Mysidia Adoptables Support Forum  

Home Community Mys-Script Creative Off-Topic
Go Back   Mysidia Adoptables Support Forum > Projects > The Bug Tracker > Bug

Inputting decimal value to shop item quantity gives full item at half price Issue Tools
issueid=55 03-09-2016 11:36 PM
Inputting decimal value to shop item quantity gives full item at half price

An admin on another site that is using the mysidia script informed me of this bug.

If a user puts in 0.5 as an item quantity in the shops, they pay half price but get the full item. This bug can be severely exploited if users were to find out.
Issue Details
Project The Bug Tracker
Category Unknown
Status Unconfirmed
Priority 3
Affected Version Mys v1.3.4
Fixed Version Mys v1.3.5
Users able to reproduce bug 2
Users unable to reproduce bug 0
Assigned Users (none)
Tags (none)

04-07-2016 02:14 AM
Just a little love tap to see if this is being looked into or anything?
04-20-2016 10:18 PM
Open class_itemshop.php

Under the purchase function where you see the else replace this:
PHP Code:
    else {
$item->quantity $mysidia->input->post("quantity"); 
with this:
PHP Code:
    else {
$item->quantity = (int) $mysidia->input->post("quantity"); 
For good measure open class_stockitem.php and replace line 37, which is this:
PHP Code:
if(empty($quantity)) $quantity $mysidia->input->post("quantity"); 
with this:
PHP Code:
if(empty($quantity)) $quantity = (int) $mysidia->input->post("quantity"); 
This is only a partial fix. It will continue to display the wrong values to the user, but should correctly charge them now.
04-22-2016 11:28 PM
Ahhh thank you thank you! <33

Issue Tools
Subscribe to this issue

All times are GMT -5. The time now is 09:49 AM.

Currently Active Users: 375 (0 members and 375 guests)
Threads: 4,078, Posts: 31,984, Members: 2,012
Welcome to our newest members, Nysnyroth.

What's New?

What's Hot?

What's Popular?

Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2021, vBulletin Solutions Inc.
vBCommerce I v2.0.0 Gold ©2010, PixelFX Studios
vBCredits I v2.0.0 Gold ©2010, PixelFX Studios
Emoticons by darkmoon3636