Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


BrockleyJohn last won the day on October 1

BrockleyJohn had the most liked content!

Profile Information

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. BrockleyJohn

    PayPal App for osCommerce Online Merchant

    Your mailer is failing to get order totals for the order - from which I guess it's failing to load the order at all, quite possibly because it's processing an invalid order id. Paypal shouldn't be creating extra orders. An order in the preparing status is created before your customer leaves to pay in paypal. This order should be updated either by the returning customer or by paypal ipn whichever gets there first.
  2. BrockleyJohn

    NEW! Complete Order Editing Tool!

    @ArtcoInc please would you check if it's still present on the latest version? I'm PMing you access to a test store.
  3. BrockleyJohn

    osCommerce - 'reviews_id' SQL Vulnerabilities

    @vanzantz those two exploit reports are from the same bloke and they are not verified. I think they are wrong, he doesn't understand what a boolean-based sql injection attack is or for that matter how to test for a sql injection vulnerability of any kind. FWIW I am confident your tool is reporting a false positive and the code is perfectly safe. I can find no report anywhere that integer casting is not proof against injection. You always end up with an integer, so you can never get anything but found or not found for a match to the review_id and you can't add anything to the sql statement. Of course it's possible he's just a better hacker than I am a coder 😉
  4. presumably you have changed includes/modules/product_listing.php
  5. This is what the delivered code does:
  6. Would it not be better only to show categories that have products available to buy?
  7. BrockleyJohn

    ship2pay for 2.3.x

    Up to now there is still no way to extend the payment class to restrict the selection on checkout_payment without modifying core code, so the modification to the constructor of the core class is the simplest way of doing it. If @raiwa's latest request for a hook in the payment form might be a way in if it gets anywhere.
  8. BrockleyJohn

    Quickpay payment module for 2.3

    It might need a little tweak as the admin hooks are slightly different in Phoenix
  9. I don't see that it matters if the menu options are there or not since you have to scroll down past the images to get to them. Who's going to do that?
  10. The standard delivered module with display all the next level categories when you go to a category. With no code changes. It sounds like that's not happening for you. Please confirm @stefan1959
  11. Sounds like your import should be doing all that automatically - get the file and store it, save instead noimage if it doesn't exist
  12. Is this fall-out from a migration or an admin accident? Have you got image entries in the products/products_images table with no corresponding files? I believe if an image tag relates to a non-existent image, you will always get the alt text - though forcing a background image might work behind it, my guess is that it would look bad. Priority should be to put the images back in the place it's looking for them, or run a query against the database to update the entries to the new image path. Backup plan: though a modification to the image function to check for image existence would work, the better approach would be a wrapper function for product images so you only get the overhead on those local files that might not exist. Faster function to check for local file existence is stream_resolve_include_path() instead of file_exists()
  13. BrockleyJohn

    Quick Product Updates for osc 2.3+

    I have just uploaded v3.1.2 to the addons area - https://apps.oscommerce.com/XpKWd&quick-update-bs This version, sponsored by @drusky, introduces coloured radio buttons for product and special status: It also includes the image fix by @dreumel and a bunch of fixes for php7.2 compatibility. Tested against CE Phoenix v1.0.1.2
  14. There is an admin dashboard module you can install to check your catalogue structure for exactly this kind of problem. It's present in many stores with large trees and it's not easy for an admin to notice. https://apps.oscommerce.com/05BV7&catalogue-hierarchy-check-dashboard-modu If you want to have mixed categories and products, you'll need an extra subcategory listing module in modules/content/index_products
  15. BrockleyJohn

    Oscommerce 2.3.4 PHP 7 Real Upgrade (not Hotfix)

    I can only guess. Step 1 - identify which order method is throwing these Step 2 - check when it's executed Step 3 - if shipping is supposed not to be set, fix the order class. If it is supposed to be set, fix checkout_shipping