Skip to content

[2.x] Make sure you actually log in in the checkout #613

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
royduin merged 1 commit into from
Nov 6, 2024
Merged

[2.x] Make sure you actually log in in the checkout #613

royduin merged 1 commit into from
Nov 6, 2024

Conversation

@Jade-GG
Copy link
Collaborator

@Jade-GG Jade-GG commented Oct 24, 2024

Previously, you could just type in any random password in the password box and it would validate without the need to log in, allowing people to actually try placing an order on an existing account without logging in.

This fixes that bug. I'm not sure if this is also a thing in 3.x as that checkout works quite differently, so I haven't made a PR for that.

@Jade-GG Jade-GG mentioned this pull request Oct 24, 2024
Merged
jordythevulder
jordythevulder reviewed Oct 24, 2024
View reviewed changes
@royduin
Copy link
Member

royduin commented Oct 31, 2024

I'd like to know if v3 also needs a fix for this

@Jade-GG
Copy link
Collaborator Author

Jade-GG commented Oct 31, 2024

I'd like to know if v3 also needs a fix for this

From what I can see, the form will still validate incorrectly on v3: https://github.com/rapidez/core/blob/master/resources/views/checkout/steps/login.blade.php

So v3 will likely also need a fix unless I'm missing something wrapped around it that validates the login credentials.

@royduin
Copy link
Member

royduin commented Nov 1, 2024

Could you arrange that?

@Jade-GG Jade-GG mentioned this pull request Nov 1, 2024
Merged
@Jade-GG
Copy link
Collaborator Author

Jade-GG commented Nov 1, 2024

Could you arrange that?

#626 😇

@royduin
Copy link
Member

royduin commented Nov 5, 2024

Any info?

@royduin royduin merged commit b149cc0 into 2.x Nov 6, 2024
12 of 15 checks passed
@royduin royduin deleted the feature/password-check branch November 6, 2024 14:01
royduin pushed a commit that referenced this pull request Nov 13, 2024
@Jade-GG
Revert #613 (#638)
308e609
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@indykoning indykoning indykoning approved these changes

@jordythevulder jordythevulder jordythevulder approved these changes

@royduin royduin Awaiting requested review from royduin royduin is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Jade-GG @royduin @indykoning @jordythevulder