Home Forums Plugins Add to Wishlist Support [Resolved] View ALL results if logged in and passing your own user id in URL !!!

Welcome to our community support forums! We're here to help - but if you have an urgent request for a Pro Plugin, you will get a prioritised response through our Premium Support page.

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #29879
    camberben
    Participant

    If you are logged in and you happen to view your wishlist and pass your own ID in the URL it treats the query as User ID = 0

    This results incorrect results – I haven’t tested but I think it may return items from ALL wishlists !?!

    eg. /products/your-account?tab=wishlist&user=6
    (if I am user 6 and logged in)

    If a user id is passed in the URL I think this should ALWAYS take precedent over the current logged in user.

    In wp-e-commerce-add-to-wishlist/functions.php I changed:

    if( isset( $_GET['user'] ) )
    	$user = wpsc_at_get_user_filter( (string)$_GET['user'] );
    if( $user ) {
    	if( $user <> $current_user->ID ) {
    		if( $user )
    			$user_id = $user;
    		$is_guest = true;
    	}
    } else {
    	$user_id = $current_user->ID;
    }

    to:

    if( isset( $_GET['user'] ) )
    	$user = wpsc_at_get_user_filter( (string)$_GET['user'] );
    if( $user ) {
    		$user_id = $user;
    	$is_guest = true;
    } else {
    	$user_id = $current_user->ID;
    }

    This may still need more validation that $current_user is set I think.

    #30807
    Michael Visser
    Keymaster

    Have added this one into the next minor Plugin update, thanks camberben!

Viewing 2 posts - 1 through 2 (of 2 total)
  • The topic ‘[Resolved] View ALL results if logged in and passing your own user id in URL !!!’ is closed to new replies.