Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Pharkie

Archived
  • Posts

    151
  • Joined

  • Last visited

Everything posted by Pharkie

  1. Yeah, have you looked through all the similar contributions, available from the Contributions section of the website? I expect there's quite a few that are reasonably similar, one of which might do what you need? Adam
  2. What your talking is a kind of 'product groups' or groupings. This contribution doesn't do this - tho it may be worth seeing if another one would, as a variation on the theme. Modifying it to do this would not be a simple job. But not as big as what some people attempt with OSC. Somewhere around medium complexity - probably involving an extra table or two in the database and a - probably simpler than the x-sell one - new interface. Hope this helps!
  3. This is the problem to focus on: I think there's a setting in the web-based admin that says 'What do you want to name your session ID?'. Go there and make sure there are no spaces or other weirdness in it. Either that or check your install of PHP and its default session ID. Hope that gives you a clue.
  4. It's possible, it's easy, lots of people have done it. It requires a small change to the PHP in the relevant page. I'm afraid I can't get you the details right now, but if you look it should be pretty obvious.. If not, I'll get back on to provide more help in a week or so.
  5. Not that difficult. The biggest change I think is necessary is to 'integrate' the cross-sell admin into the main Product Management, rather than having a separate interface. Even the interface that it currently has isn't particularly OSC standard i.e. using all the right functions. It's a bit thrown together. If you can identify the main thing preventing it working with lots of products e.g. having to load thumbnails for each product, you may be best focusing on just changing that as a quick fix. To do it properly would take 2-3 days of work I should think. I'm afraid I really don't have time at the moment! Adam
  6. 'Secure Credit Card Payment' ? That doesn't sound right. On mine it's under Admin -> Modules -> Payment -> Worldpay Secure Processing. But then I may have renamed it to be more specific. So first thing - do you have that in admin and is it definitely the Worldpay module that you've activated? You should have options e.g. 'Enable Worldpay module'.. Have you set the sort order attribute of the module I mention above, in admin? I've got it set to 0. With no 'sort order' set, it won't appear. The process is: Basket -> Delivery Information -> Payment Information -> Confirm all details -> WORLDPAY (x 2 screens) -> Back to store/thanks for your order. Hope this helps. Let me know how you get on! :) Adam
  7. OK i rummaged around and came up with this. From line 246 of my product_info.php: <td> <?php // Adam@CP. Added X-sell mod if ((USE_CACHE == 'true') && empty($SID)) { echo tep_cache_also_purchased(3600); include(DIR_WS_MODULES . FILENAME_XSELL_PRODUCTS); } else { include(DIR_WS_MODULES . FILENAME_XSELL_PRODUCTS); echo '<br>'; include(DIR_WS_MODULES . FILENAME_ALSO_PURCHASED_PRODUCTS); } } ?> </td> ..but I'm not sure that's the bit you need. It's more likely to be the next bit. My xsell_products.php :ph34r: : <?php /* $Id: xsell_products.php, v1 2002/09/11 osCommerce, Open Source E-Commerce Solutions <http://www.oscommerce.com> Copyright (c) 2002 osCommerce Released under the GNU General Public License */ if ($HTTP_GET_VARS['products_id']) { $xsell_query = tep_db_query("select distinct p.products_id, p.products_image, pd.products_name from " . TABLE_PRODUCTS_XSELL . " xp, " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_DESCRIPTION . " pd where xp.products_id = '" . $HTTP_GET_VARS['products_id'] . "' and xp.xsell_id = p.products_id and p.products_id = pd.products_id and pd.language_id = '" . $languages_id . "' and p.products_status = '1' order by xp.products_id asc limit " . MAX_DISPLAY_ALSO_PURCHASED); $num_products_xsell = tep_db_num_rows($xsell_query); if ($num_products_xsell >= MIN_DISPLAY_ALSO_PURCHASED) { ?> <!-- xsell_products //--> <?php $info_box_contents = array(); $info_box_contents[] = array('align' => 'left', 'text' => TEXT_XSELL_PRODUCTS); new contentBoxHeading($info_box_contents); $row = 0; $col = 0; $info_box_contents = array(); while ($xsell = tep_db_fetch_array($xsell_query)) { $xsell['products_name'] = tep_get_products_name($xsell['products_id']); $info_box_contents[$row][$col] = array('align' => 'center', 'params' => 'class="smallText" width="33%" valign="top"', 'text' => '<a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $xsell['products_id']) . '">' . tep_image(DIR_WS_IMAGES . $xsell['products_image'], $xsell['products_name'], SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '</a><br><a href="' . tep_href_link(FILENAME_PRODUCT_INFO, 'products_id=' . $xsell['products_id']) . '">' . $xsell['products_name'] . '</a>'); $col ++; if ($col > 2) { $col = 0; $row ++; } } new contentBox($info_box_contents); ?> <!-- xsell_products_eof //--> <?php } } ?> ..not sure if I added the 'if' on line 17 into that. It looks like it's that that prevents it from showing if they are no cross-sold products. Replace 'MIN_DISPLAY_ALSO_PURCHASED' on that line with '1' (no quotes) if you like - I'm sure it will work the same.. That must answer it, since it's clearly saying "Show this box IF there's 1 or more products in the list of cross-sells', so I presume other people are missing that? Let me know how you get on.. Good luck :)
  8. I seem to remember I achieved that fairly easily. Just moved a bit of PHP above the table that displays the x-sells, rather than inside it. Not got the code to hand tho.. Take a look, it should be easy. Hope this helps,
  9. The order_status table is in the database, so use whatever you used to create the database in the first place? Often this is phpmyadmin. The way this module works is that the Callback page is what puts the order into your system, so that has to be working properly or you'll take payment without receiving the order. The Callback page is called by Worldpay after an attempted transaction. This is as opposed to e.g. putting the order into the system and then assigning it a 'paid' status after coming back from Worldpay - which might be better - but it doesn't work that way. You need to track through the PHP and find out exactly where you're going wrong,. view source etc. Took me a bit of work before I got it all together myself. Adam
