Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 11/09/2019 in all areas

  1. 2 points
    JcM Modal reCaptcha Contact V1.0 Phoenix A simple add-on that allows you to replace the stock footer information block with one that has a new simple contact form within a modal with Google reCapture. It also displays the information links in a modal window so customer is never taken away from the page they are on. It’s a simple no core change add-on so just copy files over go to admin and install and setup. Turn off the stock information block. To use the contact form you will need you google site keys. Add the secret key to the mail.php file along with the email address you wish to use. Line 6. $secretKey = 'put your secret key here'; Line 15. $mail_to = "your email here"; Then in the language file add you site key, cm_footer_jcm_modal_information_recaptcha_contact.php Line 75. <div class="g-recaptcha" data-sitekey="put your site key here"></div> That’s it enjoy. Has been tested on Phoenix 1.0.3.0 only. Can be seen working on this custom test site
  2. 1 point
    JcM NavBar Google Translate V1.0 Phoenix A simple add-on that allows you to place the Google translate widget into the navbar on your site. Your customers can now translate your website with a simple click on one of the languages in the drop down list. It’s a simple no core change add-on so just copy files over go to admin and install and set up. That’s it enjoy. Has been tested on Phoenix 1.0.3.0 only.
  3. 1 point
    JcM NavBar Google Translate V1.0 Phoenix A simple add-on that allows you to place the Google translate widget into the navbar on your site. Your customers can now translate your website with a simple click on one of the languages in the drop down list. It’s a simple no core change add-on so just copy files over go to admin and install and set up. That’s it enjoy. Has been tested on Phoenix 1.0.3.0 only.
  4. 1 point
    JcMagpie

    HoneyPot Captcha

    Then you have not applied it correctly. 1) It will stop 99% of all fake accounts made by bot's ( nothing can stop human factory fake accounts) 2) Have installed on about 20 sites that were getting fake account problem has stoped on all sites. So yes it does work. 3) Your customers complain about you keeping them safe ( stupid cutomers no?) Also you can change recpatcha so customer is not required to do anything ( invisable cpatcha) simply pick the one you are happy to work with.
  5. 1 point
    tonymazz

    HoneyPot Captcha

    My screenshot was from the admin side. We automatically send random generated passwords to the client via welcome email and try to collect minimal info at the time of checkout. I thought about the email confirmation email, however over 75% of our clients want to just check out. Any delay in the checkout process can result in a lost sale. So that would not work. I agree with you on this. Should any visitor even be creating an account without an actual purchase to start with? An option in admin could toggle that as an option for those that would. In our case we are not interested in people signing up for a subscription or discounts as some commerce sites do. Perhaps, on the confirmation page the client is offered the opportunity to create an account at the end of the checkout confirmation (admin can set default). So, create_account would not be offered as a standalone, automatic account creation would only occur after a bonafide purchase. And of course the admin would need to be able to create an account from admin side. I will noodle this more.
  6. 1 point
    MITCH70

    [CONTRIBUTION] Sloppy Words Cleaner

    @raiwa Changed in swc_hooks.php if (isset($postcode)) $postcode = $this->RemoveShouting($postcode); to if (isset($postcode)) $postcode = strtoupper($postcode); and works correctly now.
  7. 1 point
    tonymazz

