0
Hi,
I've an alert message which tells that the auth_code is not valid.
Here's how :
The auth_code seems to be missing on the link PAY NOW. The error doesn't appear if you manually add the auth_code to the url.
I've an alert message which tells that the auth_code is not valid.
Here's how :
- Click a secured link in mail or pdf
- Click on PAY NOW button
- Ta da !
The auth_code seems to be missing on the link PAY NOW. The error doesn't appear if you manually add the auth_code to the url.
Accepted Answer
0
All is working well since you put the right package, thanks ! 
Once this said, I still believed that the auth_code should be used to protect the payment process for unlogged user, because nothing prevent one to change ID in url to have a look on other payment.
For the link to return to invoice list for unlogged user, I found a tip : Joomla put a class with the component name e.g. ".com_invoice" so you can simply hide the link with a ".com_invoice .pull-right" css property.
Once this said, I still believed that the auth_code should be used to protect the payment process for unlogged user, because nothing prevent one to change ID in url to have a look on other payment.
For the link to return to invoice list for unlogged user, I found a tip : Joomla put a class with the component name e.g. ".com_invoice" so you can simply hide the link with a ".com_invoice .pull-right" css property.
Responses (6)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
0hello!
I can see the message. it lets you see the payment, but this message shows up. there's a very easy fix for this, I'm going to add it to the package, however if you prefer me to do the tweak directly on your site, let me know (I believe you have done some code changes and I would not want to mess them up) -
Accepted Answer
0No, that will be fine. Just let me know when you've updated the package ! -
Germinal Campsmore than a month agoI already did :)
-
-
Accepted Answer
0I haven't seen any improvements...
I wonder if it wouldn't be more secure to keep the auth_code on this page, would it ?
Moreover, I have a second problem : this link (top right) appears in the same view : http://www.gamesberry.fr/component/invoices/?view=invoices which sends the unlogged user to a fairly empty list of invoice (quite normal, because he's an unlogged user!). I think this link should either not be shown at all to unlogged user, or send back to the invoice.-
Germinal Campsmore than a month agowhat you mean there are no improvements? you still see the "not authorized" message? to cahnge the redirection link there would need some coding on the control page.
-
-
Accepted Answer
0you still see the "not authorized" message?
Exactly
I've reinstalled the package twice to be sure.
to cahnge the redirection link there would need some coding on the control page.
Maybe an improvement for the next release then ? It doesn't look so professionnal to send user in a no man lands
By the way, a quick and efficient approach would be to add some css class to the page (ex : put an invoice "invoice" to the body), or even aside the "pull-right" class.-
Germinal Campsmore than a month agocan you send me access to support@ joomlathat.com so I can check the issue? I'm so stranged right now, because I asure you I fixed that issue and uploaded the package.. :S :S thanks!! :)
-
Yann-SImore than a month agoI've dropped you a mail, did you get it ?
-
Your Reply
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »