Jump to content

ecartz

♥Ambassador
  • Content count

    3,583
  • Joined

  • Last visited

  • Days Won

    61

Everything posted by ecartz

  1. ecartz

    YASU

    I would try changing the following code from includes/application_top.php // BOF: WebMakers.com Added: Header Tags Controller v1.0 require(DIR_WS_FUNCTIONS . 'header_tags.php'); // Clean out HTML comments from ALT tags etc. require(DIR_WS_FUNCTIONS . 'clean_html_comments.php'); // Also used by: WebMakers.com Added: FREE-CALL FOR PRICE // EOF: WebMakers.com Added: Header Tags Controller v1.0 to if ($PHP_SELF != 'rewrite.php') { // BOF: WebMakers.com Added: Header Tags Controller v1.0 require(DIR_WS_FUNCTIONS . 'header_tags.php'); // Clean out HTML comments from ALT tags etc. require(DIR_WS_FUNCTIONS . 'clean_html_comments.php'); // Also used by: WebMakers.com Added: FREE-CALL FOR PRICE // EOF: WebMakers.com Added: Header Tags Controller v1.0 } and adding the original code into the rewrite.php file. Essentially the problem is that it is trying to generate the header tags before it knows what product it is. With most of the other cases where this happened, I moved the variable definition into the rewrite.php file and it worked. Hth, Matt P.S. I'm not sure that I understand the issue with the all prods that you mention in your other post. Perhaps you could explain more? Possibly with example links? P.P.S. I know of two sites that are using this mod, but I'm not really comfortable posting them here as they are not my sites. If someone has a site installed that meets the My Store posting criteria, please post the link here. Thanks.
  2. Eyal, I tried three different times and it worked for me every time. Have you tried any other browsers or internet connections? Not sure what would cause that. Hth, Matt
  3. ecartz

    Problem with Option type feature

    $products_options = tep_db_query should be $products_options_query = tep_db_query in both places where it appears, so that it can be referenced in while ($products_options = tep_db_fetch_array($products_options_query)) { Hth, Matt
  4. ecartz

    YASU

    Try changing to array_shift instead. I uploaded a new version of the contribution if you want to try that. Hth, Matt
  5. ecartz

    Download Yes / Upload - Import NO!

    To clarify, the tmpdir setting is normally something like '/catalog/temp/' but needs to be 'temp/' or something like that in your case. Hth, Matt
  6. ecartz

    NEW PAYPAL

    If that's the case, then I'd actually recommend passing an ID that corresponds to the contents through to PayPal. Then processing the IPN to match the payment to the cart contents and create the order.The problem is that each customer only has one cart. Using your method, they would not be able to order again until the IPN comes through. Also, one would have to change the current cart code to prevent changing the cart in the meantime (after sending for payment processing but before order confirmation from the processor -- PayPal in this case). The way it works now, while in the cart, the order can be changed at any time. Once it is moved from the cart to the orders database, the order is fixed. Thus preventing someone for paying for one cart and getting another delivered (e.g. I pay for a DVD and then change my order to hold 20 video cards; order shows paid). There is a system to check for crack attempts that might catch this if the cart ID (which is just the customer ID) were submitted, but if there is a long (i.e. more than a few seconds) interval between payment submittal and the notification (approved/declined), then this might block *legitimate* attempts to start a new order. This is undesirable because it angers customers. Also, this could end up with the same problem as happens with the default PayPal module: payment could be approved but the order could be rejected, which causes payment to arrive without any indication for what it is meant (i.e. the order contents is lost). Using the orders table solves this by creating a new order ID that only corresponds to this order. The change that may be made in the future (in the default osC) would be to create orders in a Payment Pending status *prior* to submittal to a gateway. This has nothing to do with saved carts, which are currently stored in the database for logged in users (and all customers log in prior to check out -- Purchase Without Account creates a dummy account for this purpose). An alternate solution would be to create a third set of tables which would hold the static information of the order but not be considered final until the order is placed. This would be created during the checkout process and be eliminated when payment is made. The advantage of this is that the orders table would only hold actual orders then. The disadvantage would be that it is essentially wasteful as it would hold the same info as the orders table. Cheers, Matt
  7. ecartz

    Virtual Mall 1.2 Support Thread

    The forum moderators have asked that we start new threads with each new version of the contribution. This helps avoid the 40 page threads of some older contributions. Thanks for posting the older thread link. It is useful for reference purposes. Cheers, Matt
  8. ecartz

