Leaderboard

Is osCommerce dead? http://www.thatsoftwareguy.com/blog/2018/12/04/is-oscommerce-dead/

That moment when you finish coding a module...to remember that you already made a similar module a year ago. D'oh.

Any input form on your site that accepts input from a user and stores it in your database is open to abuse. You just have to do what you can to secure each one. @Jack_mcs Honeypot lets you pick which pages to cover so should work for most issues. If it’s some idiot sitting at a pc with time on there hands doing the spamming ( and there are many doing this) then there is very little you can do to stop them. Blocking IP’s works for a while but the just move to another using VPN’s! If it’s bot’s then the honeypot should catch most of them. They look at the code and when they find a form/input filed they dump rubbish into it. Honeypots normally add a hidden ( to the user) filed to the page which the user will not see but the bot’s will and they dump rubbish into it which tells the honeypot that it’s not a human and it can block that bot.

😂 No not dead but definitely in ICU. Without a proper development path it will slowly get worse if thing don’t change. We have already seen a number of people on the forum try frozen get frustrated and go use something else. I’m sure a group of diehard users ( like me ) will keep slogging away with it but that's not the same thing as a thriving growing user group. There is only so much one person!

Action Recorder Could not create_account be protected with an action recorder module ? Recaptcha Protect create_account with a Recapcha as well? IP Address Store IP address as part of account creation. Isn't everyone doing that anyway per GDPR ? 😂 Back End What about a backend page that allows shopowner to drill down customers [and delete them], eg show me; customers who registered between X date and Y date and/or have not logged in since and/or have made no orders Self Approve How about getting customer to approve themselves (rather than be admin approved). IE, they create account & immediately logged out. They have to check their email to access a page which "open sesame" their account and access to checkout procedure. Obviously not right for all shops, but some shops that might be suitable for. That's 5 ideas that spring to mind immediately...

See the Honey Pot addon. There are only a few changes needed. It stops 100% of spam by bots on the contact us page and is completely transparent to the customer.

You may want to look at my Database Optimizer.

There are several threads regarding this on this subject. There's no simple way to remove them in a stock shop. You can do one of the following: If there are not too many, you can manually delete them in admin->Customers. If there are too many to delete manually, you can delete them by editing the database. How easy this is depends on when the accounts were created and if there is something in common with them, like the same in each. To prevent it from happening again, If you can determine the country that the accounts are being added from and if you won't sell to that country, then remove the country from the countries list in admin or install an addon or package that blocks countries if your host doesn't provide that option. If you can determine the IP of those that created the account, you could block those IP's. There are addons meant to store the IP if you don't have one installed.

There is no update package. You need to install the latest "Edge" version and re-do any customizations you had done. I wouldn't try to update just one small part -- do the whole thing to do it right. I'm not sure if Edge is fully PHP 7.2 compatible -- it may be. Frozen is 7.1 compatible, and definitely has some problems on 7.2. See my signature for links to Frozen and Edge. "Edge" is labeled "master" on GitHub, which may be why you couldn't find it. Be aware that Edge is under constant development, and may not be stable enough for a production store, while Frozen is quite stable (although I would apply the various fixes listed in the thread). No one knows if Gary plans to release an updated Frozen, or just a stable version of Edge to eventually replace it.

Laravel Ecommerce System Is this the next big thing for ecarts? There are a number of new ecarts being developed using the Laravel framework. They appear to have a very short development cycle many are 1 or 2 man teams producing what look to be very slick carts in 12-15 months! They typically come fully loaded and ready to use out of the box. Looks like things are geting intresting in the ecart arena over the next few years. If you want to find out more about Laravel framework you can here https://laravel.com/ and here https://github.com/laravel/laravel Typicaly offering:- Easy Installation (Built-In Installer) 8 Theme for Storefront 2 Home page layout Home page banner sections Beautiful & Powerful Admin Panel Multiple Locales Multiple Countries Multiple Currencies Third Party Integration for Updating Currency Rates Scheduled Currency Rate Updating Advanced Home Page Customization Advanced Search Algolia Search Engine Integration Product Options Product Attributes Advanced Product Filtering Guest Checkout Customer Panel Sales Analytics Chart Search Log Advanced System Report Custom Static Page Unlimited Nested Categories Scheduled Special Product Price Country, State, City, Zip Based Tax Configuration Minimum Amount for Free Shipping File Manager Drag & Drop File Uploader Custom CSS/JS Custom 404 Page SEO Optimized Fully Responsive And More…

In any case, ask your host if/how it can be done. Usually it can, even though you may have to manually edit the test directory's .htaccess file. Assuming, of course, that your hosting service supports several PHP versions (the better ones do).

