Jump to content

raiwa

♥Ambassador
  • Content count

    4,822
  • Joined

  • Last visited

  • Days Won

    161

Everything posted by raiwa

  1. raiwa

    reset password vulnerability

    I got the following reported: Matt @ecartz, provided the following script/hook to fix this: class hook_shop_siteWide_reset_all_sessions { public function listen_accountUpdateTables($parameters) { if (isset($parameters['db']['customers']['customers_password'])) { $sessions_query = tep_db_query("DELETE s FROM sessions s INNER JOIN whos_online wo ON s.sesskey = wo.session_id WHERE wo.customer_id = " . (int)$_SESSION['customer_id']); } } } I made the hook which should be placed in: Phoenix 1.0.7.2.+: templates/default/includes/hooks/shop/siteWide/ Phoenix 1.0.5.1. - 1.0.7.1: includes/hooks/shop/siteWide/ reset_all_sessions.php Lower Phoenix and OSCommerce versions need to add the query to account_password.php line 49-50. So it should look like this: if (tep_validate_password($password_current, $check_customer['customers_password'])) { tep_db_query("update customers set customers_password = '" . tep_encrypt_password($password_new) . "' where customers_id = '" . (int)$customer_id . "'"); tep_db_query("update customers_info set customers_info_date_account_last_modified = now() where customers_info_id = '" . (int)$customer_id . "'"); // session destroy on password reset tep_db_query("DELETE s FROM sessions s INNER JOIN whos_online wo ON s.sesskey = wo.session_id WHERE wo.customer_id = " . (int)$customer_id ); $messageStack->add_session('account', SUCCESS_PASSWORD_UPDATED, 'success'); tep_redirect(tep_href_link('account.php', '', 'SSL')); Matt asked me to publish this here so other users can test it before adding it to core. It is already in use in one live store. Please test and report back.
  2. raiwa

    PHP 8.0 Upgrade to boxes.php class

    This was already required for PHP 7.0 Or am I wrong?
  3. raiwa

    [CONTRIBUTION] Sloppy Words Cleaner

    Phone number is not cleaned in the hook. You can copy any line for example: if (isset($customer_details['email_address'])) $customer_details['email_address'] = strtolower($customer_details['email_address']); Then change "email_address" to "customers_telephone" and for just spaces use that function: $string = str_replace(' ', '', $string);
  4. raiwa

    Stripe v3 module for SCA

    Yes I do not know this module, but I believe you just need to add the create_account_pwa.php page to the page list where to add it. You should ask the developer of that module.
  5. raiwa

    Stripe v3 module for SCA

    It is how the module works. It creates already the order at checkout_confirmation.php See the very first messager in this thread:
  6. raiwa

    [Contribution] Ship In Cart

    It seems this got fixed in the 1.0.7.16 core update
  7. raiwa

    [Contribution] Ship In Cart

    Hotfix for now until update: Change all instances of: MODULE_CONTENT_SC_TWOPAGE_SHIPPING_DEFAULT_ZIP to: MODULE_CONTENT_SC_SHIPPING_DEFAULT_ZIP I believe this is a core issue.
  8. raiwa

    QTPro BS

    Update uploaded: QTpro Phoenix 7.3.1 Version: 7.3.1.: Compatibility: OSCOM CE Phoenix 1.0.7.15+ Tested with Phoenix 1.0.1.15/16 PHP: 7.0 - 7.4 Core changes: NONE Changes versus QTpro 7.3.0 - fixed non working attribute stock update to zero in Admin : Categories/Products : Attributes Stock Tab.Thanks to @Owl Sauron - fixed attrributes Price with Tax. Thanks to @Owl Sauron - fixed undefined errors in checkout for products without attributes. Thanks to @beerbee Changes versus QTpro 7.2.0 - updated for Phoenix 1.0.7.15+ - fixed glitches in admin categories hook - moved shop hooks and template files into custom template - replaced order class extension by order process sitewide hooks - merged order process hook into order process sitewide hook - replaced alternative hopping cart content module by override template - added support for PayPal Standard IPN attributes stock deduction - modernized code to match actual core standards - added back option images support
  9. raiwa

    QTPro BS

    QTPro BS 5.0 I'm working on a new version based on QTpro for osc 2.3 version 4.6.1 plus newer updates and fixes. Planned Changes: coding updates for latest 2.3.4 BS EDGE Community version with hardcoded filenames, database table names, paths and superglobals content modules for product info, shopping cart hooked modifications or separate functions where possible to avoid core file changes (stock checks etc in checkout pages) final product prices shown in option/attribute combinations on product info page also for more than one option/combinations general code clean up language constants/definitions for all texts for full multilanguage support To do list: update qtprodoctor.php hardcoded stuff, superglobals language constants/definitions update stats_low_stock_attrib.php hardcoded stuff, superglobals language constants/definitions update stock.php hardcoded stuff, superglobals language constants/definitions replace mods in admin/boxes/tools.php by separate file replace mods in admin/boxes/reports.php by separate file avoid mods in admin/includes/functions/general.php load function file in modules replace core function mods by own functions? modularize product info options modularize product info stock table versions for Modular Product Page by kymation alternative product listing module for modularized shopping cart order class extension to avoid mods in core order class replace all mods in checkout files by hooks? check compatibility with ajax attribute manager add support for attribute sort order update instructions It would be great if there appear testers for the mods. Who has the old version already installed: - replace the admin files - upload and install the product info content modules and (IMPORTANT!) uncomment the complete options/attributes section in product_info.php For new installations: - instructions are not updated yet follow the old instructions except A.: don't modify admin/includes/boxes/tools.php and reports.php, upload the nwe files instead B.: upload and install the product info content modules and (IMPORTANT!) uncomment the complete options/attributes section in product_info.php instead to apply the mods Most important for now are the changes in the product info option modules to show final prices according to the option selection even if there are muliple option combinations (single drop down and single radios) GitHub repository Thanks and best regards Rainer
  10. raiwa

