We have a big glitch in our website using oscommerce.

Orders from various statuses including Pending Payment, Shipped and Pending have all or mostly moved to "Fully or Partially Refunded". Over the phone with Westhost we tried repairing the tables but it did nothing.

When I look at some of the orders that are appearing under "fully or partially refunded", although they are in there, their status is something else - this is totally bizarre and this is a live store.

Can anyone please help?

I assume you are also asking and checking over at the osCommerce site but thought I would mention it just in case you had not. I am not familiar enough with the program to be of help and not sure if there are that many others here who use it.


P.S. Do you connect into PayPal or another service that sends info back to your site when a payment is made? That may be an area to look at... perhaps there is some type of glitch in that area where the info sent from them is messing things up. Also as always try to think of what you may have change just recently with the site or program.

Hi, yes I posted there but the only suggestion seemed to come from someone promoting his own contributions because he said it sounds like I've been hacked.

Who would hack the website just to make a bunch of orders show as refunded? Makes no sense.

It seems to be some sort of database or technical glitch because although the orders can be found under refunded.. they don't actually have that status.

Other than that, the oscommerce forums are a place where you beg for answers and rarely get a response.

Just to add to the above, I haven't made changes for months and these orders were not Pay Pal orders, they were a variety of payment methods and such so I don't think it's related to that either unfortunately.

Did you install this through Site Manager? The reason I ask that is perhaps it has to do more with the php files and code then does with the database itself. If that is the case then uploading clean php files might help. I can't remember... how much do you know about php?

You said that they show up under refund but do not have that status? Is this in the admin area? Can you determine which of the php files are accessed when you see this and upload clean copies of them?

Hope some of that makes sense.

I just had a look at an copy of the files I have on my computer... they from version 2.2 I think... and it looks like you may be looking at orders.php and orders_status.php in admin directory. When you see the problem do one of those show up in the url?

I have to sign off now but well check back in the morning. There are other files that could be involved but that might give us a start.

The false status shows in both the /admin/index.php and the order appears to have the status in orders.php also.. but when you actually click on the order - the last status in history is the true status which is pending or shipped etc

No files have been overwritten for a long time, there's no code change and the database didn't have any errors so this is truly weird.

It might be the guy at osCommerce is correct that you where hacked. :( I know it does not seem to make much sense what they did but often hackers just do things to make your life a pain, not to steal something. His addon suggestions seem to be good ones and they are not actually his addons (at least not all of them) that I can tell but other peoples.

The reason the status does not show in the history is because that is a different table of the database then the order itself. You mentioned that with WestHost you tried to use a backup of the database. That did not work or where they unable to get a backup for you?

The question you might want to ask over at the osCommerce forum is if there is anyone who would have code that could check the history table and repair the status in the order table based on the last entry for each order in the history table. Other then that it means you would have to go through each order and manually reset it based on the history you see.

I found out the problem, it is a problem when you refund a pay pal order that has no order in the database connected to it. It turns all non Pay Pal orders to refunded!