Jump to content

SteveODNet

Members
  • Content count

    35
  • Joined

  • Last visited

Profile Information

  • Real Name
    Steve
  • Location
    Seattle
  • Website
  1. SteveODNet

    Payment method fee 2.1

    Keep in mind that in some places it's illegal to charge extra for accepting credit cards. The way around this is to say that there is a discount for certain payment types rather than a surcharge for credit cards.
  2. I'm pretty sure that the barcode is being entered as an integer in the sql statement. It sounds like your sql statement looks like this: tep_db_query("insert into " . TABLE_PRODUCTS_STOCK . " values (0," . (int)$VARS['product_id'] . ",'$val'," . (int)$VARS['quantity'] . ", " . $barcode . ")"); when it should look like this: tep_db_query("insert into " . TABLE_PRODUCTS_STOCK . " values (0," . (int)$VARS['product_id'] . ",'$val'," . (int)$VARS['quantity'] . ", '" . $barcode . "')"); Note the single quotes around the $barcode variable entry. Be sure to check any other sql queries as well. To be safe, make sure you use the tep_db_prepare_input function before any sql statements that uses the user input barcode value: $barcode = tep_db_prepare_input($_GET['barcode']); Hope this helps
  3. You'd probably have better luck if you posted your question to the STS support thread, rather than as a separate post.
  4. SteveODNet

    [Contribution] STS v4

    To anwser my own question... yes, it does appear to work with register_globals turned off. So far, anyway.
  5. SteveODNet

    [Contribution] STS v4

    Anybody know if this contribution work with register_globals turned off? Thanks
  6. SteveODNet

    Storing Credit Card Numbers - Risky?

    Credit card companies have very strict security requirements for online merchants regarding data storage security. Last year in the US, there was talk of extending data security laws that financial institutions are bound by to include merchants who accept credit cards as well, but I don't know if the extension was ever passed. If you are using OSC, there is an extremely good chance that you are not equipped to meet credit card industry data storage requirements. If you are caught storing numbers, at the very least you'll probably lose your merchant account.
  7. SteveODNet

    AJAX Attribute Manager support

    Just a suggestion, but in future versions of AJAX you should try to use OSC's session handling or at the very least avoid using GLOBALS, since the next version of OSC will no longer use globals due to the huge security risk of having register_globals on.
  8. SteveODNet

    AJAX Attribute Manager support

    I too am having the "Session not registered - You cant access this page directly" problem, but I know the source. I have register_globals turned off and AJAX uses globals in its session functions. So, the trick is to figure out a workaround. Has anybody modified AJAX to work with register_globals turned off?
×