View Issue Details

Jump to Notes
IDProjectCategoryView StatusDate SubmittedLast Update
0006221OXID eShop (all versions)1.01. Products (product, categories, manufacturer, promotions etc.)public2015-08-31 15:442015-11-06 12:21
Reporters.krenz Assigned To 
PrioritynormalSeverityminorReproducibilityalways
Status resolvedResolutionfixed 
Product Version4.9.5 / 5.2.5 
Fixed in Version4.9.7 / 5.2.7 
Summary0006221: OXID loads an incorrect manufacturer
DescriptionIf the table `oxmanufacturers` contains entries with simple integers as OXID and one or more entries where the OXID starts with one of these integers, the wrong manufacturer will be loaded.
Steps To ReproduceThe order in which the entries are added is important. The 2nd one must be later returned by MySQL than the 1st one.

1. Create an entry in `oxmanufacturers` with the following data:
OXID => "10acbdef"
OXSHOPID => 'oxbaseshop'
OXACTIVE => 1
OXTITLE => "DEF"

2. Create a second entry in `oxmanufacturers` with the following data:
OXID => "10"
OXSHOPID => 'oxbaseshop'
OXACTIVE => 1
OXTITLE => "ABC"

3. Open the "By Manufacturer" page for the 1st manufacturer.
Additional InformationThis problem happens because of PHP's type casting during checking conditions.

File: application/models/oxmanufacturerlist.php
Line: 126

If the bug occures the "$sActCat" and "$sVndId" variables are casted into integers because "$sVndID" is "10" (it will be interpreted as the integer 10 by PHP) and "10abcdef" will be converted to the integer 10 too.
TagsSolution Provided
ThemeNot defined
BrowserNot defined
PHP VersionNot defined
Database VersionNot defined

Relationships

related to 0006220 resolvedHR Article navigation problems 

Activities

s.krenz

2015-08-31 15:47

reporter   ~0011182

Created a hotfix and sent a pull request on GitHub: https://github.com/OXID-eSales/oxideshop_ce/pull/254

QA

2015-08-31 15:59

administrator   ~0011183

see examples on http://php.net/manual/de/language.types.string.php#language.types.string.conversion for an explanation on PHP's behaviour.

s.krenz

2015-08-31 16:05

reporter   ~0011185

Of cause, the fifth to eigth example shows the problem.

anton.fedurtsya

2015-10-16 15:54

administrator   ~0011263

Pull Request accepted with type casting to string upgrade.