Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
One could call this a feature request - but since #560358: Cart links don't work with checkbox attributes or textfield attributes is "implemented" and closed it has to be seen as a bug report.
I can't get it to work and have to believe that for some reason part of the original patch got lost. at least this is what is suggested by comment #12 of previous issue.
Comment | File | Size | Author |
---|---|---|---|
#10 | uc_cart_links.diff | 704 bytes | pianomansam |
#3 | uc_cart_links_textfield.patch | 821 bytes | smoothify |
Comments
Comment #1
xibun CreditAttribution: xibun commentedsince this feature was now officially released in v2.3 it would be nice to have it working.
-> using "Display the cart link product action when you add a product to your cart." to generate the config-string gives a string which looks fine - but then when testing it instead of the added string "Array" appears.
Comment #2
smoothify CreditAttribution: smoothify commentedI get this error too, and also believe that it was due to an incomplete patch on #560358: Cart links don't work with checkbox attributes or textfield attributes.
The code from approx line 654 in uc_attribute.module is as follows:
Here the $selected variable is treated as an array unless the attribute is a textfield.
I believe the best way around this is to re-instate some of TR's original patch in cart_links to check for an array.
Comment #3
smoothify CreditAttribution: smoothify commentedHere is a patch that works for me with textfield attributes.
Comment #4
xibun CreditAttribution: xibun commentedjust tested this patch - now the textfield attribute works !
one concerns though: site security! the URL can be fabricated... is the text string properly secured against SQL injection?
Comment #5
smoothify CreditAttribution: smoothify commentedThis patch doesn't introduce any extra security concerns as far as I can see. The uc_attribute module should be sanitizing all input whether from the url or the textfield itself.
Comment #6
xibun CreditAttribution: xibun commented@smoothify: sorry I wasn't clear. the patch for me is RTBC - the concern was addressed to the Ubercart maintainer as the cart link method might bypass the normal checks.
Comment #7
Mr. Electronic CreditAttribution: Mr. Electronic commentedHi
I had the same problem as described in this bug report.
I have tested the patch and it worked correctly on Drupal 6.17 and Ubercart 2.3
Br.
Rune Christensen
Comment #8
xibun CreditAttribution: xibun commentedUbercart version 2.4 is out now... so this has to target HEAD
anyone checked the security concern? just to be clear: the patch is ok - but it opens a door and I don't know if the room behind is secured..
Comment #9
Lowell CreditAttribution: Lowell commentedsubscribing
thank you so much,
this patch solves the text attribute problem for me, going on 2 years old.
AND solves the latest update problem which broke the cart_links with numbers.
I've been using numbers only which caused additional limitations for me, now I can use text strings. Big time saver :-)))
I'm hoping this isn't a security problem though
Comment #10
pianomansam CreditAttribution: pianomansam commentedDoes not seem to be working in 2.4! I reworked the patch slightly and it seems to be working now. Please see attached for my version of the patch.
Comment #11
longwaveComment #12
twooten CreditAttribution: twooten commentedI can confirm that the patch in comment #10 does work with Ubercart 6.x-2.4.
Thanks!
Comment #13
TR CreditAttribution: TR commentedI just reverted to my initial fix from http://drupal.org/node/560358#comment-2556314 . Committed the fix to both the 6.x and 7.x branches.