258 replies to this topic

[spooks]

tigergirl, on 18 February 2010, 11:32, said:

I just wondered your opinion on whether or not ARR is still required?

That would depend on your site, the additional validation means it needs a more sophisticated robot to pass checks, but they do exist.

On the negative side Capcha checks can annoy & as this means its more likely the visitor is ruturned to correct thier errors you don't want them to have to repeatedly pass the capcha check.

So I would advise you upgrade to the latest Anti Robot Registration Validation, that only requires a visitor to input a valid string once on a page.

[tigergirl]

spooks, on 18 February 2010, 12:56, said:

So I would advise you upgrade to the latest Anti Robot Registration Validation, that only requires a visitor to input a valid string once on a page.

Thanks for your advice. I did notice your updates, will have a look when have time.

Decided to try update to V1.4 on this topic and am having some issues:

1) Say you try to login and have forgotten password, click link "forgotten password", @ is sanitized, re-type @ and submit email address, you get the email but when you are returned to the login page the @ is sanitized again.

I have this string in account_secure:

// Clean post vars	
	function clean_var ($vars) { 
		if (!is_array($vars)) { 	
		return preg_replace("/[^\p{L}\p{M}\w\r@ :{}_.-]/i", "", urldecode($vars)); 
		} else { 	
		return array_map('clean_var', $vars); 
		}
	}	

2) Again, I'm confused about how to integrate with Active Countries Mod because of the way address fields are validated now (V1.1 was fine as I ignored the drop down code and left all Active countries code intact). Do I just leave the Active countries code or is it going to be more complex? It's just that you've deleted a lot of code from many files and my brain got fried again...

3) what was the bug & fix for the "Fixed osC Country edit bug in modules/address_book_details.php." please?

Edited by tigergirl, 18 February 2010, 22:19.

[spooks]

tigergirl, on 18 February 2010, 22:16, said:

1) Say you try to login and have forgotten password, click link "forgotten password", @ is sanitized, re-type @ and submit email address, you get the email but when you are returned to the login page the @ is sanitized again.

Thats an addition I made thats not in the original osC, you have the issue as you have SecurityPro.

To Fix:

In password_forgotten.php AND In login.php

b4

require('includes/functions/account_secure.php');

add:

 if (!isset($_POST['email_address'])) { 
  $_POST['email_address'] = $_GET['email_address']; unset($_GET['email_address']);
 }

Quote

2) Again, I'm confused about how to integrate with Active Countries Mod because of the way address fields are validated now (V1.1 was fine as I ignored the drop down code and left all Active countries code intact). Do I just leave the Active countries code or is it going to be more complex? It's just that you've deleted a lot of code from many files [img]http://forums.oscommerce.com/public/style_emoticons/default/blink.gif[/img] and my brain got fried again

From what I see of Active Countries this already has all the functionality of that, so ignore/remove all its code.

Quote

3) what was the bug & fix for the "Fixed osC Country edit bug in modules/address_book_details.php." please?

As I recal the bug was if you change the country, then submit & there is an error (so you return) it forgets the country u just entered.

[tigergirl]

spooks, on 18 February 2010, 22:51, said:

Thats an addition I made thats not in the original osC, you have the issue as you have SecurityPro.

To Fix:

In password_forgotten.php AND In login.php

b4

require('includes/functions/account_secure.php');

add:

 if (!isset($_POST['email_address'])) { 
 $_POST['email_address'] = $_GET['email_address']; unset($_GET['email_address']);
 }

Thanks, that fixes it. You are always so helpful and to the point which I appreciate. I do notice though that the message "Success: A new password has been sent to your e-mail address." on a green background appears to have a red/ pink background behind/ underneath it that looks like it could be an error but you can only see a milimeter of the colour. (hope that makes sense). What's causing that?

I'll look again at Active Countires which always does my head in!

[spooks]

tigergirl, on 19 February 2010, 11:11, said:

Thanks, that fixes it. You are always so helpful and to the point which I appreciate. I do notice though that the message "Success: A new password has been sent to your e-mail address." on a green background appears to have a red/ pink background behind/ underneath it that looks like it could be an error but you can only see a milimeter of the colour. (hope that makes sense). What's causing that?

I'll look again at Active Countires which always does my head in!

There is a bug in many versions of osC that means it may ignore messages every other time, the work-around is to add:

$messageStack->add_session('login', '', 'none');

prior to the message, but that can mean you may get your issue sometimes.

2 fixes.

1. in this case change line to

$messageStack->add_session('login', '', 'success');

then line will be same colour.

2. Remove that line & hope you don't have the bug!!

[tigergirl]

spooks, on 19 February 2010, 13:37, said:

2. Remove that line & hope you don't have the bug!!

Chose this option as I don't think I do have that bug and all fine there now, cheers. A few other niggles:

1) there is no space between first name & last name (From: SimonStinker) in the email generated with contact_us
2) I like the thinking behind redirecting "checkout" to create account page if not logged in but this creates an extra step for returning customers so maybe a good idea to have a log_in box on create_account? I think there is a mod for that avilable but not really looked, just a suggestion but I'm sure you're busy enough.
3) the included files login.php & checkout_payment_address still contain $HTTP_POST_VARS

I'll re-do the pages that contain Active Countries code, and do some more testing, joy

[spooks]

tigergirl, on 19 February 2010, 18:59, said:

1 yes [img]http://forums.oscommerce.com/public/style_emoticons/default/blush.gif[/img] the tag is getting cleaned.

replace

$name = $account['customers_firstname']." ".$account['customers_lastname'] ;

with

$name = $account['customers_firstname'].' '.$account['customers_lastname'] ;

2. Done already, just not released yet.

[tigergirl]

1)

Quote

replace

$name = $account['customers_firstname']." ".$account['customers_lastname'] ;

with

$name = $account['customers_firstname'].' '.$account['customers_lastname'] ;

Both the above worked but contrib had this which did not work:
" " (why does this get removed from code snippet in forum? odd)

2)

spooks, on 18 February 2010, 22:51, said:

From what I see of Active Countries this already has all the functionality of that, so ignore/remove all its code.

Ha ha, not so easy for me. Active Countries still frying my brain. In create_account I'm struggling with this as you've moved it to address_fields:

<?php
 if (ACCOUNT_STATE == 'true') {
?>
 	<tr>
 	<td class="main"><?php echo ENTRY_STATE; ?></td>
 	<td class="main">
<?php
	//-MS- Added Active Countries
	if ($process == true) {
 	if ($entry_state_has_zones == true) {
 	$zones_array = array();
 	$zones_array = array(array('id' => '', 'text' => PULL_DOWN_DEFAULT));
 	$zones_query = tep_db_query("select zone_id, zone_name from " . TABLE_ZONES . " where zone_status='1' and zone_country_id = '" . (int)$country . "' order by zone_name");
 	while ($zones_values = tep_db_fetch_array($zones_query)) {
 	$zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_name']);
 	}
 	echo tep_draw_pull_down_menu('state', $zones_array);
 	} else {
 	$zones_array = array();
 	$zones_array = array(array('id' => '', 'text' => PULL_DOWN_DEFAULT));
 	$zones_query = tep_db_query("select zone_id, zone_name from " . TABLE_ZONES . " where zone_status='1' order by zone_name");
 	while ($zones_values = tep_db_fetch_array($zones_query)) {
 	$zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_name']);
 	}
 	echo tep_draw_pull_down_menu('state', $zones_array);
 	}
	} else {
 	$zones_array = array();
 	$zones_array = array(array('id' => '', 'text' => PULL_DOWN_DEFAULT));
 	$zones_query = tep_db_query("select zone_id, zone_name from " . TABLE_ZONES . " where zone_status='1' and zone_country_id = '" . (int)$country . "' order by zone_name");
 	while ($zones_values = tep_db_fetch_array($zones_query)) {
 	$zones_array[] = array('id' => $zones_values['zone_id'], 'text' => $zones_values['zone_name']);
 	}
 	echo tep_draw_pull_down_menu('state', $zones_array);
	}
//-MS- Added Active Countries EOM

	if (tep_not_null(ENTRY_STATE_TEXT)) echo '&nbsp;<span class="inputRequirement">' . ENTRY_STATE_TEXT;
?>
 	</td>
 	</tr> 	
<?php
 }
?>
<tr>
 	<td class="main"><?php echo ENTRY_POST_CODE; ?></td>
 	<td class="main"><?php echo tep_draw_input_field('postcode') . '&nbsp;' . (tep_not_null(ENTRY_POST_CODE_TEXT) ? '<span class="inputRequirement">' . ENTRY_POST_CODE_TEXT . '</span>': ''); ?></td>
 	</tr>
 	<tr>
 	<td class="main"><?php echo ENTRY_COUNTRY; ?></td>
 	<td class="main"><b><?php echo ($tmp_object = tep_get_country_active_list('country', $country, 'onChange="this.form.submit();"')) . tep_draw_hidden_field('country_old', $country) . ' ' . (is_array($tmp_object) ? '<span class="inputRequirement">' . ENTRY_COUNTRY_TEXT . '</span>': ''); ?></b></td>
 	</tr>
 	</table></td>

How do I integrate it into address_fields?

case 'state':
					if (ACCOUNT_STATE == 'true') {
						echo sprintf($field, ENTRY_STATE, '<div id="states">' . ajax_get_zones_html($country,($zone_id ? $zone_id : ($entry['entry_zone_id'] ? $entry['entry_zone_id'] : $entry['entry_state'])),false) . '</div>');
 					}
				break;
						
				case 'postcode':	
					echo sprintf($field, ENTRY_POST_CODE, tep_draw_input_field('postcode', $entry['entry_postcode'], ' maxlength="10"') . '&nbsp;' . (tep_not_null(ENTRY_POST_CODE_TEXT) ? '<span class="inputRequirement">' . ENTRY_POST_CODE_TEXT . '</span>': ''));
				break;
						
				case 'country':
					echo sprintf($field, ENTRY_COUNTRY, tep_get_country_list('country',$country, 'onChange="getStates(this.value, \'states\');"') . '&nbsp;' . (tep_not_null(ENTRY_COUNTRY_TEXT) ? '<span class="inputRequirement">' . ENTRY_COUNTRY_TEXT . '</span>': '') . '<a href="javascript:void(0);" title="'.$country.'">&nbsp;</a>');
				break;	

3)
I'm thinking I don't need AJAX code as active countries is dealing with state & country, is that right? If I had a towel here I'd be chucking it. And I can't believe I'm wanting to update Active Countries when it's not even supported by original writer.... arrggghhh

4)
no phone number is sent with contact_us, I'm not bothered as I don't phone people, but just for others who may want it to work.

[spooks]

tigergirl, on 20 February 2010, 21:01, said:

1. Yes I posted " " but the forum removed it!!

2. ajax_get_zones_html does what your Active Countries is doing, so you don't need any Active Countries code. Did'nt I say that b4??

3. Yes the tep_draw hidden is missing echo, oops!!

[tigergirl]

spooks, on 20 February 2010, 21:13, said:

1. Yes I posted " " but the forum removed it!!

2. ajax_get_zones_html does what your Active Countries is doing, so you don't need any Active Countries code. Did'nt I say that b4??

3. Yes the tep_draw hidden is missing echo, oops!!

1) " " must be sanitized, more like another forum bug but not good
2) yes you did, maybe I'm making it seem harder than it is - I thought I did remove it initially but the counrty field was missing, I'll try again.

will take a look tomorrow as my wine is getting warm.

[sarafina]

I was under the impression that this mod also allowed you to purchase without account.

Now when I click on checkout it brings me to domain.com/create_account.php - essentially forcing me to create an account in order to proceed and no longer giving me the option to login or create an account like before.

Is there anyway to test this mod to ensure I have done it correctly?

Edited by sarafina, 23 February 2010, 15:50.

[tigergirl]

sarafina, on 23 February 2010, 15:48, said:

Now when I click on checkout it brings me to domain.com/create_account.php - no longer giving me the option to login or create an account like before.

the redirection is due to the changes made to checkout_shipping see this post and Sam's reply.

Sam,
have been looking at this too and I think this change is better for new customers but makes it worse for a returning customer who may have a saved shopping basket who can't then make use of the checkout link - they have to use the "my account" link to log in. Maybe best to leave it where it was? or only do this if logged in and nothing in cart (which i think is what it did before?)

// moved up as makes more sense, if there is nothing in the customers cart, redirect them to the shopping cart page
 if ($cart->count_contents() < 1) {
	tep_redirect(tep_href_link(FILENAME_SHOPPING_CART));
 }

Edited by tigergirl, 23 February 2010, 16:26.

[spooks]

sarafina, on 23 February 2010, 15:48, said:

Now when I click on checkout it brings me to domain.com/create_account.php - essentially forcing me to create an account in order to proceed and no longer giving me the option to login or create an account like before.

Remember purchase without account is actually a misnoma, since you must still get the details for delivery etc, which is the same as creating the account, so with this, if you turn off the password input option and remove anything you don't really nead in the admin-> customer details, then thats what they get to do, as part of the checkout process.

The next update will have a login section on the create account page.

This also resolves another issue with the old PWA, that of order tracking failing due to the created fake accounts.

[tigergirl]

Hi Sam,
I've been having another shot at the create_account with Active Countries/ Anti-Robot Registration. I'm sort of thinking that whilst your mod is fab it's just too different from the original osc set-up on the address pages and I'm worried if I ever get this page working with my heavily moded page I won't easily be able to alter other things I may later want to change.

I'm uncomfortable/ unfamiliar with Ajax and that the address fields are separated onto a different module page and that part has gone way too complicated. I've spent too long on this already

All I really want is to:
1) ensure the pages are secure (account_secure deals with that)
2) have the first letters caitalized (for lazy customers)
3) have the postcodes correctly displayed/ capitalized (for lazy customers)
4) utilise the PWA

I've been trying various combinations and just can't work it out as my starting page is too different from yours. I hate when people post whole files that go on for ever so I won't unless you wish to see it. I don't even know what I want to ask anymore with my deep fried brain.

[spooks]

tigergirl, on 23 February 2010, 21:01, said:

.

The modular concept is one that is used throughout osC, just not in the account pages fo some odd reason, if you look through the default pages you will see the same code repeated over & over, with just minor variations, ie a perfect case fore using a module (ie a snippit that contains the 'common' code).

The address module I've created, while quite different in code terms, does exactly the same as the reapeated address fields in the original, its re-written for efficiency & to make re-organising same fields easy, but you do'nt need to worry what it does or how, its just called in place of all the old address fields.

Re zones:

All u basically need do is look for the code starting:

<tr>
            	<td class="main"><?php echo ENTRY_STREET_ADDRESS; ?></td>

to where that section ends with:

  	<td class="main"><?php echo tep_get_country_list('country') . '&nbsp;' . (tep_not_null(ENTRY_COUNTRY_TEXT) ? '<span class="inputRequirement">' . ENTRY_COUNTRY_TEXT . '</span>': ''); ?></td>
          	</tr>

and replace that whole lot with:

<!-- anti-hacker account -->
   	<?php 
   	include(DIR_WS_MODULES . 'address_fields.php');
   	?>
<!-- EOF anti-hacker account -->

that would then include most, if not all your active counties stuff


PS, have u tried using a file compare tool, often the easiest way.

Edited by spooks, 23 February 2010, 23:08.

[spooks]

Uploaded new version 1.5

• Added option for a login field on create account as checkout goes to create account if not logged in.
• Changed the PWA logic slightly, if the visitor clicks on account without adding to cart the password fields will appear as before (even with no password enabled), as its assumed they want to create an account.
• Fixed issue with cleaned chars by SecurityPro in login.php & password_forgotten.php.
• Fixed minor bug in ajax.php
• Fixed Contact Us bugs with name space & phone field.

Changed files:

account_secure.php, login.php, password_forgotten.php, create_account.php, contact_us.php, ajax.php

UPGRADING

If your upgading from any previous version, replace all the changed files listed in the Version History or modify your existing by comparing with the new versions.


Keep your site & data safe. [img]http://forums.oscommerce.com/public/style_emoticons/default/smile.gif[/img]

Edited by spooks, 24 February 2010, 01:41.

[tigergirl]

Hi Sam,
thanks for the updated V1.5. All this is to do with create_account

1) Still can't get it to work with Active Countires - my countries drop down is missing
2) How do I make the log-in box 50% wide and to right side of page? I am cr*p at tables.
3) log-in box border is thicker than other borders.
4) if you input the wrong password, you get rediredcted to login page - would be better to keep them on create_account?
5) email address isn't stored in fields and passed from page to page if password forgotten (like your nice mod to login in V1.4).
6) definitions missing in inc/lang/eng/create_account.php for:

define('HEADING_RETURNING_CUSTOMER', 'Returning Customer - Please Login');
define('TEXT_PASSWORD_FORGOTTEN', 'Forgotten Password? Click here.');

7) I can't for the life of me find the text definition to change the heading "Customer Details" above the box where name and email is input.....feel like a blind newby!
8) previously, my titles were on one line, now they are split onto 2 making it messy looking and harder to read:
Password Confirmation
=
Password
Confirmation

9) I'm not getting a tick box for PWA

My poor mushed up brain.....I hope I've not been sloppy. Just want it to work as it's a nice mod. Not your fault my store is modded heavily.

[spooks]

tigergirl, on 26 February 2010, 11:45, said:

email address isn't stored in fields and passed from page to page if password forgotten (like your nice mod to login in V1.4).

works for me, try using supplied files

sorry, forgot language file changes!! [img]http://forums.oscommerce.com/public/style_emoticons/default/blush.gif[/img]

languages/create_account.php

perhaps you have a narrow page? maybe need to use colspan ?

See notes for PWA, logic, ie enable, add to cart, then click checkout.

[tigergirl]

spooks, on 26 February 2010, 12:06, said:

perhaps you have a narrow page? maybe need to use colspan ?

See notes for PWA, logic, ie enable, add to cart, then click checkout.

I have standard osc files 100% full width screen
PWA - oops, my mistake, must have overwritten the code from V1.4 so have it activated now think I can't see code in create_account now...

Edited by tigergirl, 26 February 2010, 12:29.

[spooks]

tigergirl, on 26 February 2010, 11:45, said:

changes for languages/create_account.php are:

// anti-hacker account
define('EMAIL_PASSWORD', "\n\n" . 'When returning to ' . STORE_NAME . ' you can retrieve your details by logging in with this email address and using the password: ');define('CATEGORY_DETAILS', 'Save my Profile');
define('ENTRY_SAVE_DETAIL', 'Save my details for my next visit');
define('TEXT_ACCOUNT_CREATED', 'Welcome! Your new profile has been successfully created!');
define('HEADING_RETURNING_CUSTOMER', 'Returning Customer');
define('TEXT_PASSWORD_FORGOTTEN', 'Password forgotten? Click here.');
// EOF anti-hacker account

border issue

change

<table border="0" cellspacing="2" cellpadding="2"  class="infoBox" width="100%">

to

<table border="0" cellspacing="1" cellpadding="2"  class="infoBox" width="100%">

your heading issue is firefox only, to move all input boxes to allow more space edit

<?php $colpos = '<tr><td width="100px">' . tep_draw_separator('pixel_trans.gif', '120px', '1') . '</td></tr>'; ?>

increase to 100px to say 140px