WeBid Bug Tracking

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000443WeBidEmailpublic2013-07-14 23:192014-09-15 20:48
Reporteritze 
Assigned To 
Priority@0@SeverityminorReproducibilityhave not tried
StatusresolvedResolutionfixed 
PlatformOSOS Version
Product Version1.1.0 
Target VersionFixed in Version1.1.2 
Summary0000443: Not possible to contact the seller from outstanding.php (Ver 1.1.0)
DescriptionHello all,



i encountered a problem when a user wants to send a message to another user.



There are three ways a user can write a message to another user:



a) from the item.php page



The user clicks on an item and gets to the item page. from here, he can ask the seller a question. In this case send_email.php will open and the user can enter a message. By clicking on the send button the message is send. This works!



b) When the user wins an auction and wants to pay, he will get to outstanding.php. from here he can press the button 'pay'. He will get to pay.php. If the seller did not provide a payment gateway or the buyer doesn't have the same payment gateway as the seller, he is forced to contact the seller. He will click on the username in

'If you wish to pay via an alternative method contact USER to find out how'

If he does, he is sent to the users profile. There he will click on 'contact USER'. He will enter a message and click on 'Submit' Button. THAT DOES NOT WORK! send_mail.php will 'reload' (doesn't really reload. just a short blinking of the page) without having the message sent.



c) A user visits the profile of another user (coming from an item page) and wants to send him a message. He will proceed as in step b) --> It works!





Why does method b) NOT work? The problem with method b) is that somewhere between Outstanding.php, pay.php, profile.php and email_request.php the auction_id value gets lost. This is the impotant part of email_request.php (lines 42-79):



if (isset($_POST['action']) && $_POST['action'] == 'proceed')

{

    if (empty($_POST['TPL_text']))

    {

        $ERR = $ERR_031;

    }

    elseif ($auction_id < 0 || empty($auction_id)) // here is the auction id empty when user uses method b) to contact the seller

    {

        $ERR = $ERR_622;

    }

    else

    {

        $query = "SELECT title FROM " . $DBPrefix . "auctions WHERE id = " . $auction_id;

        $res = mysql_query($query);

        $system->check_mysql($res, $query, __LINE__, __FILE__);

        if (mysql_num_rows($res) == 0)

        {

            $ERR = $ERR_622;

        }

        else

        {

            $item_title = mysql_result($res, 0, 'title');

            $item_title = $system->uncleanvars($item_title);

            $from_email = ($system->SETTINGS['users_email'] == 'n') ? $user->user_data['email'] : $system->SETTINGS['adminmail'];

            // Send e-mail message

            $subject = $MSG['335'] . ' ' . $system->SETTINGS['sitename'] . ' ' . $MSG['336'] . ' ' . $item_title;

            $message = $MSG['084'] . ' ' . $MSG['240'] . ': ' . $from_email . "

" . $_POST['TPL_text'];

            $emailer = new email_handler();

            $emailer->email_uid = $user_id;

            $emailer->email_basic($subject, $email, nl2br($message), $user->user_data['name'] . '<'. $from_email . '>'); //send the email :D

            // send a copy to their mesasge box

            $nowmessage = nl2br($system->cleanvars($message));

            $query = "INSERT INTO " . $DBPrefix . "messages (sentto, sentfrom, sentat, message, subject)

                    VALUES (" . $user_id . ", " . $user->user_data['id'] . ", '" . time() . "', '" . $nowmessage . "', '" . $system->cleanvars(sprintf($MSG['651'], $item_title)) . "')";

            $system->check_mysql(mysql_query($query), $query, __LINE__, __FILE__);

            $sent = true;

        }

    }

}





in the line

elseif ($auction_id < 0 || empty($auction_id)) 


the auction_id will be empty and therefore the message will not be sent.

As described above, the auction id gets lost during the pay-profile-email_request sequence. Maybe one can find a fix for this? I can read the code a little bit, but don't know how to code in php. The best way would be to send the user directly to the request_email.php from pay.php, without having to vist the sellers profile. Thank you all!
TagsNo tags attached.
import_id445
Thread
Attached Files

- Relationships

-  Notes
(0001115)
pani100 (reporter)
2013-07-15 01:09
edited on: 1970-01-01 00:00

When leaving pay page there is no auction_id in case 2.
We can to pull it from the query like this:
[PHP]case 2: // pay for an item
        $query = "SELECT w.id, a.id AS auctid, a.title, a.shipping_cost, a.shipping_cost_additional, a.shipping, w.bid, u.paypal_email, u.authnet_id, u.authnet_pass,
                u.id As uid, u.nick, a.payment, u.worldpay_id, u.toocheckout_id, u.moneybookers_email, w.qty[/PHP]

