Jump to content

Demitry

Members
  • Content count

    379
  • Joined

  • Last visited

  • Days Won

    10

Reputation Activity

  1. Like
    Demitry got a reaction from Papanco in New management and osCommerce v4   
    Привет Вадим, спасибо за ответ.  
    Yes, I saw that a day or so back, on the Team page. Two things about that page. There are duplicate entries for Kate Dyachenko and Serhii Gakhov. And, the osC profiles are not set up for your team members, though I only checked a couple of them. This is not of great importance at this time, but does go to credibility as you move forward and,.. if you plan to keep the forums.

    Having a dedicated team of Ukrainians and Russians is indeed Very promising!

     
    So as an “on premises" solution (and especially when you move to SaaS), ..does that mean that this will no longer be an open-source software that can be downloaded and installed locally? Because the “os” in osCommerce does stand for “open source.” And, if that’s the case, then this is quite different than Magento, and actually more like Shopify.

    By the way, I am not a fan of Shopify or BigCommerce. I mentioned them because today’s eComm-cart popularity has direct correlation to the fact that the majority of store owners are not technical and do not want to be. That’s one of the main directives pursued by the prior unmentionable, who is directly responsible for the mismanagement and the dismantling of osC and its brand equity.

    I’m talking about the blatant ignorance and stupidity.. such as,.. releasing new osC versions that store-owners could not update their stores to. And, the inability of osC software to be updated to new PHP versions. Other crucial mismanagement issues like,.. Excluding the integration of common-place & basic eCommerce features such as Order Tracking, SEO, MVS, product attribute management, site and form security, shipping calculators, RMA system, and many, Many others! These are all standard features offered with every eComm cart out there today, but of course, not with osCommerce.

    So Vadym, the point of this is that I hope that you choose not to pursue any part of that same “I live in my mom’s basement while I pretend to manage an eCommerce software” strategy, otherwise, you’re just setting yourself, your team, and the new software release for failure.

     
    Ok, so I am happy to hear that this is not some philanthropic endeavor to give away your time & energy. That certainly gives more value to the software, its potential future, and perceived longevity.

    However, your initiative to monetize is not very clear from your response. If you plan to in-house the new osC, and charge for account access, support, and addons/customization,.. that’s one thing. On the other hand, if your services include store-owner ordered customization and development, then this is a conflict of interest.

    Actually, I am not very clear on how you plan to monetize this software. I am willing to invest in something new that I believe will provide a viable long-term solution for my needs as a store-owner, but not if it is anything like what that unmentionable predecessor did,.. or I should say, ..did nothing with.

     
    Good! I’m glad to hear that!

    Additionally, I recommend removing any and all references to Zombie Phoenix. That includes the news articles related to it. There are about 22 articles on the https://www.oscommerce.com/Us&News page. This is confusing to anyone who is new to osC because this software is no longer an osC product. The same goes for Zombie Phoenix addons and addon-updates that are part of non-Zombie Phoenix addons,.. including those of my own. As well as, any and all forum topics, discussions, and posts related to that “other” cart software. Let it all be gone like a fart in the wind!

     
     
  2. Like
    Demitry got a reaction from Smoky Barnable in New management and osCommerce v4   
    In fact, osCommerce is unusable without the Addons. Congratulations! You have inadvertently stumbled upon one of the main reasons why osC flat-lined.

    The osC Marketplace is saturated with old & expired addons that are poorly coded with little to no conformity to any osC coding standards. Then there are the Zombie Phoenix addons and addon updates that support a spin-off eComm software. And now, it is no longer monitored so we have spammers posting garbage like the two screenshots below. Additionally, the search feature stopped working in Firefox for some reason, though it still works in Chrome. And you want to keep this? Really?? smh


     
    I think that all addons for version 2.2.x should be removed. If you have osC v 2.2 on PHP5.x, you have gravely neglected your store and you are not doing any justice for your customers.
    All addons for osC v2.3.x should have a 12 to 24-month end-of-life time-line starting with the release date of osCv4. This gives everyone time to either download the addons they still have not for their legacy version, or switch over to v4 if they chose to do so. osCv4 addons should be completely separate, tested, and monitored for quality, code conformity & consistency, and relevance/usefulness.
    However, if osCv4 is going to adopt the same failed business model as its predecessor, then by all means, keep the Marketplace as is, ..and all the issues and store-owner dependencies that come with it. Applying the same methodologies of a software that flat-lined, to a software refresh is the definition of insanity. That's a reference to an Albert Einstein quote.
    Personally, I have a lot of time & effort invested in all the addons that I contributed to osCommerce over the years. Regardless, I have no attachments to them and would gladly let them all go just to see osCommerce start fresh with a new slate and a better market & business strategy.
     
