justin/new-site
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix $0 checkout bypass: remove nonexistent status column

Browse source 
compliance_orders has payment_status, not status.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
justin 2026-05-22 00:36:15 -05:00
parent 6d441a5cc0
commit 7909f130c6
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/src/routes/checkout.ts
View file

@ -894,7 +894,7 @@ router.post("/api/v1/checkout/create-session", async (req, res) => {
if (zt) {
const whereCol = order_type === "compliance_batch" ? "batch_id" : "order_number";
await pool.query(
`UPDATE ${zt} SET payment_status = 'paid', payment_method = 'free', status = 'pending', surcharge_cents = 0, surcharge_pct = 0 WHERE ${whereCol} = $1`,
`UPDATE ${zt} SET payment_status = 'paid', payment_method = 'free', surcharge_cents = 0, surcharge_pct = 0 WHERE ${whereCol} = $1`,
[order_id],
);
}