    Slim Checkout for BS

    Uploaded Version 1.4 Slim Checkout 1.4 Compatible with Phoenix 1.0.7.15+ Tested with Phoenix 1.0.7.15 PHP 7.0-7.4 - updated for Phoenix 1.0.7.15+ - tested under Phoenix 1.0.7.15 and PHP 7.4
  11. Slim-Checkout Common opinion is that the checkout process should be as "slim" as possible. This means to hide all page elements which are not strict necessary to show to the customer a simple clean layout, so nothing disturbs his attention from the purchase process. This add-on allows to do it by simple settings in a Header Tag module. Git Hub Repository: https://github.com/raiwa/Slim-Checkout/tree/master What it does: - allows to hide elements on checkout pages - optional hide on checkout pages (checkout_shipping.php, checkout_payment.phpheckout_confirmation.php and checkout_success) - optional hide also on shopping_cart.php - select each group to hide (navbar, header area, boxes, footer and footer suffix Installation: - copy all new files - install and adjust Slim Checkout Header Tag testing , Bug reports and suggestions very welcome. rgds Rainer
  12. How big is “normal size” for you? Just try with one smaller image for testing, if it then works, it’s this. For memory increasing ask your hosting. EDIT: Make also sure to use only standard characters in the image names. Try to find out any characteristic difference between the working and non working images. In admin it says: IMAGE DOES NOT EXIST
  13. This is the new support thread for: KissIT Image Thumbnailer Phoenix and KissIT Image Thumbnailer CE
  14. And run the db uninstall file.
  15. The uninstall instructions seems are not updated. You would just remove all kissit files. For your not showing images issue: Can you show a sceenshot. If it's that the thumbs are not created, it can be due to memory limit if you are using very big images. Try to use smaller images or increase your server's memory.
  16. raiwa

    Display Tax Info V3.0

    I'll have a look for the next update, but anyway think it's not really important on that page 🙂
  17. Display tax info Version 3.0 by @raiwa Download: http://addons.oscommerce.com/info/9365 ********************************************************************** Based on: Version 2.3 for oscommerce-2.3.x: http://addons.oscommerce.com/info/8160 Original version: By www.tim-international.net http://addons.oscommerce.com/info/6725 And: Tax info 1.6 http://addons.oscommerce.com/info/2788 ********************************************************************** Complete new modularized version. All Configuration entries, language definitions, currency class extension and styleshhets included in one store module. Copy the modules and language files and install the module. That's all. What does this version do: It will display the following below the price on each page included in the module: 1. If the tax value of the displayed price is = 0: Shows: "VAT excl." or any other text you define in the language file 2. If the tax value of the displayed price is not = 0: Shows: "XX% VAT incl." or any other text you define in the language file Where XX is the value of the tax in percentage as defined in admin/tax rates Note: For other languages/uses its possible to define a text string before the tax rate and another after the tax rate: Example: for german it will look like this: "inkl. XX % MwSt." Page selection where to use the module Optional parameter added to display_price function which allows to switch off the tax information.
  18. raiwa

    QTPro BS

    Update uploaded: QTpro Phoenix 7.3.0 Compatibility: OSCOM CE Phoenix 1.0.7.15+ Tested with Phoenix 1.0.1.15/16 PHP: 7.0 - 7.4 Core changes: NONE Changes versus QTpro 7.2.0 - updated for Phoenix 1.0.7.15+ - fixed glitches in admin categories hook - moved shop hooks and template files into custom template - replaced order class extension by order process sitewide hooks - merged order process hook into order process sitewide hook - replaced alternative hopping cart content module by override template - added support for PayPal Standard IPN attributes stock deduction - modernized code to match actual core standards - added back option images support Full Package Update In structions included
  19. I didn't check, bit I believe If using the PayPal express checkout button, the shipping must be selected at the PayPal page (once logged into the PayPAl zccount).
  20. raiwa

    Stripe v3 module for SCA

    I tested with 1.0.7.15 and it works. I also tried wit discount codes and all seems to work correct.
  21. raiwa

    Import CSV oder XML

    Search on the marketplace for “Easy Populate”
  22. It requires an update for Phoenix 1.0.7.15. It's on my list. Please be patient.
  23. If you do not wants to use Watermark at all, switch it off in the settings: Admin : Images If you only wish to remove it from some image(s), read the instructions, example store logo. Don't forget to reset the thumbs and browsers cahe after changing the settings.
×