     


     
  3. Like
    Demitry reacted to osCommerce-Official in New management and osCommerce v4   
    Hi Demitry! Yes, indeed, Vadym's here. Nice to e-meet you!
     
    I'm afraid my days of programming a long gone (well, never say never!) but we are a decent size team of engineers who are looking forward to re-establishing osCommerce as a mainstream, "cool" Ecommerce platform. There are two reasons why we do it: 
    - we want to make it a successful business for ourselves, and for the members of this community 
    - this is what osCommerce as a brand, and members of this community fully deserve - to see it grow again after years of not being developed  
     
    Product-to-market strategy can not be disclosed on a public forum, however there are indeed some points that can:
    - osCommerce v4 will be an "on premises" solution to start with. Next year we will consider SaaS option as well. As an "on premises" Ecommerce platform it will not be competing with the likes of Shopify directly, but rather with Magento and similar 
    - osCommerce v4 will come fully SEO and mobile optimised, supporting design templates, with built in CMS and design editor, a number of great features - all free. 
    - osCommerce v4 will come ready for a number of osCommerce-created add-ons and, eventually - for add-ons created by the members of this community 
    - it is going to be a relatively low-code platform, that will allow not just designers and developers, but also pro-users like consultants, Ecommerce and marketing managers, etc using it to customise customer experience 
    It may not have sense to compare it to WooCommerce though, as Woo is less a specialist Ecommerce platform than osCommerce and is perhaps not as suitable to solve customer problems that osCommerce can resolve.
     
    Feeling noble indeed, but we are in business, and have been for quite a few years. It makes no sense to run osCommerce for the sake of it. It shall work and bring profit. 
     
    The strategy is to achieve success not just through sales of our own services, but by allowing members of this community offering their solutions and services too. We want osCommerce is to become a business engine, available to everyone who is interested in it, able to use it, and happy to play by the rules.   
     
    It is a complete re-write indeed.
     
    Not to worry, it will not. Since it is a complete re-write, it will not be able to support any 3rd party plugins as such. We will be publishing guides on how to create new add-ons, new design themes (templates), new widgets, and new modules (like payment, shipping, order total, etc). There's definitely a learning curve there, but eventually it will be well worth it, for everyone!
  4. Like
    Demitry reacted to Smoky Barnable in New management and osCommerce v4   
    Yeah, it would be nice to see the spam cleaned up and daily reports on the current status of osCv4. How about a firm release date? Why hasn't the code been shared with developers that signed up early? The sooner the code is made available the sooner the community can help get it up to speed. Seems like someone is asleep at the wheel at the moment.
  5. Like
    Demitry got a reaction from Smoky Barnable in New management and osCommerce v4   
    In fact, osCommerce is unusable without the Addons. Congratulations! You have inadvertently stumbled upon one of the main reasons why osC flat-lined.

    The osC Marketplace is saturated with old & expired addons that are poorly coded with little to no conformity to any osC coding standards. Then there are the Zombie Phoenix addons and addon updates that support a spin-off eComm software. And now, it is no longer monitored so we have spammers posting garbage like the two screenshots below. Additionally, the search feature stopped working in Firefox for some reason, though it still works in Chrome. And you want to keep this? Really?? smh


     
    I think that all addons for version 2.2.x should be removed. If you have osC v 2.2 on PHP5.x, you have gravely neglected your store and you are not doing any justice for your customers.
    All addons for osC v2.3.x should have a 12 to 24-month end-of-life time-line starting with the release date of osCv4. This gives everyone time to either download the addons they still have not for their legacy version, or switch over to v4 if they chose to do so. osCv4 addons should be completely separate, tested, and monitored for quality, code conformity & consistency, and relevance/usefulness.
    However, if osCv4 is going to adopt the same failed business model as its predecessor, then by all means, keep the Marketplace as is, ..and all the issues and store-owner dependencies that come with it. Applying the same methodologies of a software that flat-lined, to a software refresh is the definition of insanity. That's a reference to an Albert Einstein quote.
    Personally, I have a lot of time & effort invested in all the addons that I contributed to osCommerce over the years. Regardless, I have no attachments to them and would gladly let them all go just to see osCommerce start fresh with a new slate and a better market & business strategy.
     
