Jump to content

Jack_mcs

Members
  • Content count

    29,670
  • Joined

  • Last visited

  • Days Won

    128

Posts posted by Jack_mcs


  1. 1 hour ago, valquiria23 said:

    Is this addon compatible with Phoenix ?

    I don't know but probably not, at least completely. For any older addon that displays something on a page of the shop, a change is needed to properly work with BS4, though sometimes the page will load fine without it. But this addon would change too many core files so I wouldn't recommend using it until that has been changed. I don't know when that will be.


  2. 3 hours ago, bitit.it said:

    what do you mean with guessing?

    There are many versions of oscommerce and they are not all coded the same way. When it isn't known what version is being used, I, and others, can only guess at what the problem might be.

    In Phoenix, there is a Reviews module in the Modules->Navbar modules section, Do you have that enabled?

     


  3. It's difficult for anyone to help since your question doesn't include any details. First, you should always state the version of oscommerce you are using (see my signature on how to do that). Then, how did the reviews get in the database? I can only assume you have replaced the original shop and the new one isn't showing them but that would just be guessing.


  4. On ‎8‎/‎2‎/‎2019 at 1:39 PM, Chadduck said:

    WHY is it if those are entered in the .htpasswd file that the OSC login screen is bypassed and the user is placed on the administration screen of OSC?

    It's because the path to the .htpasswd file is different between the two servers. The easy fix is to rest the password for the popup login in your control panel. But you could also edit the admin/.htaccess file and change the path to the correct one for the new server.


  5. If you can't save the words, then something is wrong with your installation. The bad words is just another setting so there's no reason why one setting won't save but others will. But since you said this has not made a difference, I am wondering if you have the email and url options set to false. If they are set to true then spam emails won't be blocked. Have you tried sending an email with the contact us page that has an email address in it?


  6. Maybe I misunderstood. I understood your post to be about the mention of the grid/list line. I don't see any mention about saving bad words. The "have forums on them" should have been "have forms on them". This addon only works on pages that have forms, like contact us and create account. As for the bad words, they are entered in the modules settings.


  7. There was meant to be a file in admin/includes/languages/English/modules/boxes/ named sitemap_seo.php with those lines. Having the file there prevents the need to change an existing file. The way you added it will work too.


  8. 35 minutes ago, rule said:

    Is it possible to extend the module by including a filter to catch domain names used by spammers for emails, i.e. similar to the bad words filter but for account creation rather than contact form?

    Yes, it is possible. I have done that in the pro version of View Counter. I may make the change in this one but it is not a quick change so I don't know when, or if, that will be due to time constraints.

    Usually, in my experience, these people creating fake accounts have more than one IP address so blocking one may be a waste of time. You can generally tell if that is the case by checking the WhoIs for the IP. When you do that, you will see an IP Range and/or CIDR listed. Those are short-hand methods for all IP's associated to that one IP. Using one of those to block maybe help. However, you have to be careful since the IP range may include legitimate IP's so you may end up blocking potential customers. You have compare where the IP is from and whether you would hurt the shop by blocking people from that location. 


  9. In admin/includes/template_top.php, find this line

    <base href="<?php echo ($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_ADMIN : HTTP_SERVER . DIR_WS_ADMIN; ?>" />

    and change it to

    <?php 
    /****Begin Easier Attributes ****/
    if ($PHP_SELF !== 'easier_attributes.php') { ?>
    <base href="<?php echo ($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_ADMIN : HTTP_SERVER . DIR_WS_ADMIN; ?>" />
    <?php 
    } 
    /****End Easier Attributes ****/
    ?>

    Please note that I can only guess at what to change since you didn't mention your version of oscommerce. Please be sure to always mention that in any post on these forums..


  10. That file is no longer used so the boxes section won't work as in previous shops. That will be fixed in a future version, though I don't know when that will be. For this one, change this line

    $file = DIR_FS_CATALOG . $end . 'includes/filenames.php';

    to

    return '';

     


  11. That is usually a cache issue. Try turning off cache in the shop and delete all cache files, especially if SEO 5 is used and files are stored on the server. It can also be related to the php version if your shop can't handle the selected version.


  12. 3 hours ago, kalibug said:

    I click on an item in my store and when I hit the button,  it says cart is empty

    A common cause of that is an incorrectly setup configure file. If it was working before, did you make any recent changes? If it never worked, then post your includes/configure.php file here, without the database credentials near the bottom, and someone will take a look at it.


  13. A change was mentioned in Fake Accounts thread to check TOR IP's, which are often used by spammers and hackers. The code to make this change is below. I will add it to the next release once I have time to add a setting and package it. To use it now, open the includes/functions/honeypot.php file and find this line:

    $db_table = 'honeypot_track'; 

    and add this above it:

        if (CheckTOR()) {
            return true;
        }

    Then at the end of the file, add this

    function CheckTOR() {
        $ips = file("https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1");
        $found = false;
        foreach ($ips as $ip) {
            if (strpos($ip, $_SERVER['REMOTE_ADDR']) !== FALSE) {
                $found = true;
                break;
            } 
        } 
        return $found;
    } 

     


  14. @fiodhRecaptcha will only help if the accounts are being created with a script, and then maybe only. If accounts are being created as normal, the only way to stop them is to find some common thing, like the company name set to google, and block that. You might want to check the IP for the countries they are for. If they all, or many, are from one country then block that country. Or, in the least, block the range of IP's for the given IP (it's listed on most WhoIs sites).

    I don't understand what you mean about the referral addon but if you are saying you can't find settings for it, the older versions had settings in My Store, or somewhere in Configuration. There should be a setting requiring the question to be answered. If that is set and accounts are still being created, then the spammers are most likely using scripts. 


  15. It's not a question of whether it is safe or not. The higher versions of php usually fix security holes in previous ones and shouldn't introduce any in the shop that weren't already there. The real question is if it works or not. You should thoroughly test all parts of the shop to make sure they work correctly, especially when it involves addons. If they do, then you can stay on 7.2.

×