Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

tgely

Team
  • Posts

    2,159
  • Joined

  • Last visited

  • Days Won

    51

Everything posted by tgely

  1. I suppose somebody will rewrite the whole option types codebase.
  2. https://github.com/tgely/oscommerce2-1/blob/119977546d6bf3b9e66b8dd1c4b5a2581154d24c/catalog/includes/classes/email.php @lee the bean I hope these help.
  3. Its time for the google to repair it. My solution: https://github.com/Gergely/oscommerce2-addons/compare/cPath_validation Run this sql script before update: ALTER TABLE `categories` ADD COLUMN `cpath` VARCHAR(255) NOT NULL AFTER `last_modified`;
  4. @raiwa Not exactly its attack only mysql. Probably mysql 5.6 I remember something from the past... Secure App: https://apps.oscommerce.com/o19Sn&security-pro-2-0-r7 It could be a Hook. catalog/includes/hooks/shop/global/security_pro.php From Security Pro Start here page:
  5. @Psytanium use cannonical header tag @raiwa Ah sorry Rainer!
  6. @raiwa I am talking about \Ultimate_Seo_Urls_5_PRO_BS_208\new_files\catalog\includes\modules\ultimate_seo_urls5\ cache module files.
  7. Hi everybody, just examined php error logs and discovered that USU5 database cache system was attacked with sql injection codes. Its probably a security issue if someone use database (mysql or sqlite) cache interfaces. I dont have any imagination how could be registered into MySQL UNION script but looks like very danger. DO NOT USE database cache modules! @raiwa Could you drop database cache modules or fix it in responsive/original addons? An error example with file cache module: [21-Mar-2017 xx:xx:xx Europe/X] PHP Warning: file_put_contents(/xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/cache/2_index_manufacturers_id_23111111111111120UNION20SELECT20CHAR4512049458145CHAR4512050458145CHAR4512051458145CHAR4512052458145CHAR4512053458145CHAR4512054458145CHAR4512055458145CHAR4512056458145CHAR4512057458145CHAR451204948458145CHAR451204949458145CHAR451204950458145202020.cache) [<a href='function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: File name too long in /xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/file.php on line 82 I am afraid that injection script stored directly when database interface used.
  8. @rpdesign Have you tried new apps page? https://apps.oscommerce.com/c=shipping
  9. Where is the Phoenix?

    1. MrPhil

      MrPhil

      Crashed in the Western Desert?

  10. I hope @@Harald Ponce de Leon will add into PP app.
  11. Super Simple code: <a href="https://paypal.me/myaddress/<?= $order->info['currency'] . preg_replace("/[^0-9.,]/", '', $order->info['total']); ?>" target="_blank"><?= BUTTON_PAYPAL_ME; ?></a> Language dependencies: define('BUTTON_PAYPAL_ME', 'Pay with Paypal <i class="fa fa-paypal" aria-hidden="true"></i>'); Text email SS PP code: echo 'https://paypal.me/myaddress/' . $order['currency'] . $orders_total['ot_total']['value'] . ' (Pay with PayPal.me)'; myaddress= https://paypal.me/grab :D
  12. Black Friday hangs up orders.. Some day for nothing

  13. v2.4 will be your friend. v2.3.x has no way to use HEADING_TITLE. But now you could use an associative array to figure out whatever you want. //have to figure out for yourself $example['condition'] => array('dutch' => 'Verzending', 'english' => 'Conditions'); //get the translated filename if (isset($example[substr(basename($file), 0, -4)][$language])) { $newfile = $example[substr(basename($file), 0, -4)][$language]; } else { $newfile = $file; }
  14. after this line: $file = DIR_WS_LANGUAGES . $language . '/' . $file_name; add this: $newfile = 'whatever you want...'; change: 'title' => sprintf( MODULE_CONTENT_HEADER_STORE_SEARCH_PAGE, substr(basename($file), 0, -4)), to: 'title' => sprintf( MODULE_CONTENT_HEADER_STORE_SEARCH_PAGE, $newfile),
  15. Hi, this should be selected on admin side module configuration page. Do you have Dutch filenames and different english names?
  16. @@ArtcoInc Change the following in ext/modules/../content_searches.php MODULE_CONTENT_HEADER_STORE_SEARCH_PAGE to: MODULE_BOXES_STORE_SEARCH_PAGES
  17. @@stefan21 Have you setup your paypal account to utf8 standard?
  18. The addresses are listed finaly on checkout_confirmation page where customers could check and modify them. This is the reason why not running into checkout_process when PP Express used. PP Express offers a fast login after shopping cart where unregistered customers be able to to buy so this is the reason of Paypal defined addresses. You are not wrong this is natural behaviour of modules.
  19. Customers can change their addresses. There are 6 built in address book place in standard osc installation by customers. Why do not they change it? Its a free function.
  20. Several parameter transport issues are discovered before. 1. GET/POST parameters allowed lenght in server config 2. Bad coded UTF8 character breaks the APP output/input parameters All issue be able to separate from Apps log. Collect saved params from logs to analyze them. This could be the reason of 1-5 issues: - bad encoding in email "To" header if non-ascii chracter used (best is base64 encoding) - UTF8 configuration problem in Paypal Account http://www.oscommerce.com/forums/topic/408822-paypal-payflow-express-checkout-ship-to-address-bug/ Bad GetExpressCheckoutDetails transform Have to use: parse_str(utf8_decode($response), $response_array); //This function automatically urldecodes values (not mentioned in the docs). in \includes\apps\paypal\modules\EC\api\GetExpressCheckoutDetails.php Bad SetExpressChekoutDetails transform Have to use this code: $post_string .= $key . '=' . urlencode(trim($value)) . '&'; in \includes\apps\paypal\modules\EC\api\SetExpressCheckout.php I dont have experiencies on all cases but could be language localization problem too with urlencode/decode and utf8 server configs in parameter transports. The best way to analize App logs to discover problems.
  21. Have a nice day Stefan, I am affraid this is PP Express normal function. Use PP standard instead.
  22. Have you ever lost windows 10 user account? Nice to see you again! thumbs up

  23. Site search means site search but has size limits with autocomplet results. In site search the images are supernumerary between text results. If someone search something means that wants something more exactly and more easily. I dont want to say that images not important yes they are but not in autocomplet dropdown fields. Lets see an example. Someone call me on phone that he wants something. I say him type the following text into the site search box: xyz. The site search drop down 4 same images with exact different product names. What does he choose? He selects the text where he finds what he wanted. If we use images in search maybe helps but I think use instead streamlined icons for grouping or mark informations only. Less space and more benefit.
×
×
  • Create New...