     


     
  6. Like
    Demitry got a reaction from Smoky Barnable in New management and osCommerce v4   
    In fact, osCommerce is unusable without the Addons. Congratulations! You have inadvertently stumbled upon one of the main reasons why osC flat-lined.

    The osC Marketplace is saturated with old & expired addons that are poorly coded with little to no conformity to any osC coding standards. Then there are the Zombie Phoenix addons and addon updates that support a spin-off eComm software. And now, it is no longer monitored so we have spammers posting garbage like the two screenshots below. Additionally, the search feature stopped working in Firefox for some reason, though it still works in Chrome. And you want to keep this? Really?? smh


     
    I think that all addons for version 2.2.x should be removed. If you have osC v 2.2 on PHP5.x, you have gravely neglected your store and you are not doing any justice for your customers.
    All addons for osC v2.3.x should have a 12 to 24-month end-of-life time-line starting with the release date of osCv4. This gives everyone time to either download the addons they still have not for their legacy version, or switch over to v4 if they chose to do so. osCv4 addons should be completely separate, tested, and monitored for quality, code conformity & consistency, and relevance/usefulness.
    However, if osCv4 is going to adopt the same failed business model as its predecessor, then by all means, keep the Marketplace as is, ..and all the issues and store-owner dependencies that come with it. Applying the same methodologies of a software that flat-lined, to a software refresh is the definition of insanity. That's a reference to an Albert Einstein quote.
    Personally, I have a lot of time & effort invested in all the addons that I contributed to osCommerce over the years. Regardless, I have no attachments to them and would gladly let them all go just to see osCommerce start fresh with a new slate and a better market & business strategy.
     
     


     
  7. Like
    Demitry reacted to ozEworks in Payment methods   
    Availability of payment methods is a deciding factor when choosing an ecommerce solution. If we want people to use os Commerce V4 versus other open source, we need to offer as many as possible free of charge out of the box - on and offline.
    In principal, I think all payment modules supported by the osCommerce team themselves should be included. Any not supported by them should be in the app store.
    All included should be free to use. 
    Offline needs to include Check.
    Online definitely needs to include Stripe. 
     
  8. Like
    Demitry got a reaction from ezfindit in Hosting Companies and Plans Supporting PHP 5.6 Long Term   
    @ezfindit hey Chris,
    https://www.webhostinghub.com/
    Their minimum is PHP5.4 but this is shared hosting, not VPS. And, it is based in the US.
  9. Like
    Demitry reacted to Jack_mcs in Database Optimizer   
    1) There is a version for "Before 2.3". I don't recall I updated it for this version. Probably not. With Phoenix becoming more and more popular and with it changing often, managing multiple versions is just not possible any longer, at least for me. If you need an addon to work for older versions, you can 
    Use an older version. This is not a good idea since you will lose fixes and improvements. Convert the code to work with an older version. Pay someone to do the conversion. 2) This got through because of lack of time for testing older versions. To fix it, you can replace 
    <td align="center"> <?php echo tep_draw_bootstrap_button(IMAGE_UPDATE, 'fas fa-save', null, 'primary', null, 'btn-success btn-block btn-lg'); ?> </td> with
    <td align="center"><?php echo tep_image_submit('button_update.gif', IMAGE_UPDATE);?></td> 3) I'm not able to reproduce this but in searching for it, it seems to be a bug in php 7.1 and, maybe 7.2. I'm running 7.3 so it seems they fixed that problem. Applying the change below should prevent it but since I can't see the warning, I can't be sure. Change this line
    $dateOrder = date("Y-m-d", time() - ($config['orphan_orders'] * 86400)); to
    $dateOrder = date("Y-m-d", time() - (int)($config['orphan_orders'] * 86400));  
  10. Thanks
    Demitry got a reaction from domiosc in problem with .mx files generated as copies of all .php files   
    @domiosc
    So, I Googled this and did find a couple of articles on a malware injected into a site using .ico files. Here are the articles:
    https://blog.quttera.com/post/suspicious-icon-files-on-your-website/
    https://www.theregister.com/2015/03/25/blank/
      If you do regular back-ups, I would go back to the back-up you did just prior to this problem occurring and compare all folders using a comparison tool. This may not find the issue, but it is a good place to start.  
  11. Thanks
    Demitry got a reaction from domiosc in problem with .mx files generated as copies of all .php files   
    The one thing I noticed, is that everything you posted is based on HTTP/1.0 -- this is an old protocol. Most everything today has moved to HTTP/2.0. You need to contact your hosting company to find out if their servers are on HTTP/2.0. If they are not, you need to switch to a different hosting company.

