Jump to content

[SOLVED] Hack attempt (OrderHistory -> id_order_state is empty) with a copied payment module


Recommended Posts

Prestashop : 1.2.5 and 1.3.0 alpha1
browsers : FF, Chrome, latest version
Fresh installed, default theme

Only one modification :
I copied the bankwire module and changed the code to create my own payment module called 'pickup'.
I was careful to recreate the code, but.... it is not good enough.

When i order something and click my new payment module i get this message when confirming the order :

Hack attempt (OrderHistory -> id_order_state is empty)



So does any of you gurus have an idea where i should look to solve this ?

Share this post


Link to post
Share on other sites

I have the same issue with Cash on pickup (COP) v1.2.1.1
Also, the order is created but cannot be seen among orders, but if I look via the customer I can find it (where the state is awaiting bank wire).
I can then change state to eg preparation in progress and then it shows up among orders...
PS 1.2.4.0

/Mats

Share this post


Link to post
Share on other sites

I also get this error on 1.2.5 : Wrong/incorrect invoice number.
When i create a debug dump it shows that the invoice id is empty.

So the order gets validated but somewhere it misses info. I will dig around a bit more today.
For now there is a workaround:
In the order > Statutes go to the status that applies to your payment methode. If you have installed a new payment method (like COP) then
you should have created a new status here.
In the settings of this status you can choose if the customer can download an invoice in PDF. Just switch this off. Then it should work (after loggin off and clearing cache).

Share this post


Link to post
Share on other sites

Hmm, I have no status for COP...
I searched for the module and found info on editing config/config.inc.php, adding the line "define('PS_OS_COP', 12);".
Though this seems remotely familiar, I added the line (since it wasn't there) but still nothing in the list of statuses.
I tried both PS_OS_COP and _PS_OS_COP_

/Mats

Share this post


Link to post
Share on other sites

Ok, i think i "solved" it.
This error is thrown by PS when the cart does not validate correctly. Usually this is due to wrong settings or module programming. In this case (with the new payment module) it is caused by a missing order state.

Basically when you create a new payment module you should also create a new Order State. But most modules programmers use HARDCODED order states, and then edit the config.inc.php to compensate....
Actually that is also how PS works with the 11 pre-programmed order states...
If in the future the PS team decides to use more payment modules (and they do with 1.3.0) then using hard coded Order States is not a good practice.

So when using a module (or downloading and installing it from the forum) you should follow the directions of the readme carefully. Or for the programmers out there they should start using dynamic order states.

Share this post


Link to post
Share on other sites

If you are using the COP module then i would say that it is somewhat programmed wrongly...
Check the INVOICE parameter in the order state and the config.inc.php.

Or wait for my module..

Share this post


Link to post
Share on other sites

Well, that the module won't work is kinda understandable without the order state in place.
But I added the order state in config.inc.php and still it doesn't appear. Can't really blame the module for that...

/Mats

Share this post


Link to post
Share on other sites
  • 3 weeks later...
  • 1 month later...

After editing the config/config.inc.php file, make sure there is order status #12 also in the database. I just changed the number of existing but unused status to 12 in phpmyadmin and it works now.

Strange enough, COP worked in one language before nut not in another one, now it works in both.

Share this post


Link to post
Share on other sites
  • 1 month later...
Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More