We have come across a basic functionality problem, where a customer has managed to delete their order via the frontend after the order has been placed, its rare that it happens, but its happened more than once,
The function is triggered
( fn_delete_order )
This is in app/controllers/frontend/checkout.php
It changes the items on the invoice AFTER we’ve been paid. Once an invoice is at processed it is not allowed to be changed by the customer. It can cause problems for our accounting and VAT return.
Surely the ability to trigger this is a bug / problem for others?
Current version (4.1.9) does not have any 'delete_order' mode in the checkout controller in the frontend. Only in the backend.and it is ONLY when the controller has been called via a POST operation.
Current version (4.1.9) does not have any 'delete_order' mode in the checkout controller in the frontend. Only in the backend.and it is ONLY when the controller has been called via a POST operation.
Do you mean 4.3.9?
From looking at the code it relates to trying to repay for an order if failed, but we have that setting turned off in the cart.
We have an extended trace route built to log the information,
It happened maybe 1 in 1,000 or more orders,
It is very rare, but messes up accounts, stock levels, and leaves us with customers with orders that aren't sent out, despite being paid.
Looks like the file is customized by 3rd party. It should not contain this function. Could you please open the file, find the function and provide us with the peace of code where this function is used?