
    $search2="";

    Also change the $search variable in the query to $search2 as shown below. variable name can be changed to coder's choice.

    $customer_query_raw = "select c.customers_id, c.customers_lastname, c.customers_firstname, c.customers_group_pricing, r.pending_points, r.reward_points, gp.group_name, rm.redeem_ratio from ".TABLE_CUSTOMERS." as c LEFT JOIN (".TABLE_REWARD_CUSTOMER_POINTS." as r) ON (r.customers_id=c.customers_id) LEFT JOIN(".TABLE_GROUP_PRICING." as gp) ON (gp.group_id=c.customers_group_pricing) LEFT JOIN(".TABLE_REWARD_MASTER." as rm) ON ((c.customers_group_pricing!=0 AND rm.scope=".SCOPE_GROUP." AND rm.scope_id=c.customers_group_pricing) OR (c.customers_group_pricing=0 AND rm.scope=".SCOPE_GLOBAL." AND rm.scope_id=0))".$index.$search2.$group_by.$order_by.$limit.";";
    Last edited by smart_pro; 26 Mar 2009 at 11:03 AM. Reason: correction

 

 

Similar Threads

  1. Store credit and reward point module
    By yellow1912 in forum Addon Payment Modules
    Replies: 170
    Last Post: 19 Mar 2021, 03:17 PM
  2. v150 Adding a reward point module/add-on
    By dawneprochilo in forum All Other Contributions/Addons
    Replies: 2
    Last Post: 10 Nov 2013, 05:16 PM
  3. Reward Point Mod beta now available
    By hem in forum All Other Contributions/Addons
    Replies: 322
    Last Post: 8 Jun 2011, 10:41 PM
  4. Error after installing reward point module
    By trisha33 in forum All Other Contributions/Addons
    Replies: 1
    Last Post: 15 Feb 2009, 11:27 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR