Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

altoid

♥Ambassador
  • Posts

    1,571
  • Joined

  • Last visited

  • Days Won

    13

Posts posted by altoid

  1. It looks like PayPal Website Payments Standard you pay for buttons, which doesn't make sense to me since osC already has buttons for checking out and re-directing to PayPal (I enabled Payments Standard in osC and tried the PayPal sandbox and thru the sandbox PayPal/osC seems to work). Is there a way to test Payments Standard not thru the sandbox before I go live? Bottom-line is all I want to do is sell via PayPal and accept checks/money orders but I am having problems understanding which PayPal module to use (Website Payment Standard vs. Express Checkout) and the osC PayPal module tutorial is confusing to me as it doesn't seem to mesh with what I read on PayPals web site. Also, the tutorial doesn't give specifics on module config data to enter on many of the fields. Any assistance in helping me understand how to choose and configure PayPal for osC would be much appreciated. Thanks!

     

    Jerry, is this the tutorial you referred to?

     

    I don't pay for buttons, whatever that means.

     

    I use PP standard, but will install PP IPN when I get motivated enough. For now though, PP Standard suffices. Here are my settings if that helps: (note the key and certificate settings are blank)

     

    Enable PayPal Website Payments Standard

    True

     

    E-Mail Address

    [email protected]

     

    Payment Zone

    --none--

     

    Set Preparing Order Status

    Preparing [PayPal Standard]

     

    Set PayPal Acknowledged Order Status

    Processing

     

    Gateway Server

    Live

     

    Transaction Method

    Sale

     

    Page Style

    PayPal

     

    Debug E-Mail Address

    [email protected]

     

    Sort order of display.

    1

     

    Enable Encrypted Web Payments

    False

     

    Your Private Key

     

     

    Your Public Certificate

     

     

    PayPals Public Certificate

     

     

    Your PayPal Public Certificate ID

     

     

    Working Directory

     

     

    OpenSSL Location

    /usr/bin/openssl

  2. Hello, I plan to install this add on: couple of questions for you.

     

    I have SiteMonitor installed, from what it appears to me I can install KISS FileSafe ( file security ) with no conflicts. Do I have that correct? KISS FileSafe ( file security ) appears to me to replace SiteMonitor, but I'd like to test things out before removing anything.

     

    Secondly, I am with a host that is a bit of a PITA with CronJobs (I plan to switch hosts at the end of the year). They only allow a CronJob to be run by running a file, not by code. Example

     

    'http://myusername.myhost.com/filetruncronjob.php'

     

    That's the only way to run CronJob on my host.

     

    Question: Give that, do you think the following syntax work with my sever's system?

     

    'http://myusername.myhost.com/filesafe.php?auth=myauthcode'

     

    Thank much for your contributions and help here on osC.

  3. Hi everyone, i'm new to OScommerce.. currently i wanted to add meta tags, but do not know which files to add in and where to add in !!

    Do i need to paste these 'meta tag' to all my product page or just the main index.php in order for search engine to crawl.

     

    <meta name="keywords" CONTENT=" apple12345 ">

    <meta name="description" CONTENT=" apple12345 ">

     

    please enlighten me.. thanksSss

     

    Kenny, there are at least several meta tag add ons ready to go. Go over to Goggle and type in site:addons.oscommerce.com "header tags", you will get quite a list of options.

     

    Good luck

  4. You could try the code I posted above to see if an error is occurring.

     

    I tried that with negative results. Username issue continues. My brains about fried trying to figure this one out, so I will be at 2.4 for now.

    Thanks

  5.  

    Anyway, I will tackle this again in a day or two. I will try the upgrade one more time, if that doesn't work, I will remove the add on totally, and install like a completely new install and see what that shakes out.

     

     

    Jack, I tried the upgrade again, trying several techniques but still get the password issue. Note, I had the same issue with trying to go to 2.5, but I could not get pass the password issue there either.

     

    I changed config settings both from the SiteMonitor admin configure page of my shop and then editing the sitemonitor_configure.php file manually and uploading.

     

    No double quotes are in there...did a search on the sitemonitor_configure.php file with Notepad++ to make sure. Except for this ("security_update")of course:

     

    $hackCodeSegments = array('error_reporting(0)', 'base64_decode','<frame','gzdecode','eval','ob_start("security_update")'); //enter any hacker code that you would like to check for
    

     

    If you think it's something in the text from sitemonitor_configure.php that is causing the problems, I could copy/paste if you'd like.

     

    But I am back at 2.4 and that is fine. I'd like to figure out what's going wrong (recognizing fully it might be something I am causing), but 2.4 is working.

     

    Thanks

  6. If you edit the file manually and never go back to the configure section and the admin section still doesn't work, then there is something wrong with your installation/setup since the code from the configuration section is not even used at that point. I ran across one site that had a similar problem and it was because there were double quotes in the exclude list and the message stack wasn't working in the shop so the error was never reported. You should verify the path your shop that is in SiteMonitor's configure file matches what is displayed in admin->modules (the first part) and there are no double quotes in it.

     

    Thanks for the follow up....

     

    no double quotes in the exclude list, but I did note that between the items excluded, sometimes there was a space after the comma, sometimes not. like 'exclude1', 'exclude2','exclude3'. Maybe thats not an issue, but I thought I'd mention it.

    The stores path looks OK assuming the includes/modules part was to be left off.

     

    Anyway, I will tackle this again in a day or two. I will try the upgrade one more time, if that doesn't work, I will remove the add on totally, and install like a completely new install and see what that shakes out.

     

    Thanks for the follow up.

  7. A new version has been uploaded with these changes:

     

    Hi Jack, I am one of those having upgrade problems, and still am after the latest release. I am at 2.4 and it functions fine. I can't get to 2.5 or 2.6 without problems.

     

    Today after not succeeding with the upgrade, just doing upgrade steps, I completely removed all sitemonitor files and mods, left the admin site, signed back on..(no site monitor of course) then signed off and installed the 2.6 package as if completely new. After signing back on I still can't get beyond the username is incorrect error.

     

    I set the root directory correctly.

    In configure I am trying to leave the store admin path blank, but it wants to fill in anyway to http://www.mystore.com//myadminfolder/

    In configure I leave admin username and admin password blank, click update and it seems to take. But when I flip over to SiteMonitor > Admin I get the password incorrect error.

     

    So I tried reuploading the myadminfolder/sitemonitor_configure.php manually leaving as so:

     

    $admin_dir = ''; //your shops admin

    $admin_username = ''; //your admin username

    $admin_password = ''; //your admin password

     

    And still no luck.

     

    Anyway, I reeled back to 2.4 and that's fine for now but I wanted to pass this along.

  8. Popups shouldn't be indexed at all because when someone clicks on them it just displays an image, which is not any good for generating sales. You should add a no follow, no index meta tag to the popup files.

     

    Follow up on this. After adding no follow and no index meta to the popup_image.php my title tag duplicates report went from 240 something down to 17 on the Google webmaster tools for the shop in question. Thanks again.

  9. Great add on!! quick question...when a customer checks out there ip address its being reported as a intrusion..is this normal?

     

    Since I installed this add on, the only time a customer checkout was flagged as an intrusion was when the customer added text to the checkout with the size he wanted, I think it was XXS (for extra extra small), plus a number and name to go on the product. I took it that the unusual combination of letters and numbers, all legitmate though, was read as a potential intrusion and that's why it was flagged. I chose to ignore that flag.

  10. Popups shouldn't be indexed at all because when someone clicks on them it just displays an image, which is not any good for generating sales. You should add a no follow, no index meta tag to the popup files.

     

    I will do that. Thanks Jack.

  11. Jack, I am fumbling around here trying to fix duplicate title tags in google webmaster tools. Even though I have disallow set up for popup_image.php set up in robots, for every product title tag for

     

    /product-name-p-264.html

     

    I am getting a duplicate title tag for the same product's popup image as so

     

    /product-name-pi-264.html

     

    I am using your Header Tags SEO and Ultimate SEO URLS

     

    Maybe I am missing something obvious otherwise to fix this but what I did was modify the popup_image.php code from

     

    <title><?php echo $products['products_name']; ?></title>
    

     

    <title><?php echo "Image for ".$products['products_name']; ?></title>
    

     

    The page source now shows different title tags, obviously the words "Image for" being the key factor.

     

    So is this a good solution or did I miss something in the Header Tags SEO and Ultimate SEO URLS add ons that would have taken care of this already.

     

    Thanks

  12. Hi,

     

    Thank you to everyone that helped me find the add ons that I needed!

     

    Now, I just need to know how I go about adding then on to my store so they will go live.

     

    Thanks for helping this wet-behind-the-ears newbie out!!

     

    Edward

     

    Edward, I am still a semi-newbie but maybe I can help a bit.

     

    Each add on should come with instructions that you should follow to the letter. OK, it's true that an add on author sometimes screws up their own directions, but hey...even coders are human. :)

     

    Read the directions, follow the direction is the mantra.

     

    All that presupposes you have a decent FTP program to upload the modified files to your server. I use SmartFTP, it's great but I had to pay a little for it.

     

    And you really should have a good text editor to do any edits. I use Notepad++, it's good and free.

     

    Add a file compare program to you package and you are well on the way. I use Winmerge, it's good and free.

     

    Good luck.

  13. Hello, today I checked my banned IP page and found this IP: 127.0.0.1. It was banned by my system on 2010-08-21 at about 0230 hours. However on the PHPIDS log there was nothing corresponding to this, nor did I get an email notice about any type intrusion.

    I googled 127.0.0.1 and see it is something known as a loopback address. From what I read, this is basically something not to get worked up over.

    Some snippets of what I read are:

    127.0.0.1 is a reserved IP address corresponding to the host computer. Known as the loopback address, 127.0.0.1 is used whenever a program needs to access a network service running on the same computer as itself.

    Anyway, I was wondering what, if anything to do with the IP now on my banned IP list.

    Thanks

  14. I am new to osCommerce and have been reading the forums to try to find out how to install the many add-ons that I would like to take advantage of. Can someone please tell me exactly how to install an addon, please?

     

    Like Jim said, each one has it's instructions, but if you are really, really, really new, you probably need to know some fundementals. Like do you have an FTP program and a decent text editor?

  15. You are correct.

     

    PHPIDS creates a log about an intrusion when it occurs. Anti XSS codes do not allow this to happen. You could have Security Pro in lieu of Anti XSS.

     

    Hello, with Anti XSS removed now from my system and Security Pro installed as per instructions in PHPIDS read me, all appears OK.

     

    However I have noticed that when I am run Site Monitor, there are 18 files that keep recurring in the report even after I delete the Site Monitor reference file.

     

    The recurring files are located in these directories:

     

    includes/phpids/lib/IDS/tmp/

    includes/phpids/lib/IDS/vendors/

     

    I found I can get them to stop appearing in the Site Monitor report if I exclude them in the configure part of Site Monitor, but I thought I'd mention the situation for discussion sake. I am presuming there is something dynamic about these files that make them constantly change, perhaps that's how they work.

     

    Thank for your assistance.

  16. We do not have a file named as page_name.html in our module. You need to find our as to the module which is using this file. Perhaps some other contribution may be interfering with our contribution.

     

    Since posting my observation I removed XSS [XSS Shield] and reran test 2. That error page I asked about disappeared on the second run; and the module functioned as it was supposed to. Thanks much.

  17. >> Anti XSS [XSS Shield]

    PHPIDS would not work fully if you use this as some of the query strings get sanitized.

    You do not require this if you use Security Pro as both of them have almost same functions.

     

    I want to make sure I follow the logic on this. With Anti XSS [XSS Shield]installed, that code would stop the intrusion and redirect to a 403 page, but also stop the code short of allowing PHPIDS to function, do I have that correct?

     

    With Anti XSS [XSS Shield] removed, PHPIDS will then process an injection, do its job but in at least some cases, the script would still run in application_top.php and allow Security Pro to sanitize the string as well. Is that accurate?

     

    Thanks much.

