PLEASE READ ALL REQUIREMENTS CAREFULLY BEFORE RESPONDING. YOU MUST INCLUDE A BID FOR CONDIDERATION.
Super Orders is an order management module for Zen Cart. I need an estimate to modify this mod..
Additionally there are two other mods who have super_orders.php pages to allow them to work with Super Orders (Fast & Easy Checkout, FedEx Labels). I need those super_orders.php pages to be merged with the main super_orders.php from the mod so that I have a consolidated super_orders.php page which works with the other two add-ons.
=====================================================================
Super Orders provides improved functionality that store owners want/need for improved order management.. It improves on the stock Zen Cart orders.php, but from my perspective I would submit that there are some usability/functional features I’d like to see improved out the box.. For example:
1. The order list display truncates the shipping method. I found fixes for a similar issue with the invoice and packing list, but the fix I applied for correcting the order list display did not work (my commented code is easy to locate)
2. For orders paid with Paypal, Authorize.net (and probably Linkpoint as well) the store owner should not be required to manually enter the payment in Super Orders. Super Orders should show these orders as paid without requiring the store owner to enter the payment manually.
3. Edit orders features need to be re-worked. Edit orders allows you to split part of an order off into a new order. (handy feature if items have to be packaged and shipped seperately or if some order items are drop shipped from the mfg) However, it does not correctly re-calculate the “source order” or the new (split) order created.
Super Orders should correctly re-calculate BOTH the source order and the split order when an order is split (paid or not).
If an order is paid in full, the calculation will distribute the payment correctly across both orders so that you end up with two fully paid orders. (The process should recalculate the orders so that they true up to the amount of the original order amount.)
Partially paid orders will have the payment applied to the source order. In the event that the amount of the source order exceeds the amount of the payment, the balance of the payment received will be applied to the split order. (The process should recalculate the orders so that they true up to the amount of the original order amount.)
Unpaid orders are split and recalculated so that they true up to the original order amount.
Display the original payment information from the “source order” on the split order. This display should make it clear on both orders that the order was paid and display original method of payment, original date of payment, original grand total paid. Perhaps this could be handled using a “split order payment” note which is only appended to the order notes on both orders when an order is split. Like other order notes in Super Orders, the store owner shall be able to decide whether to notify the customer or not, though the default for these “split order payment” notes should be set to NOT notify the customer.
4. Split order packing list needs to be re-worked. The split order packing list button should appear ONLY when the order is either the “source order” or the resulting split order — otherwise it should NOT display.. (Currently it displays on EVERY order where the order includes multiple items)
5. The split packing list details should be re-worked. The split packing list for the source order should display the FULL original order with the items that were split off from the source order flagged as “Product(s) will ship separately”. The split order packing list should display the FULL original order with the items that remained on the source order flagged as “Product(s) will ship separately”.
6. Under the “Close Order” area: When clicking the “Completed” button the order status should also update to a status that indicates the order is complete. Currently the store owner must first update the status, then mark the order complete. IMO, this should be ONE step.
7. Under the “Close Order” area: When clicking the “Cancelled” button the order status should also update to a status that indicates the order is cancelled. Currently the store owner must first update the status, then mark the order cancelled. IMO, this should be ONE step.
8. “Edit Status History” allows store owners to edit previously entered comments. This editing should be limited to store admin comments that were NOT sent/copied to the customer. (Edited customer notes show up in the customer’s account history, but the customer is not notified that the notes were modified — this is an audit control issue)
9. Enter Payment function – If you check the “Notify the customer?” checkbox, the customer is notified. However, the “Status History” for the order indicates that the customer was not notified. Flag need to be fixed to accurately reflect the correct customer notification status.
10. Enter Purchase Order function – Same issue as item 6.
11. Batch Printing function – When no orders are selected, the error message should be a user friendly on-screen error message versus the very unfriendly message it shows now (which scares end-users): “Warning: Invalid argument supplied for foreach() in /home/content/o/v/e/overthehill/html/testsite.overthehillweb.com/zentest1/admin/super_batch_forms.php on line 341
Error: No orders selected!”
12. Batch Status Updating throws errors when you search for orders using the following options:
= (equals)
< (less than)
Error messages:
“1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ”50′ ORDER BY o.orders_id DESC’ at line 4
in:
[SELECT o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.order_total, s.orders_status_name FROM zen_orders o LEFT JOIN zen_orders_status s ON o.orders_status = s.orders_status_id WHERE s.language_id = '1' AND o.order_total '50' ORDER BY o.orders_id DESC]
If you were entering information, press the BACK button in your browser and re-check the information you had entered to be sure you left no blank fields.”
“1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘== ’13′ ORDER BY o.orders_id DESC’ at line 4
in:
[SELECT o.orders_id, o.customers_id, o.customers_name, o.payment_method, o.date_purchased, o.order_total, s.orders_status_name FROM zen_orders o LEFT JOIN zen_orders_status s ON o.orders_status = s.orders_status_id WHERE s.language_id = '1' AND o.order_total == '13' ORDER BY o.orders_id DESC]
If you were entering information, press the BACK button in your browser and re-check the information you had entered to be sure you left no blank fields.”
13. Lastly the apps security is using some outdated methods. While securing the admin following the recommended steps by the ZenCart development team will likely address most of these concerns, to do this right the security issues in Super Orders should be addressed.
Here’s some examples of the security flaws with this add-on
“once upon a time the creators of super orders decided that they wouldn’t filter any data going into the database so on a batch they would go “SHOW ORDERS WITH A VALUE <= 200″ and they have in that select box “<=”.”
“not only are there the XSS problems but there is also the possiblity that a malicious customer could inject code into the database from something like the payment details field combined with another module, because super orders does not do any filtering of the data it looks for in the database”
=====================================================================
The latest version of Super Orders has been attached to this proposal.
http://www.zen-cart.com/index.php?main_page=product_contrib_info&products_id=257
The super_orders.php and super_packinglist.php files which apply to the Fast & Easy Checkout, FedEx Labels mods are also included.
