search

zencart / zencart

Zen Cart® is a full-function e-commerce application for your website.
https://github.com/zencart/zencart/releases
Other
375 stars 233 forks source link

Admin->Move Product: after move, debug created with browser Back button #5743

Closed torvista closed 1 year ago

torvista commented 1 year ago

If you move a product from a category, then after completing the move, go back to that category using the Back button (twice), you pass the Move infobox on the way, creating the debug:

[02-Jun-2023 16:01:48 UTC] Request URI: /zencart/admin/index.php?cmd=category_product_listing&cPath=17&product_type=1&pID=181&action=move_product&page=1, IP address: 127.0.0.1, Language id 1

0 D:\GitHub\zencart\admin\includes\modules\move_product.php(12): zen_debug_error_handler()

1 D:\GitHub\zencart\admin\category_product_listing.php(1094): require('D:\GitHub\zenca...')

2 D:\GitHub\zencart\admin\index.php(11): require('D:\GitHub\zenca...')

--> PHP Warning: Undefined variable $pInfo in D:\GitHub\zencart\admin\includes\modules\move_product.php on line 12.

I thought it would be straightforward to add a redirect before 12, back to the original category if $pInfo not set, as handily $current_category_id still exists. But, no, another error is created related to zen_redirect and the keepalive module...

neekfenwick commented 1 year ago

Rather than detect the problem late and redirect, it seems better to validate inputs before any output is sent, i.e. up around line 40 of category_product_listing.php. I've added code to validate pID against current_category_id by augmenting sniffer, which seems a sensible place for generic DB operations, the code to check result of SELECT COUNT was getting a bit cumbersome.

Please see PR #5851.