Jump to content

Coupon limit per customer apparently counting before checking


KirkM

Recommended Posts

A customer put in a coupon code with global unlimited uses and one use per customer.  When used the first time, it displays an error message that the limit has been reached even though this is the first use.  If you set it to 2 uses per customer, it works on the first use and not the second.  Leave it blank for unlimited per customer and it works fine too.  This would make it appear that the code logic is counting the use BEFORE checking if the limit has been reached.  It sounds kind of silly for a mistake like that to be in the code flow, but testing sure makes it seem that way.

Anyone else see this?

Edited by KirkM
clarity
Link to comment
Share on other sites

Sorry, I normally always post that info but was rushing out the door when I typed it and completely forgot.

"There is never enough time to do it right, but there is always enough time to do it over.” ~John W. Bergman

PHP 7.4, CC 6.4.4

Link to comment
Share on other sites

Please use an external database utility to examine the following:

In the table CubeCart_customer_coupon, are there any rows where the value in the 'customer_id' column is zero?

If so, note the value in the 'coupon' column for that row.

Are there any other rows that have the same 'coupon' value? (Probably not, as CubeCart is detecting a usage problem with that code.)

Would the problematic coupon code be that noted value?

 

Edited by bsmither
Link to comment
Share on other sites

Quote

In the table CubeCart_customer_coupon, are there any rows where the value in the 'customer_id' column is zero?

No.  In phpMyAdmin sorting by customer_id shows the lowest number to be 130.  No zero values in that column.

Quote

Are there any other rows that have the same 'coupon' value? 

Not sure I understand this one.  There are hundreds of rows with the same coupon code as he has had hundreds of customers use coupons over the years.  Do you mean if the first test found a zero?  If so, this test is moot, I suppose.

Link to comment
Share on other sites

Yes.  The owner and I both have accounts on his store so we can simulate purchase and checkout.  It did the same thing for both of us when we were logged in.  Out of curiosity, would that make a difference?  I thought that CC tracked customers by email address, whether they have an account and are signed in or not.  I assume that would be relational to the coupon uses counting.

Link to comment
Share on other sites

"Would being logged in make a difference?"

During checkout as a guest, when one tries to enter and apply a coupon code, the (Foundation) form verification code will prevent that submission until all the details of the customer has been filled in -- including an email address. Whether CubeCart creates the customer record first or processes the coupon code first, I have not yet determined. But this is probably not relevant because you say you are logged in.

A concern of mine, maybe the smoking gun, is the code that makes sure the coupon code can be added to the basket. This happens in the Cart class, discountAdd() function.

CubeCart queries for records from CubeCart_customer_coupon, requesting the 'used' value, where the 'email' or 'customer_id' matches the customer,  logged-in or a new guest.

The problem here is that the query does not specify which coupon is being searched for. Thus, if the customer has used any coupon previously, there will be a record of it - a false positive of testing for this specific coupon used by this specific customer.

Please try again after making this edit:

In the file /classes/cart.class.php, near line 541, find:

$usage = $GLOBALS['db']->select('CubeCart_customer_coupon', array('used'), "`email` = '$email' OR `customer_id` =  ".(int)$customer_id, false, 1, false, false);

Change to:

$usage = $GLOBALS['db']->select('CubeCart_customer_coupon', array('used'), "`coupon` = '$code' AND (`email` = '$email' OR `customer_id` =  ".(int)$customer_id.")", false, 1, false, false);

 

Edited by bsmither
Link to comment
Share on other sites

Quote

The problem here is that the query does not specify which coupon is being searched for. Thus, if the customer has used any coupon previously, there will be a record of it - a false positive of testing for this specific coupon used by this specific customer.

Thanks so much for finding that Brian.  Definitely a silly oversight in the code.  Your fix seems to have solved the issue.  This is certainly a bug that needs to be fixed.  Will you be reporting it or would you prefer I do it?

As always, your thorough work and prompt solutions are greatly appreciated. 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...