  10. The code that splits the results into pages is OSC core/standard. There's nothing in OSC as it is to do what you're asking, so it will be more difficult that otherwise..! But maybe you could take the page splitting code, duplicate it, and take it from there.. A medium-difficulty job, I'd say. Adam
  11. heh .. looks like one of the contrib authors got confused at some point and added _buynow to the filename twice. I presume the idea is that you rename xsell_products_buynow.php to xsell_products.php - that makes sense. A file with an extension .php_buynow makes no sense. Have fun. Adam
  12. Hi Altec, That error simply means that OSC can't find the xsell_products.php file. Have you uploaded it into the right place? It's looking for it in: includes/modules/xsell_products.php That's likely to be /catalogue/includes/modules, but it depends where you installed OSC. So I advise checking all your paths and make sure that product_info.php can find xsell_products.php correctly. Most likely you've installed the ADMIN side of xsell but not the USER side. These will be two sets of instructions in the INSTALL instructions. Hope this helps. Adam
  13. Genius, Email me the relevant file and I'll see if I can quickly see which bit you need to change to alter the Sort order. It should be easy since I changed it to product ID in my version :-) Sorry I'm not more responsive but I'm pretty busy right now! Thanks. Adam
  14. heh..that might be your problem. What do you mean by that? Basically yes, your problem is that OSC is trying to create a new session when the user comes back from Worldpay. It shouldn't need to because the user should have a cookie set telling OSC 'here's my session ID'. So what this usually boils down to is having the cookie domain/path/web addresses that the cookie is valid from set wrong. You can check it in the OSC admin (I suggest set the path to yourdomain/) but also check the actual contents of the cookie and see if it's slightly wrong? Hope this helps.
  15. FILENAME_WPCALLBACK would indicate that this variable hasn't been defined somewhere.. Check for references to it in the pages your using (the PHP source) and see if it's missing/not defined somewhere?
  16. It is a security hole yes, and there are several with this module that I've already hinted at previous in the thread. Well spotted though! As for code, I'd replace your: $transStatus = ""; $transStatus = $_POST['transStatus']; if(isset($_POST['transStatus']) && $transStatus == "Y") { with.. if(isset($_POST['transStatus']) AND ($_POST['transStatus'] == "Y")) { I use 'AND' rather than '&&' - i believe it's better in most situations. It's probably no more secure though - you could construct a form that POSTs 'transStatus=Y' to wpcallback.php and it would probably work just like faking the GET variable as you're suggesting. The answer is to make use of Worldpay's MD5 passwords and other security features, detailed in its integration guide and missing from the current OSC module.
  17. It's saying PHP is out of memory on the server you're on.. 8388608 is the default maximum file-upload/post-method-send too, dunno if that's got anything to do with it. Basically you're X-SELL list has got so long that PHP runs out of memory triying to create the admin page, I would say. You might be able to fix it by changing maximum memory allocated to PHP in your php.ini, if you have access to it. But otherwise it's just that X-sell isn't a fantastically crafted contribution - it needs a lot of work before it's going to suit everyone and work on all installations. Hopefully the core team will sort it out :)
  18. I think the latest version does that? Not sure, but I seem to remember it doing. Check it out and see if it does.. Ideally it needs to use split_page_results() etc.
  19. heh - that was one of the things I was going to look at wasn't it.. I'm in a good mood today so I might see what I can do.. If I don't, feel free to kick me up the ass on this. Adam
  20. ..sounds like a run-of-the-mill error doing an edit in PHP to me :blink: It's one of those general errors - you miscopied something, forgot a semi-colon somewhere, missed a line you were supposed to put in.. Check the install instructions line by line against what you have in your OSC files - you'll find a little error somewhere. Probably :D
  21. Nimmit solved his problem by the looks of things. Read his posts, and if not, get in touch and see if his solution might work for you. I thought it was to do with cookie addresses, and Nimmit said: Good luck..
  22. Yeah.. My payment pages look good enough - not great, but good enough. You need to upload HTML for it to use in the Header and Footer, and use Styles. Go through and change all the colours it uses to match your site. It is possible but it's more work than it should be..
  23. You should find these in your $_GET[] array, since Worldpay passes them back in the URL it uses to get wpcallback.php. We've talked about doing this before in the Worldpay III support thread - quite a few people want/need it. If you do it, add it as a Contribution :)
  24. Worldpay problems This page explains the problems with Select Junior better than I can. I can confirm though, that the issues it outlines are still present and affect anyone using Worldpay, including via the OSC contribution. That page doesn't include my technique of using a Javscript debugger, which is more likely to work than the way it suggests. So yeah MD5 would sort the main part of the insecure-ness out. The contribution needs to be changed for that to work, I think, but that would be simple. IMHO a 12-character password is secure enough, and as for its point about the callback - I've not looked into that but what it's saying makes sense. One way or the other, there are some pretty big problems with the current OSC worldpay system. If you check your orders by hand and ensure the amounts/totals make sense, then you'll be OK.
  25. It's insecure, yes. Someone could alter the values before they go to Worldpay, relatively easily. I think I said this a few pages back in this thread :D My answer is to ask Worldpay how much was billed, which is in the info they return to you. This needs to match what was requested. This check isn't done at the moment, as far as I'm aware (and I think I checked). At the moment the only defence you have is to check the figures make sense when you come to fulfil the order, in the admin screens.
×
×
  • Create New...