WP-e-Commerce icon indicating copy to clipboard operation
WP-e-Commerce copied to clipboard
verified publisher icon wp-e-commerce

Fix 'wpsc_edit_product_variations' when editing variations ...

Open Dexmaster opened this issue 10 years ago • 3 comments

with function call where $_REQUEST is not sent.

P.S.

Who the hell checks for (isset($_REQUEST["product_id"]) || isset($post_id)) and then uses $_REQUEST["product_id"] ?? What if I have $_REQUEST["post_ID"] ??

I'll tell you what, it breaks all created variations, it just deletes them.

Dexmaster avatar Mar 06 '15 12:03 Dexmaster

And even before that it uses $product_id, then $_REQUEST['product_id'], then $product_id why the hell there are no checks?

Why anybody thought it would be a good idea to have 3 different variables with the same value and all needed for this function to work?

test examples: $product_id = 10, $_REQUEST['product_id'] = null, $_REQUEST["post_ID"] = 10 $product_id = 10, $_REQUEST['product_id'] = 11, $_REQUEST["post_ID"] = 12 $product_id = 10, $_REQUEST['product_id'] = null, $_REQUEST["post_ID"] = 12

Dexmaster avatar Mar 06 '15 12:03 Dexmaster

$post_ids_to_delete = wpsc_get_child_object_in_terms_var($_REQUEST["product_id"], $term_ids_to_delete, 'wpsc-variation'); where $_REQUEST["product_id"] is null ... so, child objects of null (or zero) is all damn objects :/ after using this function loads of products are deleted... great job, great job. 4rz3bdv_700wa_0

theUm avatar Mar 06 '15 13:03 theUm

I think I could have left only 1 variable $product_id, but maybe someone else will think it through. For future reference first 10 lines I added are just global fixes so it will work 100% of time)) In future I think only 1 check is needed

if ( empty( $product_id ) ) {
   return;
}

Dexmaster avatar Mar 06 '15 13:03 Dexmaster