    HTTP\2.0 is faster and more secure. After doing this, you need to do a site-wide search for HTTP\1 and/or for $_SERVER["SERVER_PROTOCOL"] and manually change related instance of that HTTP\1.0 or HTTP\1.1 to HTTP\2.0. When I had to do this, it was about 25 files.

    Things like this are always a problem when you are upgrading from a much older version to a new one. I believe it is always better to start with the latest version of the CMS and customize it from scratch. Don't keep trying to upgrade from older versions of osC, this software is not designed for that and it will cause you a lot of headaches and time wasted.

    As for the INF field/attribute, I have no idea what that is because it looks like custom code and after looking in advanced_search.php and advanced_search_results.php, I don't see any part of this SQL query in those files. If you are migrating from osC MS2.2 to Zombie Phoenix, search your osC MS2.2 database for this field.


     
     
  12. Like
    Demitry reacted to Jack_mcs in Database Optimizer   
    A new version has been uploaded with these changes:
    Changed call to defined location in database_optimizer.php. Found by @raiwa. Fixed some compatibility issues with php 7.3. Added a version for Phoenix. Removed the calls to load the filename and database files in the After 2.3 version. Replaced mysql_error with mysqli_error for php 7 compatibility. Found by @Demitry. Updated the included Version Checker file that works with the new apps section.  
     
  13. Like
    Demitry reacted to ecartz in problem with .mx files generated as copies of all .php files   
    Perhaps to lull you into a false sense of security.  Or because they didn't need it.  Corrupt the 2.2 site directly.  And use those permissions to try to corrupt the Edge site.  This works if both subdomains use the same user behind the scenes.  So corrupting the 2.2 site allows them to make changes to the Edge site.  Or almost make changes.  Perhaps they were unable to complete the hack.  Perhaps adding the .mx files was only the first step.  If they had completed the hack, you might never have known because they would have cleaned up after themselves. 
  14. Thanks
    Demitry reacted to ecartz in problem with .mx files generated as copies of all .php files   
    You could reduce (but not eliminate) the danger by removing the r from rm -rf
    find change_to_your_own_directory/ -type f -name '*.mx' -exec rm -f {} \; The r stands for recursive and is what allows rm to delete directories.  Without it, rm will only delete files. Better might be to do something like
    find change_to_your_own_directory/ -type f -name '*.mx' -print find change_to_your_own_directory/ -type f -name '*.mx' -delete Where you check the files printed by the first line before running the second line. 
    Two possibilities that come to mind: 
    1.  This is caused by some IDE.  E.g. Dreamweaver MX.
    2.  This is a hack attempt of some sort. 
    Similar problem reported at https://stackoverflow.com/questions/61875526/mx-files-found-in-wordpress-core-files-with-the-same-core-code -- perhaps that will get a relevant answer. 
  15. Like
    Demitry reacted to Jack_mcs in which payment module do you use in your shop ?   
    The fields are there but I don't think the payment modules use them. At least, I know the Paypal and Authorize.net modules don't.
     
