Today i come across one fraud in magneto checkout page
some user can edit payment method to free payment through fire bug and if submit order it will submit and place order
we can avoid this thing
just edit code or extend this model in your local folder in Mage_Sales_Model_Service_Quote i’e
app\code\core\Mage\Sales\Model\Service\Quote.php
in function _validate() add this code (around 293 )
//pradeep to avoid foud from select free in fire bug $qu=Mage::getModel('sales/quote')->load($this->getQuote()->getId()); if($qu->getPayment()->getMethod()=='free' && $qu->getGrandTotal()!=0){ Mage::throwException($helper->__('Invalid payment method')); }
so it will avoid placing order even if the subtotal is not zero in magneto
No comments:
Post a Comment