I use the zencart module Flexible Return Authorization (RMA)
https://www.zen-cart.com/downloads.php?do=file&id=1692
The form seems to be working fine. Every once in awhile I get a syntax error. Not sure How to go about and fix this. If a customer puts a special characteristics in the form do i need to block that?
this is what the customer put in the form.
HTML Code:
Incorrect item from order 52394: ME-ARTR, Magnum Energy ME-ARTR, Magnum Advacnced Router. Quantity:1
Would like to exchange for correct item: ME-ARC50, MAGNUM ENERGY ME-ARC50, ADVANCED REMOTE DIGITAL LCD DISPLAY REMOTE PANEL WITH 50' CABLE. Quantity: 2
Please advise if this is possible.
error
HTML Code:
[08-Jan-2020 20:12:02 America/New_York] PHP Fatal error: 1064:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'CABLE. Quantity: 2
Please advise if this is possible.', '7', '12345678', now(' at line 1 :: insert into orders_status_history (comments, orders_status_id, orders_id, date_added, rma_number, action) values ('Incorrect item from order 52394: ME-ARTR, Magnum Energy ME-ARTR, Magnum Advacnced Router. Quantity:1
Would like to exchange for correct item: ME-ARC50, MAGNUM ENERGY ME-ARC50, ADVANCED REMOTE DIGITAL LCD DISPLAY REMOTE PANEL WITH 50' CABLE. Quantity: 2
Please advise if this is possible.', '7', '12345678', now(), '1234567801082020', 'Get a Refund') ==> (as called by) /home/inverter/public_html/includes/templates/theme871/templates/tpl_returns_default.php on line 85 <== in /home/inverter/public_html/includes/classes/db/mysql/query_factory.php on line 171
I found where the issue is coming from in templates\tpl_returns_default.php on line 83
Code:
if (ORDER_COMMENTS_RMA_OPTION == 'true') {
$returnRMA = $orderID . $rma_number;
$db->Execute("insert into " . TABLE_ORDERS_STATUS_HISTORY . " (comments, orders_status_id, orders_id, date_added, rma_number, action) values ('" . $reason ."', '" . $autoRMA ."', '" . (int)$orderID ."', now(), '" . $returnRMA ."', '" . $action ."')");
}
Bookmarks