    My version, which is not the standard one, has an option to split the cc number. It has been a while since I've looked at the original but I thought that was in all of them. When used, the code splits the cc number and stores part in the database and sends the other part in an email. That way, there is no way for hackers to get the whole number should they get access to your database.  I'll upload it as an addon when I get the time. Maybe it will be useful to someone.
  16. Like
    Demitry reacted to domiosc in which payment module do you use in your shop ?   
    The most used is Post payment "Contra reembolso" cod.php, the cost apply to customer is around 2-3%  depending on carrier.
    The problem for this option is if the customer rejects the order you lose the cost of shipping plus the commission.
    The second is credit card offline processing , cc.php but not is in phoenix and now not have this payment option.
    In old version you can combine with encrypted numbers:
    https://apps.oscommerce.com/6k8vd&credit-card-number-encryption
    https://apps.oscommerce.com/PO2Xr&gpg-credit-card-encryption-0-94-english
    https://apps.oscommerce.com/9nDgB&encrypted-credit-card-with-cvv2
    And use a cleaner numbers https://apps.oscommerce.com/czuzW&credit-card-numbers-cleaner
    for clear after use.
    This method we use because the store not have ssl and not have requirements for direct bank process,
    so we have the option for payment by telephone, the risk is always ours, in 15 years, 5 attempts only 1 lost.
    I know this method is insecure both for the client and for us, but is required for now.
    The cost for offline processing is only 0,30% not apply to customer.
    And the redsys credit card neither is ported to phoenix
    The third is bank transfer at 0%
    And the last collect in store at 0%
    We never use paypal because have high commissions and much customers use buyer protection for dispute and paypal trust the customer before the store,
    but really much people only want pay with paypal by this protection.
  17. Like
    Demitry got a reaction from domiosc in which payment module do you use in your shop ?   
    hi Matt,
    I think that MS2.2 payment module stored CC numbers in the database, but not any CVV or CVC2. PCI compliance prohibits storing these numbers but not the CC numbers, otherwise sites like Amazon and eBay (and many others) would require you to enter your CC number each time you make a purchase. 
    So, as I understand it, I have to select a merchant account first and then apply a module for that account from the payment modules list to be able to process cards? I don't think this was the case with MS2.2 ..What if I just want to use a CC module to test it and different features related to it without selecting a merchant account?
    What I am saying is that the payment gateway was separate from the CC module and you could previously install that module and manage it without actually processing payments via a gateway. Is this no longer the case?
     
  18. Thanks
    Demitry got a reaction from Fredi in Shipping in cart without addon?   
    I realize this is an old thread, however,.. while redoing the Shipping Cost Estimator addon for BS Edge, I came across the same error message. See below:
    [08-Jun-2018 20:41:53 America/New_York] PHP Warning: Creating default object from empty value in /home/ ... /public_html/dev2/ship_estimator.php on line 90 I fixed it via this - in catalog/ship_estimator.php
    Find the following code (around line 90 to 92):
    $country_info = tep_get_countries($shipcountry, true); $order->delivery = array('postcode' => $shippostcode, 'country' => array('id' => $shipcountry, 'title' => $country_info['countries_name'], 'iso_code_2' => $country_info['countries_iso_code_2'], 'iso_code_3' => $country_info['countries_iso_code_3']), 'country_id' => $shipcountry, 'format_id' => tep_get_address_format_id($shipcountry)); Add just above it:
    require_once('includes/classes/order.php'); $order = new order; I tested it with different scenarios, both logged in and not, no errors at all.
    I hope this helps anyone who may stumble upon this thread in search for a solution.
    Demitry
     
