Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


Posts posted by raiwa

  1. Hello @edo.script,

    PWA series 3.x is intended for BS CE FROZEN. All instructions, files and references are for this version only.

    If your store version is a previous EDGE version, you need to know how hooks work and to be able to adapt the instructions/code references to your store.

    Otherwise please use the last series 2 version ( Purchase without account BS 2.5r2 )

    The most important difference in FROZEN is that hooks registry is done automatically in application_top.php. But you do not need to adit this file in any PWA version. Tht's whi it is not included in the package and there is no need for it.

    If your store version is previous you need to add the hook registry manually like I posted befor to the page files where hooks are used.

    The modification in the instructions are the hook call which is the second part you need to get the hook working.

    Please understand that it is impossible to include accurate instructions for all BS CE versions which are out there. There are hundreds of them.

    The latest versions of my add ons are all for FROZEN which is the recommended actual and stable version for users which are not skilled in coding.


  2. 45 minutes ago, greasemonkey said:

    @raiwa is this cleaned by tep_draw_input_field (which is sanitizing with stripslashes)?

    And if so... is it enough? This is definitely out of my skill range - it really is just a question.

    Reading about SQL injections (again I'm not sure I understand it clearly) should we not be using PDO (as in 2.4) or at minimum htmlspecialchars?

    Source: https://stackoverflow.com/questions/29678806/secure-all-inputs-in-php-form

    I guess this input example has been cleaned with: tep_db_prepare_input:

      function tep_db_prepare_input($string) {
        if (is_string($string)) {
          return trim(tep_sanitize_string(stripslashes($string)));
        } elseif (is_array($string)) {
          foreach($string as $key => $value) {
            $string[$key] = tep_db_prepare_input($value);
          return $string;
        } else {
          return $string;

    which uses tep_sanitize_string:

      function tep_sanitize_string($string) {
        $patterns = array ('/ +/','/[<>]/');
        $replace = array (' ', '_');
        return preg_replace($patterns, $replace, trim($string));

    If it is enough I do not know neither.

  3. Hello Ros @Rosyweb,

    In the category box module you can pass a fixed root category to the category class like this (example for root category 1):


    or you can pass the actual category id as root category id. So the category box will dynamically show only the subcategories of the actual category:


    in this case you need to add $current_category_id to the globals list of the module:

          global $oscTemplate, $cPath, $current_category_id;


  4. Hello Ed @edo.script,

    Point 1:

    It looks like you tried to install/update PWA 3.0.5 over the old GOLD version from @De Dokta. It also seems you are mixing code provided from older PWA 2.x versions with PWA 3.0.5.

    The code you mention under point 1 is not used any more in PWA 3.0.5.

    Please complete uninstall your old PWA version before installing PWA 3.0.5, there are no update instructions available for that old version.

    For the hook call in checkout_process.php:
    $OSCOM_Hooks->call('pwa', 'PwaCheckoutMailMod');) . This is from an older PWA 2.x version. Please do not try to mix code from older version. Use only the coding provided in PWA 3.0.5.

    PWA 3.0.5 is for FROZEN BS which includes the hook call in application_top.php at the very end:

      $OSCOM_Hooks->register(basename($PHP_SELF, '.php'));

    Only if you do not have this in application_top.php you need to add to checkout_process.php:

    $OSCOM_Hooks->call('checkout_process', 'PwaCheckoutMailMod');

    Observe that the "echo" you have in front is totally wrong.


    Point 2:

    Redo your installation like explained before. Make sure that you have the Header Tag module and the checkout_success content module correct installed.

  5. I remember a thread where this was discussed for the PHP7 update of EDGE with @BrockleyJohn but can't find it any more.

    He developed and tested the class constructer name updates in EDGE. Maybe he can explain the reasons better.

    I only remember that without this trick (there are also just empty class constructors used in some classes) function not found errors were thrown and his solution solved them.

  6. Updated to Holiday-Promotional Message 2.1.2 BS

    Changes version 2.1.2:
    - added additional fix in admin/modules_content.php to prevent escape backslash for sql sensitive special characters to be duplicated when edited.

    Changes version 2.1.1:
    - reverted wrong fix introduced in 2.1.
    - applied correct fix in admin/modules_content.php to allow sql sensitive special characters like single quote (apostrophe) in Text definitions.

  7. This could be achieved with javascript. But it's much easier to just show the $ sign permanent outside before the inputfield.

            echo '$ ' . tep_draw_input_field('enquiry', '', 0, 1, NULL, 'required aria-required="true" maxlength="6" id="inputEnquiry" placeholder="' . ENTRY_OFFER_TEXT . '"');
            echo FORM_REQUIRED_INPUT;
            ?>   shipping not included


  8. 1 hour ago, puggybelle said:

    So if a customer attempts a purchase using PWA and leaves before completing checkout, is this what I should be seeing? 

