I have an osCommerce site that has been running for almost 3 years. About 6 months ago I had an SQL injection and found a guy who repaired the problem but since then there has been an error message every time a customer uses a discount code in conjunction with Paypal. The guy that created this problem can't fix it. The error message is:
insert into discount_coupons_to_orders (coupons_id, orders_id) values ('discountcode', '')
and happens at the checkout success URL. When this occurs, the customer is not redirected to my store, I don't get an order confirmation and the item(s) remain in the cart. I do get payment.