Order Tracking Link Expires After Single Use- Can I Fix This?

I commented elsewhere (*) about how guest users can track their order via a link emailed to them upon request.



Unfortunately, this link can only be used once before it expires. (**)



Is there a setting that can be changed which allows the tracking URL to be used as often as desired within a given period?



Thank you,


Anybody have a fix for this ekey feature or (bug). The Order Tracking links only work once. This is a stupid design by cs-cart.

Please open the app/controllers/frontend/orders.php file and replace:

$ekey = fn_generate_ekey($order_info['email'], 'T', SECONDS_IN_HOUR);

with

$ekey = fn_generate_ekey($order_info['email'], 'T', SECONDS_IN_DAY * 365);

Then open the app/functions/fn.common.php file and replace:

db_query("DELETE FROM ?:ekeys WHERE ekey = ?s", $ekey);

with

//db_query("DELETE FROM ?:ekeys WHERE ekey = ?s", $ekey);
The Order Tracking links only work once.

TTL does not matter in case you use the 'ekey' link twice (in different browsers, for example). At the moment when you extract the 'ekey' data from the database, it will be removed from it, even if TTL is not expired.

This ekey functionality deals not only with Orders, but, for example, for downloading attachments to orders (when a product is down-loadable). And a customer should not be able to use this download link several times.

You can modify the 'fn_get_object_by_ekey' function in the 'app/functions/fn.common.php' file: add a new parameter which will trigger the removal or not depending on its value. And set this parameter in the 'fn_get_object_by_ekey' function calling in the 'app/controllers/frontend/orders.php' file.

We can develop this small modification for you. Please post a quote to https://simtechdev.com/helpdesk .

I have updated my post to disable ekey deletion. Hope this will help.

I should say it again, this function (fn_get_object_by_ekey) is called not only when you track an order, but in some other cases which require only single request via 'ekey' functionality. If it is OK, you can comment the deletion.

I should say it again, this function (fn_get_object_by_ekey) is called not only when you track an order, but in some other cases which require only single request via 'ekey' functionality. If it is OK, you can comment the deletion.

It was clear from your post. Thank you, anyway

I have tried using the fix outlined above but I get an error when using latest software version 4.8.1. Is there a current fix?

I have tried using the fix outlined above but I get an error when using latest software version 4.8.1. Is there a current fix?

What error do you receive?

What error do you receive?


It is a JSON syntax error, it occurs when I comment out the line in fn.common.php

//db_query("DELETE FROM ?:ekeys WHERE ekey = ?s", $ekey);

It should not generate any errors. Try to backup fn.common.php file and completely remove the mentioned line

It should not generate any errors. Try to backup fn.common.php file and completely remove the mentioned line

I deleted the entire line in fn.common.php and still get the following error:

Error Oops, something went wrong (SyntaxError: Unexpected end of JSON input). Please try again.

It is required to examine issue on your server. At the moment I do not see any reasons for error generation