OJS OCS OMP OHS

You are viewing the PKP Support Forum | PKP Home Wiki

PKP Support

Support forums for the Public Knowledge Project

Skip to content


Software Hosting and Development Services available at PKP Publishing Services

As the developers of Open Journal Systems, Open Conference Systems, Open Harvester Systems, and Open Monograph Press, the PKP team are experts in helping journal managers and conference organizers make the most of their online publishing projects. PKP Publishing Services offers support for:

As a customer of PKP Publishing Services, you will not only receive direct, personalized support from the PKP Development Team, but will be contributing to the ongoing development of the PKP applications. All funds raised by PKP Publishing Services go directly toward enhancing our free, open source software. For more information, please contact us.

[IMPORTANT] Paypal Bug in OJS 2.2.x

Are you responsible for making OJS work -- installing, upgrading, migrating or troubleshooting? Do you think you've found a bug? Post in this forum.

Moderators: jmacgreg, michael, jheckman, barbarah, btbell, bdgregg, asmecher

Forum rules
What to do if you have a technical problem with OJS:

1. Search the forum. You can do this from the Advanced Search Page or from our Google Custom Search, which will search the entire PKP site. If you are encountering an error, we especially recommend searching the forum for said error.

2. Check the FAQ to see if your question or error has already been resolved.

3. Post a question, but please, only after trying the above two solutions. If it's a workflow or usability question you should probably post to the OJS Editorial Support and Discussion subforum; if you have a development question, try the OJS Development subforum.
Post a reply

[IMPORTANT] Paypal Bug in OJS 2.2.x

Postby michael » Mon Feb 08, 2010 4:38 pm

The PKP team has identified a bug in PayPal payment management whereby an unauthorized user can view a listing of past payments and the details of specific payments. This bug only affects OJS 2.2.x.

It is recommended that all users of OJS 2.2.x apply the patch provided here:
http://pkp.sfu.ca/bugzilla/show_bug.cgi?id=5132

If you have access to command-line tools, the patch can be applied by following the directions here:
viewtopic.php?f=8&t=3779

If you don't have access to command-line tools, you can copy-and-paste the following two lines (marked with a '+') into pages/manager/ManagerPaymentHandler.inc.php (do not include the '+'; it's simply a marker to denote the addition of the line):

Code: Select all
     function viewPayments($args) {
+      parent::validate();
       $rangeInfo = &Handler::getRangeInfo('CompletedPayments');
       $paymentDao = &DAORegistry::getDAO('OJSCompletedPaymentDAO');
       $journal =& Request::getJournal();


Code: Select all
     function viewPayment($args) {
+      parent::validate();
       $paymentDao = &DAORegistry::getDAO('OJSCompletedPaymentDAO');
       $completedPaymentId = $args[0];
       $payment = &$paymentDao->getCompletedPayment($completedPaymentId);
Michael Felczak
Public Knowledge Project Team
--
Questions? Before posting, please try:
Advanced Forums Search
OJS and OCS Documentation
Video Tutorials
michael
 
Posts: 374
Joined: Thu Mar 29, 2007 2:09 pm
Top
Post a reply

Return to OJS Technical Support

Who is online

Users browsing this forum: kennymatthew and 5 guests

Powered by phpBB® Forum Software © phpBB Group