Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.One of my clients recently added a value to the "Shipping Rate Markup" field for USPS shipping (with markup type set to Addition $). But we noticed that when orders were placed, the markup wasn't applied. Turns out they had a dollar sign in the field which was causing the $markup amount in uc_usps_markup() to be completely ignored.
I'm recommending we add a little better error checking for the markup value so that this doesn't fail silently for other UC users in the future.
Suggested Fix: Create a validation function for when uc_usps_admin_settings() is submitted. This will throw an error if NOT is_numeric() for the value of uc_usps_markup.
| Comment | File | Size | Author |
|---|---|---|---|
| #2 | uc_ups.admin_.inc_.patch | 438 bytes | TR |
| #2 | uc_usps.admin_.inc_.patch | 517 bytes | TR |
Comments
Comment #1
TR CreditAttribution: TR commentedComment #2
TR CreditAttribution: TR commentedI rolled a patch for uc_usps and for uc_ups to fix this. The patch adds an is_numeric() check in the form validation function. I also committed a similar patch to my uc_fedex module, where I've had it in use for several weeks without a problem.
Comment #3
TR CreditAttribution: TR commentedMoving above the fold ...
Comment #4
Island Usurper CreditAttribution: Island Usurper commentedCommitted. Thanks.