Jump to content


Member Since 29 Dec 2005
OFFLINE Last Active Yesterday, 14:26

#1754874 Who in the EU has heard of GDPR and will it affect you

Posted by MrPhil on 20 March 2017 - 12:49

Sure, bureaucrats can spend the day fantasizing new rules in order to justify their existence (big complaint here, too, which is a major reason President Doofus, er, Trump, is in the White House). If you're a small business, do those things which are common sense and practical and fair, and ignore the rest which are an unreasonable burden to you. If you're small enough, they probably won't bother you. If they do, you can get a lot of public sympathy and support by pointing out that you are being quite reasonable -- and they're not.

#1754723 Who in the EU has heard of GDPR and will it affect you

Posted by MrPhil on 16 March 2017 - 12:30

when we leave the EU we will still need to comply with the regulations as the EU has made it worldwide somehow.

Easy there! If you do business in the EU, and therefore handle the data of EU citizens, this applies to you. If you are located outside the EU, and are dealing with non-EU citizens' data, it doesn't apply to you. If you need to implement anything new to meet GDPR, it should be a superset of data-protection requirements anywhere else in the world, and you can handle everything the same way. Now, if you're physically located outside the EU, I doubt they'll have much leverage with you, even when dealing with EU citizens. If you're a small shop, and make a reasonable effort to protect personal data, frankly I doubt they'll bother coming after you. They've got bigger fish to fry with Amazon, Google, etc.

Has any store owner seen a sensible easy to understand website that explains how this may affect store owners, or like me have you never heard about this until now.

From a very quick scan of the Wikipedia article, it sounds like mostly common-sense data protections. I don't see anything that says the Data Protection Officer has to be a discrete person -- it can be another hat you wear (president, web guru, shipping clerk, bottle washer, DPO,...). People can request that their data be moved to another system, which is not applicable if you don't run elsewhere (what are they trying to accomplish here?). People can request to be forgotten (you erase their account information upon request, where that doesn't conflict with statutory data retention requirements or good accounting principles). Data breaches have to be reported to the appropriate authority. Customers have to explicitly consent to having data collected (it should be enough to add "By providing this information, you are consenting to our collecting it" to registration and PWA pages), and there are restrictions on collecting information from children. There are some privacy provisions which anyone handling personal data should already be implementing, at least for the type of data an online shop would hold. There may be some extra i-dotting and t-crossing to be done, but what else is new?

#1754635 Ultimate SEO URLS5

Posted by MrPhil on 15 March 2017 - 00:56

{ and } in a URL Query String are a known problem, and have been discussed quite a bit. Curly braces are banned by a number of hosts as some sort of security issue. I don't know what the official replacement will be for this syntax.

#1753877 Errors - persistent attempts to access wordpress login

Posted by MrPhil on 27 February 2017 - 15:25

Yeah, very common. I don't have WP installed either, but every day my server logs up to a dozen 404s when someone is trying to run wp-login.php. I assume it's more likely for spamming purposes than hacking. I add them to my IP Deny list (.htaccess). I just wish it were possible to send some VX nerve gas back down the line, or maybe a 100 Megavolt shock (as these are probably bots rather than humans at the other end).

#1753517 OSC 2.3.4 not working on PHP5.6 / MySQL 5.6 After Updates

Posted by MrPhil on 19 February 2017 - 19:52

A Pimp version? Does it come with a very wide-brimmed hat with a big ostrich feather?  :)

#1753513 What happened to responsive OsCommerce?

Posted by MrPhil on 19 February 2017 - 14:48

Well, that's an interesting definition of "troll". If that's the definition in this day and age of Trumpian alternative facts, then I'm proud to wear the label "troll". Don't expect to ever get any help from me again. I tried to be helpful, useful, and above all, professional in what I said, and you're having a hissy fit. Good bye.

#1753308 Think With Google

Posted by MrPhil on 14 February 2017 - 19:59

I'm not proposing to 'abuse' the alt= attribute for SEO. I try to put reasonable text in it that, when read by a screen reader, will be a good description of the image. After that, I try to naturally include a keyword or two that helps the description and might help a bit with SEO.

#1753147 What happened to responsive OsCommerce?

Posted by MrPhil on 09 February 2017 - 14:27

Thanks to no one but myself!



With a Trump-sized ego like that, don't be surprised if you don't get a lot of enthusiastic help on this forum.

#1753113 Can't turn on SSL

Posted by MrPhil on 07 February 2017 - 14:52

Remember that %{HTTP_HOST} is the domain that the visitor typed in to their browser, not necessarily your desired format (with or without www). It's best to explicitly give the desired domain in the rewrite rule, rather than using %{HTTP_HOST}. Also, the sooner you give the desired protocol (http or https) and domain name, the fewer 301 redirects you'll have to do later, which makes search engines happier.

#1752892 HTTP Error 500 for for my terminal payment return file

Posted by MrPhil on 31 January 2017 - 14:11

I think the module you listed may need updating. It queries whether register globals are in use. Register globals have been deprecated for a long time, and as of PHP 5.5 or so, completely removed, so even querying whether they're enabled might break PHP 5.5+.


