Latest News: (loading..)

John W

Community Sponsor
  • Content count

  • Joined

  • Last visited

  • Days Won


John W last won the day on May 3

John W had the most liked content!

1 Follower

About John W

  • Rank
    Woof Woof!

Profile Information

  • Real Name
    John W.
  • Gender
  • Location
    Orlando, Fl
  1. You don't have any of your cookie path or cookie domain info. That might be your problem
  2. If it works for your catalog side okay then you're good on dns records. One thing is you should have all your admin pages as https even for the HTTP_SERVER. Otherwise, you're subject to MTM with passwords.
  3. You can use www with a subdomain, but you have to have that set up in dns records. However, you really don't see www used with subdomains. I can't think of one off hand. You also have to have the subdomain in dns. Most hosting packages will do that when you create the sub domain. There are some handy domain tools at Can you see your dns records?
  4. @@gjpinzino You might need to change host, but this shouldn't be a big headache. You have several months and now you now what you need. A server that only supports TLS 1.0 is running an older OS and you will need to move. I think @@Jack_mcs does some hosting and is familiar with oscommerce and, so maybe check him out. Any way you look at it, you will need to move servers. With a little planning, it's not too hard.
  5. I wonder how many servers are running that don't support TLS 1.2 at this time? PCI was pushing for 1.2 sooner but too many servers didn't support it. I upgraded from a centos 6 server to a centos 7 in December this last year, but I think centos 6 supported 1.2 also. I was forced to switch because Softlayer was ending support for 32 bit servers. Cpanel limited 32 bit to WHM 56 also. I was pissed that I only got 90 day notice, but i've gotten way better at upgrading servers since this is the 4th one I have.
  6. @@Jack_mcs Actually, he is correct, and 1.2 must be in use by Sept 18, 2017. Below is the email. As you may be aware, new PCI DSS requirements state that all payment systems must disable early TLS by 2018. Transport Layer Security (TLS), is a technology used to encrypt sensitive information sent via the Internet. TLS is the replacement for Secure Sockets Layer (SSL). In preparation for this requirement, Authorize.Net plans to disable TLS 1.0 and TLS 1.1 on the following dates: Sandbox: COMPLETE Production: September 18, 2017 We have disabled the sandbox in advance of production to allow you and your developer time to test your website or payment solution and ensure you are no longer using TLS 1.0 or 1.1 prior to September 18th. Please contact your web developer or payment solution provider, as well as your web hosting company, to confirm that they can support TLS 1.2 for your API connections. In addition, we plan to retire the 3DES cipher (a data encryption standard) in production soon. However, the date has not yet been finalized. We will notify you once it has. Please refer your developer or solution provider to our API Best Practices for cipher recommendations, details about TLS 1.2 platform support, and other integration suggestions. Note: If you are not using the current version of your web browser, please take a few moments to upgrade it now. Browsers released prior to 2014 may not support TLS 1.2. You can check your browser's TLS support by visiting Thank you for your attention to this matter and for being an Authorize.Net merchant. Sincerely, Authorize.Net
  7. TLS 1.2 is a function of the server's ability. Test the site at and see if it handles TLS 1.2. I use the AIM method of and the current module handles 1.2. If your module is working fine now and the server can do 1.2 you will be fine.
  8. I kind of read through this and i would like to mention that it's not a good idea to output errors to the screen on a production site. Also, you can set where you want your errors going. For instance, I have a catalog side error log and an Admin error log and I can run them at different levels. You can do something like this in your application_top and then the errors won't show on the screen. ini_set('display_errors', FALSE); // set the level of error reporting error_reporting(E_ALL); ini_set('error_log', 'includes/catalog_errors.log'); You could also change the level of errors on your product to not show notice, strict, and deprecated errors, or alter this as needed. It's best to know th errors, but not show the world. error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED); Personally, I run my live site with E_ALL outputing to an error log. I'm still running 5.6 on my live site.
  9. @@Sofia.E The passwords are hashed. What I mean is the password hashing was updated on login to the php native like I showed in my first post.
  10. Yes, you are correct, and I apologize. I did make that change but forgot to list it.
  11. Yes, that's all there was. I haven't kept up with all the changes to BS 2.3.4, but I don't think they've changed anything that would prevent it from working. It's been a year since I did this though, and it's not as fresh in my mind.
  12. The only thing I can think is that you didn't change ncludes/modules/content/login/cm_login_form.php, but other than that it should update passwords on login. It's been a while since i was working on this but I tested it pretty well and I've been using it for a year now.
  13. When I looked in my database, old passwords were being updated on login.
  14. Yes, it does get rates on the fly from the Fedex API and is normally pretty quick, but can take up to 2 seconds or so. I don't think it's being triggered. At least I have an idea where to look though. I'm wondering if I can put an safety catch in checkout_confirmation.
  15. Update: I decided to try it with a flat cost shipping and that is getting added in so the problem is how my Fedex module using dimensional support is loading. Now that I know where the problems lies, I'll figure out what's going on. Not sure why I didn't think of this sooner. When I figure this out I'll post in the main paypal thread in case anyone else hits this problem.