Can't void order if in banip or fraud #2720

Closed
danijelGombac opened this Issue Feb 27, 2015 · 3 comments

Projects

None yet

2 participants

@danijelGombac
Contributor

I think that this part

        $this->load->model('account/customer');

        $customer_info = $this->model_account_customer->getCustomer($order_info['customer_id']);

        if ($customer_info && $customer_info['safe']) {
            $safe = true;
        } else {
            $safe = false;
        }

        if ($this->config->get('config_fraud_detection')) {
            $this->load->model('checkout/fraud');

            $risk_score = $this->model_checkout_fraud->getFraudScore($order_info);

            if (!$safe && $risk_score > $this->config->get('config_fraud_score')) {
                $order_status_id = $this->config->get('config_fraud_status_id');
            }
        }

        // Ban IP
        if (!$safe) {
            $status = false;

            if ($order_info['customer_id']) {
                $results = $this->model_account_customer->getIps($order_info['customer_id']);

                foreach ($results as $result) {
                    if ($this->model_account_customer->isBanIp($result['ip'])) {
                        $status = true;

                        break;
                    }
                }
            } else {
                $status = $this->model_account_customer->isBanIp($order_info['ip']);
            }

            if ($status) {
                $order_status_id = $this->config->get('config_order_status_id');
            }
         }

        $this->db->query("INSERT INTO " . DB_PREFIX . "order_history SET order_id = '" . (int)$order_id . "', order_status_id = '" . (int)$order_status_id . "', notify = '" . (int)$notify . "', comment = '" . $this->db->escape($comment) . "', date_added = NOW()");

must be inside if ($order_status_id) {} .

Because now, if customer is in banip list or fraud, order can't be void. Every time add "config_order_id" or "config_fraud_status_id". And in this way prevent to add empty order history when void order.

@danielkerr
Contributor

you add the customer to the safe list

@danijelGombac
Contributor

Is not easier to skip all fraud system if order status is 0. Order status 0 is only when void order. Now if user add customer in ban list and then delete order, stock is not added back. You must first delete order and then add customer in ban list. But if user don't know that, he must manual change stock.

@danielkerr
Contributor

going to add an override option. needs to as some guests wont have an account to add to the safelist

@danielkerr danielkerr closed this Aug 18, 2015
@danielkerr danielkerr added a commit that referenced this issue Aug 18, 2015
@danielkerr danielkerr #2720 87e66dd
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment