knifeman

I have the need for this add on in my 2.2 store:
http://addons.oscommerce.com/info/4783

One part of the instructions is a little unclear to me. My file orders.php is already modified If anyone knows where to place this code, i would greatly appreciate it. I have the add on working in customers.php, but rarely use that. I need it working in orders.php.

On line 375 change:
?>
to the following:
### begin customer notes ###
   $ias_notes_marker = false;
   $ias_notes_mark = tep_db_query("SELECT customers_notes_id FROM customers_notes WHERE customers_id = ".$orders['customers_id']);
   if(tep_db_num_rows($ias_notes_mark)) $ias_notes_marker = true;
?>

I really wish the author had pointed to more than just a single ?>
My file is modified and I have no idea where to place the above code.

Tim

Our latest PCI scan says the site allows non ssl on forms. They reference the download folder from our site.
Since we do not do downloads, can we move this folder above the root directory or even delete it entirely?

Tim

we are using this payment module to connect to Sage Payments
http://sage-osc.com/module1.php

After awhile of using this module, I found out that there is a slight problem.
If a customer enters an address like this:
512 Mary's Way

The address sent to Sage is this:
512 Mary/'s Way

That slash messes up the Sage website when it is time to settle our batch. I can post some code if need be, but I am unsure of where to begin preventing the slashes.

Can anyone point me in the right direction?

Tim


This is what I believe to be pertinent code from includes/payment/modules...

//Sets the order number and hidden fields
	function process_button() {
	  global $_POST, $order;
   //assigns an orderID
   $query = tep_db_query("select * from " . TABLE_ORDERS . " order by orders_id desc limit 1");
	$last_order_id = tep_db_fetch_array($query);
	$new_order_id = $last_order_id['orders_id'];
	$new_order_id = ($new_order_id + 1);
 
	   $process_button_string =
							   tep_draw_hidden_field('M_id', MODULE_PAYMENT_NET1_MERCHANT_ID) .
							   tep_draw_hidden_field('M_key', MODULE_PAYMENT_NET1_MERCHANT_KEY) .
							   tep_draw_hidden_field('T_amt', number_format($order->info['total'], 2)) .
							   tep_draw_hidden_field('T_ordernum', $new_order_id) .
							   tep_draw_hidden_field('C_cardnumber', $this->cc_card_number) .
							   tep_draw_hidden_field('C_exp', $this->cc_expiry_month . substr($this->cc_expiry_year, -2)) .
							   tep_draw_hidden_field('C_name', $order->billing['firstname'] . ' ' . $order->billing['lastname']) .
							   tep_draw_hidden_field('C_address', $order->billing['street_address']) .
							   tep_draw_hidden_field('C_city', $order->billing['city']) .
							   tep_draw_hidden_field('C_state', $order->billing['state']) .
							   tep_draw_hidden_field('C_zip', $order->billing['postcode']) .
							   tep_draw_hidden_field('C_email', $order->billing['email']) .
							   tep_draw_hidden_field('C_cvv', $_POST['net1_cc_cvv']) .
							   tep_draw_hidden_field('T_code', "02");
  return $process_button_string;
 
	}//end process_button
	function before_process() {
	   global $_POST;
	   $eftsecure_url = 'https://xxxxxxx.net/cgi-bin/eftBankcard.dll?transaction';
  //should be set from the admin panel
	$data = "M_id=" . MODULE_PAYMENT_NET1_MERCHANT_ID;  //merchant id
  $data .= "&M_key=" . MODULE_PAYMENT_NET1_MERCHANT_KEY;  //merchant key
  /*Encode data to be sent.
  This stuff was grabbed from the earlier creation of
  the process_button_string (those little hidden input fields)
  */
  $data .= "&T_amt=" . urlencode( $_POST['T_amt'] );
  $data .= "&C_name=" . urlencode( $_POST['C_name'] );
  $data .= "&C_address=" . urlencode( $_POST['C_address'] );
  $data .= "&C_city=" . urlencode( $_POST['C_city'] );
  $data .= "&C_state=" . urlencode( $_POST['C_state'] );
  $data .= "&C_zip=" . urlencode( $_POST['C_zip'] );
  $data .= "&C_email=" . urlencode( $_POST['C_email'] );
  $data .= "&C_cardnumber=" . urlencode( $_POST['C_cardnumber'] );
  $data .= "&C_exp=" . urlencode( $_POST['C_exp'] );
  $data .= "&T_code=02";  //transaction type indicator
  //curl procedures
  $ch = curl_init(); //initialize the CURL library.
  curl_setopt($ch, CURLOPT_URL, $eftsecure_url); // set the URL to post to.
  curl_setopt($ch, CURLOPT_POST, 1); // tell it to POST not GET (you can GET but POST is //preferred)
  curl_setopt($ch, CURLOPT_POSTFIELDS, $data); // set the data to be posted.
  /* this tells the library to return the
   data to you instead of writing it to a file */
   curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
  $res = curl_exec($ch); // make the post.
  curl_close($ch); // shut down the curl library.

I know there are tons of threads on this subject, but i just cannot get it right.

I want to add my customer name right above the STORE NAME in the confirmation e-mail. Preferably first and last name. I am making my attempts with just the last name right now. My first few tries gave fatal errors. After much searching, I came up with this:

// lets start with the email confirmation
  $email_order .= tep_db_output($order->customer['lastname']) . "\n\n";
  $email_order = STORE_NAME . "\n" .
				 EMAIL_SEPARATOR . "\n" .

No error with this, but no text either. Can someone please show me how this should be done?

Tim

I have this thumbnailer installed:
http://addons.oscommerce.com/info/2872

After upgrading to php 5.3.6 my modified and secured MS2.2 site broke.

After creating a new product and entering the image path, I click preview.
All I get is a 404 error page. Has anyone seen this or have a fix?
Simply updating a product is fine, but trying to add a new image causes the error.

Tim