    HoneyPot Captcha

    In my experience, Blacklisting is not the complete answer either. I forgot to mention that some of the IPs used are being spoofed as Bing, Google, PayPal etc. You really do not want the bot to automatically get important IPs blocked out. One time we even had our own server's IP blocked. I since whitelisted those IPs in CSF, however that gives the spoofers a wide open ticket when they use a whitelisted IP. I did do one thing that helped a good bit. In CSF I blocked CC's. In our case we blocked RU, CN, Ukraine. Again this will not help block them if they are spoofing. And this puts a lot of stress on many servers. The list of CIDR's is quite lengthy. I run dedicated servers so the overhead is not as noticeable as it could be on a shared, cloud or other. cables24h, you may want to look at the bad_behavior add-on which automatically blocks IPs via htaccess. It works well, but again if they spoof an important IP for your store, it can be detrimental. I use it, although modded for our needs to prevent certain header requests, user agents and to help block the IPs that are initiating script injections. 'better ask why someone choose your website to "spam"'. - If you are lucky enough to have a successful site, with high ranking, you will eventually get sniffed out by the spambots and scriptkitties. They will find you; especially when you advertise on FB, Google and Bing which brings even more notice to our sites. Another reason: Competitors or BlackHat will sometimes do things like this to cause havoc. These signups create spam to a legit email address. Enough spam reports will get you on the RBL; once there, it takes a lot of effort and time to get removed. Until then an ISP like AOL will block your domain from sending anyone with an aol account any emails. So, Unintended consequences is a real concern for us: if you make it too tight you will either block or alienate your legitimate clients. I try hard to prevent this. I post his info in an effort to corroborate, not insult. I believe there needs to be many approaches to this issue and there is always going to be a workaround by the other side. A constantly evolving problem. @Jack_mcsI will post the details of the next signup. I delete them on the fly so I do not have one at the moment. Any hour though, unfortunately. Thanks again for your work on this project. And all of the others too!
  8. 1 point
    If your store is EDGE, you should use series 2, PWA 3.0 series is for FROZEN: But I saw in your older posts that you have already updated to PWA 3 series. The reviews link has been fixed in PWA 3.0.4: I'm sorry I can not give more specific advice for this combination of EDGE and PWA 3.0. Please try to apply the above included fix or update to the latest series 3 verion: 3.0.5.
  9. 1 point
    JcM footer Open Street Map V1.2 Phoenix A simple add-on that allows you to place a Open Street Map into the footer. It’s a simple no core change add-on so just copy files over go to admin and install and set up.
  10. 1 point
    JcM footer Open Street Map V1.2 Phoenix A simple add-on that allows you to place a Open Street Map into the footer. It’s a simple no core change add-on so just copy files over go to admin and install and set up. Do you have a bricks and mortar store? Tell your customers about it on your website add a map with details about your store to your website. How? It's simple and free, takes a few minutes to do. Simply go to https://www.openstreetmap.org The easiest way is to use the 'sharing' sidebar on the right on the main osm.org site, there choose embeddable HTML. To make it responsive change width to 100% Now add the script in the language file replacing the one already in it. That’s it enjoy. Has been tested on Phoenix 1.0.3.0 only. Can be seen working on this test site
  11. 1 point
    mhsuffolk

    Stripe v3 module for SCA

    Yes, that is the correct behaviour. A payment intent on the Stripe website has to be created first before the card input field can be displayed. An OSC order creation is the first part of this process. I leave any of these in place for 7 days as the customer can still return and complete the order correctly without having to create a new/second order. If it has not been completed by then, simply delete the order in admin. The PayPal app behaves in a similar way.
  12. 1 point
    asro2004

    Stripe v3 module for SCA

    I have created a fork of the standard Stripe payments module to provide support for SCA. I tried uploading it to the market place, but it does not seem to be accepting it. A copy of the zip is attached. Stripe SCA Payment module Stripe SCA is a refactored version of the standard Stripe payments to update the Stripe API to v3 and support the SCA process flow. Other than using different Stripe API calls to set up and process payments, the main change is to defer order fulfillment to a web hook called by Stripe after the payment has been authorised. This module is installed as a separate payment method from the standard Stripe module and can be run in parallel. Note that it shares the customer_stripe_tokens table created by the standard Stripe module, and cards saved using the standard Stripe module can be reused by the Stripe SCA module, however, cards stored by the Stripe SCA module cannot be reused by the standard Stripe module. They will be rejected by Stripe with a message 'You cannot create a charge with a PaymentMethod. Use the Payment Intents API instead.' Install Copy the contents of this zip to the root osCommerce folder of your store. Login to the osCommerce Admin page of your store and go to Modules > Payment. - Click on the Install button at the upper right of the page - Choose 'Stripe SCA' from the module list and select Install Module. If you are allowing cards to be saved, add the cards management page: - go to Modules > Content - click on the Install Module button at the upper right of the page - select 'Stripe SCA Cards Management Page' and select Install Module. That will add the 'Manage saved payment cards' link to the customers' My Account page. Configuration The basic configuration of the Stripe SCA module is the same as the standard Stripe module, requiring Publishable and Secret API keys, however as the order fulfillment has been moved to a webhook, you need to add the address of the Stripe SCA webhook at your store to your Stripe account dashboard, and add the webhook signing secret it generates to the Stripe SCA payment module configuration. Login to your account at the Stripe web site, and select Developers > Webhooks - select '+ Add endpoint' at the upper right of the page - set the URL to: https://yourstore.url/ext/modules/payment/stripe_sca/webhook.php - select version as 'Latest API version' - select event 'payment_intent.succeeded' and 'payment_event.payment_failed' - click 'add endpoint' to save the webhook endpoint. Then select the new endpoint URL from the list of end points, and then 'click to reveal' to see the Signing Secret. Copy and paste the text of the signing secret to the Webhook Signing Secret in the Stripe SCA module configuration form. The Stripe SCA module adds a log table, stripe_event_log, to the database, and if you select 'Log events?' in the Stripe SCA configuration, it will record each Stripe API call with the parameters that are passed to Stripe and the response received. As the process flow has changed to use a web hook, the order has to be created in a pending state, and then updated to completed status after the payment has been authorised. Consequently, you need to set the new order status to 'Preparing [Stripe SCA]', and the order status is set to the status the order is to be set to, after the payment is authorised. Technical Notes The current stripe-php library, as at module publish date, has been included in in the module install. Calls to the Stripe library functions have replaced directly sending transactions to the Stripe gateway. You should be able to replace the includes/modules/payment/stripe_sca folder with the complete contents of the stripe-php library when Stripe releases updates to their library. If you do so, set the new API version in includes/modules/payment/stripe_sca.php. The Stripe v3 process flow now requires a PaymentIntent to be created before the payment page is displayed, and a 'data secret' it generates to be included in the HTML form. If a saved card is used, the Stripe customer id and payment method id has to be added to the PaymentIntent. During coding, it was found that a payment method could not be removed from a PaymentIntent, so rather than update the PaymentIntent with a server call as the saved card/new card is selected, the adding of the customer and payment method is deferred until immediately before submitting the payment to Stripe in a Javascript call when the form is submitted. The payment_intent.php server hook is also used to save the value of the 'save card' check box in the PaymentIntent so it is accessible to the webhook called after the payment is authorised. Stripe v3 provides UI elements to collect card details. A 'card-element' element is required for the new card to show card number, expiry and CVC fields, but is also required for saved cards in order to provide a place holder that Stripe can use to display authorisation prompts if required. Consequently, two occurrences of the 'card-element' element were created with the name of each toggled depending on whether a saved card or new card is selected. Otherwise, trying to reuse the same element for both purposes block the authorisation of saved card when the new card details was hidden. All order fulfilment and card saving code has been moved to ext/modules/payment/stripe_sca/webhook.php. Note the DIR_FS_CATALOG constant should be set to a path string, rather than the value dirname($_SERVER['SCRIPT_FILENAME']) . '/' because the includes/modules/payment/stripe_sca.php has a require that references the stripe-php library, and is executed at different locations in the directory structure and fails when the DIR_FS_CATALOG value varies with location. stripe_sca_v1.0.zip
  13. 1 point
    Dan Cole