     
  19. Like
    Demitry reacted to Jack_mcs in Blacklist   
    A new version has been uploaded with these changes:
    Changed the code to work with Phoenix. Changed the code to install into Frozen without any code changes required. Replaced the GUI in admin. Provided by member @Demitry. Removed code for pre-Frozen versions. My thanks to Demitry for the rewritten gui in admin.
  20. Like
    Demitry reacted to ecartz in which payment module do you use in your shop ?   
    But they have to be stored separately, in an encrypted table, possibly in a separate database.  For example, at Amazon.com they are stored in what are called the credit card motels.  The CC motels are not on the internet.  To access them, Amazon.com has special servers that communicate with the motels via serial ports (actual physical cables).  And while those servers are also networked, they are deep behind the Amazon firewalls. 
    The osCommerce CC module didn't do any of that.  It would be possible to do that, but that's not the right module.  And I don't know that anyone is going to write such a module, as the requirements are stringent and the liability is high. 
    And it's not actually required to store the CC number in order to access the credit card for repeat purchases.  It is also possible to store just a reference to the credit card.  Then Visa or MC or whatever can bill the right account.  They just need to track which of these identifiers are associated with which account.  That's strictly safer, as the credit card info only needs to be given once and is never stored at all (except possibly for the last four digits, which are often used for identification).  It's even possible that Amazon.com does it that way now.  I don't know what has happened there since 2008. 
    Meanwhile, any payment processor is now responsible for seeing that merchants are PCI compliant.  So rather than have you take the credit card details and then communicate the information with them manually, they are going to want to see a whole system that processes the information in an automated fashion.  Usually they do this by giving you a payment gateway to use and asking you to integrate with it either by passing the credit card information immediately or by switching the customer to them to collect the credit card details. 
    The days of taking the credit card information and then typing it into the machine or phoning them in for authorization should be over.  Payment processors should keep you from doing that now, partially by requiring a CSC/CVV, which as you note, should never be stored. 
    Well, go ahead.  But you still need to get someone to answer the authorization requests, possibly with a test server.  I used to have several accounts for that, e.g. on PayPal's sandbox and Authorize.net's test servers.  It may be possible for you to sign up for them, although it's my understanding that the requirements have been getting more and more stringent.  And that would then limit you to payment processors who support that particular gateway.  For example, PayPal is the only processor that uses the PayPal gateway for authorizations.  Authorize.net covers more processors, but not every processor (for example, I don't believe that you can use Authorize.net with PayPal as the processor). 
  21. Like
    Demitry got a reaction from cigarsforless in Multi_Vendor_Shipping new thread   
    @ralgiere@phi148@kymation
    Ray, Bill, Jim,
    I have done a lot of work to this module to get it fixed, improved, and adapted to BS Edge as well as PHP7.1, however, almost three weeks back my laptop hard-drive died. I just got my new laptop a few days ago and have been working on getting everything back to what I had. This means that the BS Edge release of this addon will take a bit more time. Luckily I had most of my stuff backed up, ...but not everything. Though the most updated files for this addon are on my test server and I will be able to repackage them along with screenshots and much more.
    The problem I ran into that I could not resolve, before my laptop hard-drive crashed, was that upon proceeding to the checkout_payment.php page, the system would end the session and log me out of my account landing me on the login.php page. I had not resolved this problem and will need to before completing the new release. Any help would be greatly appreciated.
    And Bill, Thank you for your help on this module, as well as for saying that this MVS addon should be a standard part of every osCommerce release. I wish more people would make an issue of this, perhaps eventually it will not fall on deaf ears. Thumbs up to you for that!
    Demitry
     
  22. Like
    Demitry reacted to raiwa in [Contribution] Recently Viewed Products(sales optimized)   
    Upddated to Version 5.0.1 Phoenix
    https://apps.oscommerce.com/z7iA8&recently-viewed-products-bs
    Compatibility:
    Phoenix 1.0.2.x
    PHP: 7.0-7.3
    *********************************************************************************************************************
    This version has not been tested with earlier Phoenix versions.
    You will need to apply at least the following database update to use it with Phoenix 1.0.0.x or 1.0.1.x.:
    https://pastebin.com/Ed8B6nuT
    You may also need to update custom.css
    *********************************************************************************************************************
    Changes:        
             - modified "See More" button to show only if more recently products have been visited than number of recently products shown in module.
    Thanks to @Demitry for the suggestion
             - readded missing truncate text function in cm_sc_continue_recently_viewed.php shopping cart module
             - removed obsolete truncate text functions in box module
     
  23. Like
    Demitry reacted to 241 in Header Tags SEO   
    admin/includes/functions/header_tags.php line 104
    if (($fileSaved && $cntNewFiles) || (! $fileSaved && (count($existingFiles) != $cntNewFiles))) { count($existingFiles)
    Notice: Undefined variable: existingFiles
    Warning: count(): Parameter must be an array or an object that implements Countable
    $existingFiles is not an array or object
  24. Like
    Demitry reacted to MrPhil in Database Optimizer   
    Keep in mind that it's more than just changing function names mysql_ to mysqli_. Some parameter lists in the calls will also be changed, so you need to check those.
  25. Like
    Demitry reacted to Jack_mcs in Database Optimizer   
    Yes, it should be changed.
×