You are partly correct. The "script" has no flaws when applied against the version for which it was written.
Between the time that code was posted 4 years ago and now, there have been numerous new releases and feature changes and security precautions added. One of those has to do with ensuring there's been no tampering with the shopping cart. And, since the code literally IS tampering with the shopping cart contents, it's triggering one of those safeties.
The fix is simple. Add another line above the calculate() line, as shown:
Code:
$current_cart = $_SESSION['cart']->contents;
$_SESSION['cart']->reset(true);
$_SESSION['cart']->contents = $current_cart;
$_SESSION['cart']->cartID = $_SESSION['cart']->generate_cart_id();
$_SESSION['cart']->calculate();
Bookmarks