    How can i automate a SQL update query?

    I don't know if it's appropriate for your application or not but you could always trigger it on a page call...ie someone visits one of your store pages and the call gets executed. Dan
  14. 1 point
    Today I finished with the migration of my old Website to the Phoenix plattform. This is the result, see: https://www.attias.ch/ I am happy now, it was a lot of work. Thank you all for the help
  15. 1 point
    ArtcoInc

    PHP and the newest cPanel

    I have two live shops. One is running the Community Edition osC v2.3.3.4 (yes, it's that old). The other is running the pre-gold Community Edition osC v2.3.4. I am working on a new site using Phoenix, but that's still in development. I had configured my host to use PHP v5.6 on my shops, and everything was running fine. My host recently did an unannounced upgrade to the cPanel tool set which, unfortunately, upgraded all of my shops to PHP v7.3. Needless to say, there were problems. The first issue I noticed was that I could no longer run the Security Check module in Admin for either shop. I verified that the code against a backup to make sure that it hadn't been hacked. It wasn't until I ran the Server Info module in Admin did I notice that the version of PHP had been changed to v7.3. I logged into my host's cPanel, and discovered that the oldest version of PHP available was v7.0. I rolled back to v7.0, but that did not fix the issues I was having. I contacted tech support through their chat function <grumble, grumble>. I explained the problem, and asked if my sites could be rolled back to PHP v5.6. Yes, but not through cPanel. The new version of cPanel only supports PHP versions 7.0 and up. The tech support person was able to roll back my sited to PHP v5.6 by editing the .htaccess file(s) for all of the sites. They are back up and running now. Server Info shows I'm running PHP v5.6, even though cPanel says I'm running PHP v7.0. I hope this info may assist someone who may run into a similar issue. Malcolm
  16. 1 point
    asro2004

    Stripe v3 module for SCA

    Security issue There can be a security problem for anyone who installed version 1.0.3 of this module, with some obsolete values being left in the configuration table when the modules is updated to a later version. Please run the following SQL to remove the obsolete values: DELETE FROM configuration WHERE configuration_key IN ('MODULE_PAYMENT_STRIPE_SCA_PUBLISHABLE_KEY','MODULE_PAYMENT_STRIPE_SCA_SECRET_KEY','MODULE_PAYMENT_STRIPE_SCA_WEBHOOK_SECRET')
  17. 1 point
    piernas

    Ultimate Seo Urls 5 Pro

    It's ready. - Latest oscommerce (phoenix 1.0.3.0) compatible. - Fixed more cache issues. Now sqlite and memcache are only enabled if system supports the methods. - Moved admin edits to hooks. Now only two files on catalog needs to be modified. - Removed database table constants. - TODO: Allow to processs links outside root folder (ie. ext/directory). This is useful for addons like Twitter typeahead. Can someone test the atached files before uploading to addons? USU5_210.zip
×