  18. "phpids_intrusions" db table has got a column by this name "origin" to record the server ip automatically. It is unable to perform this. You need to enable error handling and find out why this is not happening.

     

    If you are unable to find out a solution to this, please make the "Null" for this column as "Yes" in this table in your MySQL DB through phpMyAdmin.

     

    By going in through phpMyAdmin and manually changing the origin row to null as follows:

     

    origin varchar(15) latin1_swedish_ci Yes NULL

     

    I was able to get this to work.

     

    However for the second test: ?test="><script>eval(window.name)</script>

     

    When I run this I get

    Forbidden

    You don't have permission to access page_name.html on this server

  19. A new version has been uploaded with these changes:

     

    - Added code to redirect category child so it uses the full path, i.e., parent ID = 3, child ID = 4, url -c-4.html changes to -c-3_4.html

    - Added code to redirect category id = 0 to home page and issue a 404 error

    - Fixed problem that caused code to fail with oscommerce SEO urls ( /cPath/ID )

    - Fixed on/off switch in admin. The first setting now turns off the whole module

    - Removed unused variable

    - Updated instructions regarding .htaccess file

    - Updated instructions regarding upgrading from a previous version

     

    Jack, thanks for the update. I just tested this with some duplicate meta descriptions and duplicate title tags that were flagged in my google webmaster tools. Such as.....

     

    /-c-0_136.html

    /-c-0_182.html

    /-c-0_32_62.html

    /-c-0_43_179.html

    /-c-0_43_53.html

    /-c-0_43_55.html

    /-c-0_43_56.html

     

    After the update these are all now redirected to the index page, which should take care of those duplicate situations if I understand the concept correctly.

     

    Thanks

  20. You either didn't install it correctly or you somehow bypassed the configure page, assuming you are using the latest version and your username isn't actually username.

     

    Maybe this will be of help to someone.

     

    I am in the process of catching up on my sitemonitor versions and was getting the "....failed to open dir: No such file or directory...." error.

     

    Turned out it was my error, where the instructions for upgrading say

     

    1) Upload all of the files except for sitemonitor_configure.php in the included admin directory to your

    admin directory.

     

    I blew right by the "except for sitemonitor_configure.php" part. When I figured out what I was doing wrong, and went back the install/upgrade worked fine.

     

    Note to self: Read instructions....follow instuctions....read instructions....follow instructions

  21. Jack I have installed 3.2.3, it's running well. Thank you. In particular I appreciated the modified code so this would work with Sam's Remove-Prevent duplicate content add on, and I appreciate the html editor update in that I use fckEditor.

    I am still trying to figure out the duplicate meta tags I get with All-Products when Google crawls by alphabetized category. Meaning <https://www.mystore.com/all-products.php-by-A.html>, <https://www.mystore.com/all-products.php-by-B.html>, etc. But for now that's on the back burner until I let Google crawl over the next couple weeks and see what they come up with for duplicate content issues. I will revisit that then.

    Anyway, thanks very much.

  22. Well on the bright side of things I have had IP Trap installed for quite a while and snagged several intruders. Doing an IP whois search on the intruders, I usually don't find out much other than where the nosey person was from. Today got a good one, my IP search for today's intruder yields results that that IP was involved located in eastern Europe and associated with many porn related sites. Just guessing but I think this visitor was hoping to plant code on my site creating links back to the porn sites. I am very grateful Nic provided this add on to help protect from that kind of thing. :thumbsup:

  23. Yes, it has the form suggested by ClubOsc and provides a more secure form of PWA (Purchase Without Account), and makes the personal details input a seamless part of the checkout, removing any password input requirement in that mode. smile.gif

     

    Sam, I have the Anti-Hack Mods Add On installed and all appears to be working as it's supposed to. Great and thank you.

     

    My question is that I also have this other PWA add on installed. Do I deduce correctly from your comments posted here and the docs that the Anti Hacker PWA is independant of that other PWA; so I can therefore tidy things up in my shop by removing a couple database mods and file changes that were specific to my original PWA? Apparently they are not causing any conflicts that I see but if I don't need them I'd like to remove them for housekeeping sake.

×
×
  • Create New...