View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0001684 | OXID eShop (all versions) | 1.01. Products (product, categories, manufacturer, promotions etc.) | public | 2010-03-05 14:07 | 2012-12-07 14:23 |
| Reporter | simon_stark | Assigned To | |||
| Priority | high | Severity | major | Reproducibility | have not tried |
| Status | resolved | Resolution | no change required | ||
| Product Version | 4.2.0 revision 23610 | ||||
| Summary | 0001684: review-link in order confirmation will only work in the same browser and the session-cookie is still active | ||||
| Description | Reported by Frank Knapp (egate media): -----------8<-----(snip)-------------- Steps to reproduce:Order a product and click on 'bewerten' in order email confirmation. Problem:The review is ONLY saved if the review window opens in the same browser as the order was placed AND the session-cookie is still active. Reason:review::getReviewUserId() was not adjusted accordingly after OXID released the review security fix. Solution:Modify review::getReviewUserId() as follows: public function getReviewUserId() { if ( $this->_sReviewUserId === null ) { $this->_sReviewUserId = false; // EI start if (oxConfig::getParameter('reviewuserid')) { $this->_sReviewUserId = oxConfig::getParameter('reviewuserid'); return $this->_sReviewUserId; } // EI end //review user from order email $sReviewUser = oxConfig::getParameter( 'reviewuser' ); $sReviewUser = ( !$sReviewUser ) ? oxConfig::getParameter( 'reviewuserid' ) : $sReviewUser; if ( $sReviewUser ) { $oUser = oxNew( 'oxuser' ); $sReviewUserId = $oUser->getReviewUserId( $sReviewUser ); } $oUser = $this->getUser(); if (!$sReviewUserId && $oUser) { $sReviewUserId = $oUser->getId(); } $this->_sReviewUserId = $sReviewUserId; } return $this->_sReviewUserId; } -----------8<-----(snip)-------------- | ||||
| Tags | Ratings, Reviews | ||||
| Theme | |||||
| Browser | All | ||||
| PHP Version | any | ||||
| Database Version | any | ||||
| related to | 0003125 | resolved | rimvydas_paskevicius | Review link in order e-mail does not work => redirect to startpage |
|
|
problem is back to 4.4.4 |
|
|
Still got reports about valid issue in eShop 4.4.6 |
|
|
Almost every release the behaviour is changed, but so far it got never really fixed. A couple times it was implemented in a way, that the user had to log in before being able to perform the review. I want to point out, that this is NOT a solution, because this way users who order without account can't perform a review at all (but also get the review link in the order mail confirmation). I guess you have to remove the sid check when saving the review, the same way the sid check is not active for the price alert formular in the detail view. |
|
|
In 4.5.0 version the review link is removed from order confirmation emails. So this issue is no more valid and will be closed. Thank you for your feedback and support. |
