I had a very honest user inform me that he was granted 3 times the amount of time for the subscription. He subscribed for a month and got 3 months.
In looking at the records, I noticed that he had three entries receipt entries all create dwithin seconds of eachother.
I did a little query to find out how many other people may have gotten free months and I discovered that about 26 people, resulting in 39 free months were given outerroneously.
Here is the SQL that should tell you if you have also been hit. You can run this from the host>sql menu
select UserID, ProcessorTxID, Count(ProcessorTxID) from DnnForge_SubscriptionTools_Receipt r
group by UserID, ProcessorTxID
having count(ProcessorTxID) > 1
The last column is the number of grants for a role were given for a single sale. The query only show those with two or more.
It relies on the fact that paypal gives a unique ID per transaction and therefore the ProcessorTxID should never result in more than one completed receipt.
It is my belief that because the receipts have no way to associate themselves with an order, they can never know if they have been fulfilled and therefore some code is allowed to grant multiple role updates.
I have not been able to duplicate this on demand however and it seems to be fairly rare. I do know how the system might create multiple orders, but in the case of the user reporting this, he only had a single order entry.
Please makethe recepits tie into a unique ProcessorTxID as the trigger for the role grant. If the ProcessorTxID it should grant a role.
|