KirkM Posted August 5, 2022 Share Posted August 5, 2022 (edited) A customer put in a coupon code with global unlimited uses and one use per customer. When used the first time, it displays an error message that the limit has been reached even though this is the first use. If you set it to 2 uses per customer, it works on the first use and not the second. Leave it blank for unlimited per customer and it works fine too. This would make it appear that the code logic is counting the use BEFORE checking if the limit has been reached. It sounds kind of silly for a mistake like that to be in the code flow, but testing sure makes it seem that way. Anyone else see this? Edited August 5, 2022 by KirkM clarity Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 5, 2022 Share Posted August 5, 2022 I would agree that this scenario would have been found by now. Please let us know what version of PHP that this installation is running under. Quote Link to comment Share on other sites More sharing options...
KirkM Posted August 5, 2022 Author Share Posted August 5, 2022 Sorry, I normally always post that info but was rushing out the door when I typed it and completely forgot. "There is never enough time to do it right, but there is always enough time to do it over.” ~John W. Bergman PHP 7.4, CC 6.4.4 Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 7, 2022 Share Posted August 7, 2022 (edited) Please use an external database utility to examine the following: In the table CubeCart_customer_coupon, are there any rows where the value in the 'customer_id' column is zero? If so, note the value in the 'coupon' column for that row. Are there any other rows that have the same 'coupon' value? (Probably not, as CubeCart is detecting a usage problem with that code.) Would the problematic coupon code be that noted value? Edited August 7, 2022 by bsmither Quote Link to comment Share on other sites More sharing options...
KirkM Posted August 8, 2022 Author Share Posted August 8, 2022 Quote In the table CubeCart_customer_coupon, are there any rows where the value in the 'customer_id' column is zero? No. In phpMyAdmin sorting by customer_id shows the lowest number to be 130. No zero values in that column. Quote Are there any other rows that have the same 'coupon' value? Not sure I understand this one. There are hundreds of rows with the same coupon code as he has had hundreds of customers use coupons over the years. Do you mean if the first test found a zero? If so, this test is moot, I suppose. Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 8, 2022 Share Posted August 8, 2022 Ok. Still looking. Quote Link to comment Share on other sites More sharing options...
KirkM Posted August 8, 2022 Author Share Posted August 8, 2022 Thanks Brian, really appreciate it. Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 8, 2022 Share Posted August 8, 2022 Just to be clear, this is a logged-in customer? Quote Link to comment Share on other sites More sharing options...
KirkM Posted August 8, 2022 Author Share Posted August 8, 2022 Yes. The owner and I both have accounts on his store so we can simulate purchase and checkout. It did the same thing for both of us when we were logged in. Out of curiosity, would that make a difference? I thought that CC tracked customers by email address, whether they have an account and are signed in or not. I assume that would be relational to the coupon uses counting. Quote Link to comment Share on other sites More sharing options...
bsmither Posted August 9, 2022 Share Posted August 9, 2022 (edited) "Would being logged in make a difference?" During checkout as a guest, when one tries to enter and apply a coupon code, the (Foundation) form verification code will prevent that submission until all the details of the customer has been filled in -- including an email address. Whether CubeCart creates the customer record first or processes the coupon code first, I have not yet determined. But this is probably not relevant because you say you are logged in. A concern of mine, maybe the smoking gun, is the code that makes sure the coupon code can be added to the basket. This happens in the Cart class, discountAdd() function. CubeCart queries for records from CubeCart_customer_coupon, requesting the 'used' value, where the 'email' or 'customer_id' matches the customer, logged-in or a new guest. The problem here is that the query does not specify which coupon is being searched for. Thus, if the customer has used any coupon previously, there will be a record of it - a false positive of testing for this specific coupon used by this specific customer. Please try again after making this edit: In the file /classes/cart.class.php, near line 541, find: $usage = $GLOBALS['db']->select('CubeCart_customer_coupon', array('used'), "`email` = '$email' OR `customer_id` = ".(int)$customer_id, false, 1, false, false); Change to: $usage = $GLOBALS['db']->select('CubeCart_customer_coupon', array('used'), "`coupon` = '$code' AND (`email` = '$email' OR `customer_id` = ".(int)$customer_id.")", false, 1, false, false); Edited August 9, 2022 by bsmither Quote Link to comment Share on other sites More sharing options...
KirkM Posted August 9, 2022 Author Share Posted August 9, 2022 Quote The problem here is that the query does not specify which coupon is being searched for. Thus, if the customer has used any coupon previously, there will be a record of it - a false positive of testing for this specific coupon used by this specific customer. Thanks so much for finding that Brian. Definitely a silly oversight in the code. Your fix seems to have solved the issue. This is certainly a bug that needs to be fixed. Will you be reporting it or would you prefer I do it? As always, your thorough work and prompt solutions are greatly appreciated. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.