Then we need to change the $extrastring in case 2 to:
[PHP]$extrastring = sprintf($MSG['778'], $data['uid'], $data['auctid'], $data['nick']);[/PHP]

and finally change in language/EN/mesages.inc.php the $MSG['778'] to

[PHP]$MSG['778'] = 'If you wish to pay via an alternative method contact profile.php?user_id=%s&auction_id=%s to find out how.';[/PHP]
(0001116)
itze (reporter)
2013-07-16 12:08
edited on: 1970-01-01 00:00

Thank you very much! That worked!
(0001127)
DrJ (reporter)
2013-07-19 16:06
edited on: 1970-01-01 00:00

pani100 wrote

When leaving pay page there is no auction_id in case 2.
We can to pull it from the query like this:
[PHP]case 2: // pay for an item
        $query = "SELECT w.id, a.id AS auctid, a.title, a.shipping_cost, a.shipping_cost_additional, a.shipping, w.bid, u.paypal_email, u.authnet_id, u.authnet_pass,
                u.id As uid, u.nick, a.payment, u.worldpay_id, u.toocheckout_id, u.moneybookers_email, w.qty[/PHP]

Then we need to change the $extrastring in case 2 to:
[PHP]$extrastring = sprintf($MSG['778'], $data['uid'], $data['auctid'], $data['nick']);[/PHP]

and finally change in language/EN/mesages.inc.php the $MSG['778'] to

[PHP]$MSG['778'] = 'If you wish to pay via an alternative method contact profile.php?user_id=%s&auction_id=%s to find out how.';[/PHP]



First allow me to say I like this forum very much and the help that the experienced coders provide is priceless. That being said, sometimes I, not being an experienced coder, have trouble following the threads and replies. Can you please explain what to do with the first two examples of code? The third example is explained along with the file in which needs the change.
Thanks to all for all the help. I look forward to your response.
(0001129)
itze (reporter)
2013-07-21 18:04
edited on: 2013-07-21 18:04

DrJ wrote

First allow me to say I like this forum very much and the help that the experienced coders provide is priceless. That being said, sometimes I, not being an experienced coder, have trouble following the threads and replies. Can you please explain what to do with the first two examples of code? The third example is explained along with the file in which needs the change.
Thanks to all for all the help. I look forward to your response.



The first two code examples are taken from pay.php. You'll find around line 30:
switch($_GET['a'])
{

Below this you'll find paragraphs that start with 'CASE'. Find 'CASE 2:' in php.pay and apply the code shown above. That's it!

Itze
(0001132)
DrJ (reporter)
2013-07-23 13:51
edited on: 1970-01-01 00:00

Thanks itze! I found it right away. And thanks to pani100 for the fix.
(0001140)
Chris Gentry (viewer)
2013-07-27 18:14
edited on: 2013-07-27 18:34

I am having trouble I am not a experienced php coder either and do appreciate all the work and help everyone is giving. I have found the code and followed the steps listed to the best of my knowledge and it didn't work. What code am I putting where exactly the pay.php already has that code in it. Do I put it in the request_email.php or where. I think I got a little lost on the translation of the instructions.


Nevermind It worked great thanks for the fix. Everytime I break down and post it never fails that a few minutes later I figure it out.
(0001142)
sanax (viewer)
2013-08-05 00:47
edited on: 1970-01-01 00:00

I tried it but it's not working. Get and error message saying the error has been forwarded to the admin...
(0001153)
nay27uk (reporter)
2013-09-01 14:29
edited on: 1970-01-01 00:00

Thanks for this I have not yet come across this problem but it is added to my faves for future reference
(0001303)
dcobain (viewer)
2014-09-15 20:48
edited on: 1970-01-01 00:00

I tried this in 1.1.1 and its created an error in pay.php

Unknown error type: [2] sprintf() [function.sprintf]: Too few arguments on xxx\pay.php line 66

The problem is here:
$data['nick'])
nick ist not in the $query - i changed it in:

u.nick AS nick.

Works for me.

[PHP]
$query = "SELECT w.id, a.id AS auctid, a.title, a.shipping_cost, a.shipping_cost_additional, a.shipping, w.bid, u.paypal_email, u.authnet_id, u.authnet_pass,
u.id As uid, u.nick As nick, a.payment, u.worldpay_id, u.toocheckout_id, u.moneybookers_email, w.qty[/PHP]

- Issue History
Date Modified Username Field Change
2015-04-01 13:17 renlok New Issue
2015-04-01 13:17 renlok import_id => 445
2015-04-01 13:17 renlok Date Submitted 2015-04-01 13:17 => 2013-07-14 23:19
2015-04-01 13:17 renlok Last Update 2015-04-01 13:17 => 2014-09-15 20:48


Copyright © 2000 - 2017 MantisBT Team
Powered by Mantis Bugtracker