    Admin > Customers

    Is that the purpose of the Guest Checkmark?  Just to let me know that...this person backed out and left? 



    YEs, or maybe using a external payment service like PayPal standard he didn't come back to your store after payment and the account didn't get auto deleted on checkout success page. So in these cases you can identify guest accounts and delete them yourself in admin if you wish.

  9. Hello Fredrik @redrum,

    First of all to say that I didn't write the contribution from the beginning. I only updated and adapted it to the BS Community edition and higher PHP versions.

    I didn't digg into these functions until now, but tried to follow up how it works.

    If you check the mentioned functions, you'll see that they use "qtpro_product_exists". Which checks if the product whos id is stored in the stock table still exists.

    If you delete a product and don't remove the options/attributes of the product, the stock entry still is in the stock table even the asociated product has been removed. This produces that error message.

    When I find some time I'll research further how to avoid it.

    Best regards

  10. Hello Andrea @puggybelle,

    I'm pretty sure that this is again unrelated to PWA.

    The missing customer address, e-mail and phone is stored in the order tables and independant from the customers account data which is stored (and deleted by PWA) in the customers and address-book tables.

    The error you get trying to send a status update is because there is no e-mail address stored in the order like I can see in your screenshot. No e-mail address, no mail can be send.

    PWA and the modifications in paypal standard do not interfere in any way how the order data is stored, so it can't be the reason for this problem. If correct installed, PWA only modifies the content of the order confirmation mail and flaggs the order as a guest order, nothing else.

    The fact that guest accounts are auto deleted on successful checkout is one of main features and it makes sense. It is just what customers using guest checkout like. Only the strictly required order data is kept stored.

    Please revise your store and check again your modifications.

    Best regards

    PS: Please consider also that PWA guest checkout is published since years and for sure used in hundreds of stores. No one else has reported something similar yet.

  11. Hello Andrea @puggybelle,

    There is something unclear in your report:

    9 hours ago, puggybelle said:

    On the next screen (checkout_shipping) she sees the option to change the Shipping Address.  Selects that and fills out a new shipping address.  She wants this shipped to a friend.

    Clicks continue (we're on checkout_payment now) and the shipping address box is once again populated with her original billing address, not the new shipping address she entered.

    If going to add a new shipping address in checkout shipping.php, the customer will be linked back first to the checkout shipping page where he sees the new shipping address. Then in the next step he will go to the checkout payment page and see the old (first) payment address. (shipping address is shown on checkout shipping, payment address is shown on checkout payment)

    Anyway I would recommend you to check this yourself with a test guest order. I wouldn't believe too much in what customers report. Do it yourself and get familiar with the whole process and options.

    In general for PWA:

    The only differences between a guest and a regular account are:

    - guest account has no password set

    - guest account is flagged as guest account in the customer and order table in aditional columns

    - once a customer leaves the checkout process without finishing and the session has expired, he can't log in again to the account, even the account has not been deleted (he has no password). But he can create again a new guest account without problems.

    - guest checkout is auto deleted once the order is correct finished in checkout success (if the customer does not opt in to keep the account and set a password)

    So all functionality like different shipping address etc. is exact the same like for regular accounts.


  12. Mehrfach posten ist laut Forum Guidelines nicht erlaubt:

    2. Posting Punkt 2: Guidelines

    Du hast auf dein erstes Post schon Antwort auf diese Frage erhalten:

    Ausserdem solltest du die wichtige Information, dass dein Shop ein von PL System modifizierter und somit kein Standard Shop ist, nicht vorenthalten.

  13. You could use the short word filter and set it to 2:

    Filter Short Words
    This setting will filter words less than or equal to the value from the URL.

    or use the character conversion list:

    Enter special character conversions
    This setting will convert characters.

    The format MUST be in the form: char=>conv,char2=>conv2

    This allows to remove concrete expressions like: by=>[leave empty]


    Don't forget to reset the SEO cache after changing any of these settings 😉

  14. It's like I stated, the link you posted points to the EDGE master which has been updated to BS4 and has nothing to do any more with your version from 2/2017:

    <!-- bs 4.2.1 -->
    <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.2.1/css/bootstrap.min.css" integrity="sha384-GJzZqFGwb1QTTN6wy59ffF1BuGJpLSa9DkKMp0DgiMDm4iYMj70gZWKYbI706tWS" crossorigin="anonymous"> 

    Discount code BS will not work with BS 4, only  BS3.

    If you wish to test with a clean unmodified version, please use FROZEN:


    This will work and then you can compare to your real store to find the problem.