Contrib.social

Customers shouldn't be able to order unpublished product variation

Open on Drupal.org β†’
Created on 8 February 2023, about 2 years ago

Problem/Motivation

Right now in getOrderItems() function the requested variation ID is loaded based on SKU without any access checking.

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

πŸ› Bug report
Status

Active

Version

1.0

Component

Code

Created by

πŸ‡ΈπŸ‡°Slovakia kaszarobert

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024