Try this: find the lines

if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {



and change it to

// if ( ($session_started == true) && (PHP_VERSION >= 4.3) && function_exists('ini_get') && (ini_get('register_globals') == false) ) {
if ($session_started == true) {



See if that improves matters. So long as you're on PHP 5.5+, and register global variables are disabled, I think it will work.

#1752753 Redirect all product pages of a category to a page

Posted by MrPhil on 28 January 2017 - 14:23

If you can determine something common for the URIs of all these pages in question (such as a category name or number), you should be able to have a single redirection in .htaccess. It will depend on if you're using some sort of SEO, etc. If these pages' URIs share something in common with other pages (you don't want redirected), you would have to add check(s) in .htaccess to exclude those other pages. It should be possible. Also decide if you want this to be permanent, or just temporary, and whether you want visitors to see the new address.

#1752344 oscommerce "official 2.3.5" version

Posted by MrPhil on 19 January 2017 - 15:40

A bug-fix version of 2.3.4, to be called 2.3.5, is supposedly on the way, although nothing seems to have been released yet. Note that this is not responsive and is not a rebadged 2.3.4BS! I would not wait for 2.3.5, but would go to 2.3.4BS Edge instead. At least it's actually out there...

#1752251 Database synchronization

Posted by MrPhil on 16 January 2017 - 16:39

I recall that the issue of keeping the osC online store database in synch with a brick-and-mortar store (or other, such as selling on eBay) database has been discussed a number of times. You might want to look through those discussions to see if there's anything useful there. The basic problem is that osC is architected to think that it owns the whole thing, and there is no clean and easy way to let it know that others are selling out of the same inventory (or tell others that osC has sold something). Unless you can bend one or the other system to share the same database (or at least, the same inventory table), you will have to resort to various kludges to synch up separate databases. One is for the osC database to trigger a notice to the other system whenever the inventory changes. Another is to have the other system read the sales confirmation emails that osC sends out, and post to the its database. In either case, you still have to deal with going in the other direction. For that, something like Easy Populate might be the easiest solution.


Unless you can get everyone to play in the same inventory database, you will always have the risk of overselling (running out of inventory) in the time slice between database updates. This is especially a problem with a physical store, where merchandise can be taken out of storage and put on display, and someone forgets to keep all the databases in synch. One solution is to physically separate inventories (in the warehouse), and allow transfer between stores only under strict rules. This way, one store or the other might temporarily run out of inventory, resulting in a lost sale, but merchandise can be moved from one side to the other fairly quickly.

#1751701 Dashboards

Posted by MrPhil on 30 December 2016 - 15:57

I take it you mean a dashboard with various modules telling you about certain things, all in one place. I think most stores would like to see a summary of inventory issues... what is out, what is low, etc. Potential customer issues of long time waiting for payment (or clearing payment) before shipping... what's going on there? Downloads awaiting payment completion... anything excessively long, indicating a problem? A major change in value or destination of orders or kinds of payment... perhaps indicating some organized attempt to rip you off (although detecting such a thing would require some major data analysis). Any kind of automated SEO analysis or search engine rankings, just to let you know if things are going off the rails, SEO-wise. If you have some sort of automated delivery tracking, a report on shipments that have been too long undelivered would be useful.


A dashboard should really only show the most important things, on a single page, as the idea is to spot problems quickly (lost sales, fraud problems, things that would make a customer unhappy). You should have the ability to drill down into the data in order to analyze it, but don't clutter up your dashboard with so much data that you can't spot the most important things right away. There are things that really don't belong on a dashboard, but are Big Data analyses: trends in sales, search logs, cross-selling and up-selling opportunities, etc. Save the dashboard for immediate mission-critical stuff, like the warning lights on your car's instrument panel.

#1751637 .htaccess redirect

Posted by MrPhil on 27 December 2016 - 22:44

It makes no sense to rewrite to /catalog when you're already in /catalog! Note that "/catalog" won't be seen in the URI when you're already in /catalog. I'm kind of surprised that you didn't get into a loop. You would have the rewrite to /catalog only in the root .htaccess.


Unless there is some reason that you want a non-www domain for other parts of your site, or https only for the shop, those should be moved into the root .htaccess. Note that if you redirect non-www to www with http:, and then http: to https: (both 301s), you'll get two separate 301 redirects. That is inefficient (slow) and search engines may slap you. But it's legal, if it's easier for you to keep them as separate rules. I haven't looked into it, but I think it may be possible to omit the [L] flag, and at the end of the 301 section, do a test of the current status flag to see if it's 301, and if so, do just one combined redirect. Has anyone tried this sort of thing before? There's a reason that .htaccess and rewriting/redirecting are considered voodoo!


/catalog/.htaccess should contain entries only applicable to osCommerce, such as SEO handling. Entries common to the whole site (add/remove www, force https, move / to /catalog, etc.) would go in the root. I also recommend doing 301s first, and 200s after, so the visitor doesn't see the /catalog jump on any of the 301s.