If you are on a remote server your c-panel may allow you to do that. Dan

Hey, awesome recaptcha module, easy install! TX

Unless you made some changes you have forgotten about the site in unlikely to have changed on it's own! First check your error log to see if it has any clues in it. Then try the site on another machine and see if it's working as it should. If it's working fine on other machines it's not going to be an issue with the site. I know you said you cleared the cache already but be sure you did it fully! Browsers have a horiable habit of hanging onto stuff these days. Do it manualy by going into the setting and clearing all browser data. This problem is normaly caused by a bad module, you have either installed or turned on a admin moduel that is not working properly and its messed up the admin display. Only you will know which? Also your admin layout styling is set by admin/includes/stylesheet.css make sure its not been edited or corrupted in any way. If your still stuck pm a image of the admin as it may give a better idea of what is going on.

I've verified the fix works for me. I have verified verified as working when an "other than default" currency is used: Expected discount to be applied: - Product discount with % - Product discount with set amount - Category discount with % - Order Sub-Total with % - Order Sub-Total with set amount As well as the Null conditions of where no discount should be applied: - Discount code which is expired - Discount code which does not apply to Order Total - Discount code for Category which does not apply to cart contents I basically dropped the proposed 4.4.1 variant over my 4.1.0 version, and all seems to be working well. It's not exactly a rigorous set of tests, but a diff between the versions looked like it would have been safe to drop over in place, and seems to be good. I say push the change.

I currently have v2.2 of this URL rewrite module installed and the informations pages module. All works well, except the information page URLs are converted to : -i-6.html -i-7.html which is not very descriptive. Is there a way to add something a little more descriptive to the beginning of the URL e.g. Visit-our-shop-i-6.html I understand that for products, the start of the new URL is taken from the Product name, but for the information page there is no name defined for the page. There is a title, and that appears on the page itself. Can this be used to rewrite the URL? Or is there any other method or would it require a code change? Mike

On my test site using my AIM module on their test server/sandbox it works with all the MD5 code commented out of the aim module. I never had anything entered for it and all the md5 code was contingent on something being entered. I think the md5 code was carry over from when Harald did the SIM module, but I'm guessing. I also downloaded their SDK for the api and have played with that a little on my test site with Netbeans. Netbeans is helpful because it parses the code and can take you right to a class or method without having to hunt for it. Since they have about 500 files in this api, NB is really helpful. I used their sample code to get it to work from my test site. I think we could reuse a lot of the aim module code and convert it to use the api.

You are somewhere between Gold and Frozen.

remove them using phpMyAdmin directly in the db in customers table it will overcome this issue. I would imagine that the garbage they entered when making the account is causing issues.

For hosted forms. For XML it is the preferred method of implementation The link I sent is for XML implementation classes Hosted forms have not been in use for a very long time now. cheers Peter

Customers are strange beings! We did not need to do that as we could simply add the customers email address into the shipping portal when booking the delivery. The customer then was automaticity notified by email with his/her tracking details. We had to remove this function as we had lots of complaints about receiving the tracking email. We now manually forward the link to any customer that requests it ( very few do!). anyone intrested in the tracking box can see it on the test site. Auto Geolocation should be working so you should see map update to your location. https://chilleddisplays.co.uk/

Well failed miserably with this one! Could not find any API to use for testing so gave up. Managed to get the openmaps to finally behave and got leafletjs auto-geolocate to function with openmaps. Adding additional locations by pulling geo data from the shipping companies should not be too difficult it’s just getting access to the API’s that's the problem. So just got tracking option and geolocation map in box, will have to do for now.

I've had a few of these in the last month with some different names, but they enter Google for company and google for company tax id each time. I know not company tax id isn't stock code, but I added this to block spammers and I can add more to it if I need. Most regular customers don't enter a tax id, but only spammers enter google for it. I also have it send me an email to notify me it's happened so I can track it. //Added to block spammers if (strtolower($company_tax_id) == 'google') { $error = true; $messageStack->add('create_account', "You have triggered spamming prevention rules. If you info is correct and you are not a spammer please contact us or try again."); $spam_email_text = "Spammer Alert: " . $firstname . " " . $lastname . "Using company name: " . $company . " with tax id: " . $company_tax_id . " triggered spam alert."; tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, 'Spammer Alert:', $spam_email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS); } //END Added to block spammers