    NEW PAYPAL

    The most secure way to access a payment method from osCommerce is to call via secure cURL. This encrypts the transaction. The gateway processes the info on its side and returns an authorization or a decline (possibly with reason). It does this inside the before_process function of the payment method, which is called from the checkout_process page. The checkout process page is called directly from the checkout_confirmation page. Now, PayPal doesn't support this. With PayPal, the process goes slightly differently. From the checkout_confirmation page, the store will post info to PayPal. The customer will verify the info and add new info as necessary. When completed, the customer will use Auto-Return to return to the checkout_process.php page. In that page, the before_process function will check for the transaction authorization (the IPN). If it gets it, it should add the order to the database. If not, then there is a problem. I think that Greg's contribution adds the order to the database anyway, but that is not really correct for how osC works at the moment (although it is consistent with what the check/money order module does--i.e. payment comes after processing). For example, one could spoof this to allow a download of a virtual product without paying. The problem is that currently osC assumes that the payment has been authorized before creating the order. In your paradigm, it needs to create the order and then call PayPal. Unfortunately, that is *not* how osC currently works. It cannot create the order first, as order creation is dependent on payment authorization. AFAIK, this isn't scheduled to be changed until version 3.0 (it's not on the 2.2 workboard). To get back to Greg's question, to work with osCommerce, we need to have the customer auto-return to the site after making their payment. We also need to be able to check for an authorization in the before_process function. Thus, the IPN would have to be available by then. Essentially, the authorization or decline would have to be made at the time of the auto-return (it is checked a trivial amount of time after). If not, then nothing has changed. PayPal still doesn't feed back a usable response to osCommerce. The store owner needs to generate orders based on the PayPal receipts rather than the osCommerce system (otherwise people could order without paying). Hth, Matt
  9. ecartz

    Dont mean to start a new topic

    Your baseref is getting set incorrectly. I.e. it is showing as https://edenmicro.net/store/ instead of http://edenmicro.net/store/ That is why your images and stylesheet are not showing up. Btw, your COOKIE_DOMAIN settings should not have the http:// in them, just the domain names. Hth, Matt
  10. ecartz

    PayPal IPN no longer needed......

    It's a problem with sites that POST to and from in general. The problem is that there isn't a good general way of checking that your response is coming from the site that is supposed to be sending it. The site is supposed to provide some verification method in the before_process function (for example, you could check the HTTP_REFERRER or look for a special response code), but this would be on a per module basis. The only real fix is to not POST back and forth. It would be better for the gateway to implement some kind of secure connection method where the customer does not have any chance to intervene. When this is done, you know that an authorization is valid, because you made the connection to the gateway and it responded on the same connection. The POST methods use a connection opened from the other end, which is spoofable. It's also worth noting that the system does work. You just can't trust the results of the osCommerce order system. You need to start with the payment and work forward to the order system (ignoring orders without payment) rather than the other way around. Cheers, Matt
  11. This is what the zones module does. Hth, Matt
  12. ecartz

    Options as Images for MS2 By Mark Stephens

    At a guess, you are closing the switch statement early with Mark's changes. When integrating with the Option Type Feature, you need to be careful to keep all the changes in a single case. Any new { need to be matched with a } and vice versa. Hth, Matt
  13. There is a max file size setting for PHP. The actual name is posted earlier in this thread. Hth, Matt
  14. Karsten, Try INSERT INTO `configuration` ( `configuration_title` , `configuration_key` , `configuration_value` , `configuration_description` , `configuration_group_id` , `sort_order` , `last_modified` , `date_added` , `use_function` , `set_function` ) VALUES ( 'Product option type Select', 'PRODUCTS_OPTIONS_TYPE_SELECT', '0', 'The number representing the Select type of product option.', 0, NULL , now( ) , now( ) , NULL , NULL ) instead. also remove 'configuration_id' and the associated number in VALUES for the other lines as well. Hth, Matt
  15. ecartz

    Master Products - MS2

    Mike, around lines 20-4 of includes/modules/new_products.php, try changing if ( (!isset($new_products_category_id)) || ($new_products_category_id == '0') ) { $new_products_query = tep_db_query("select p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id where products_status = '1' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); } else { $new_products_query = tep_db_query("select distinct p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c, " . TABLE_CATEGORIES . " c where p.products_id = p2c.products_id and p2c.categories_id = c.categories_id and c.parent_id = '" . (int)$new_products_category_id . "' and p.products_status = '1' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); } to if ( (!isset($new_products_category_id)) || ($new_products_category_id == '0') ) { $new_products_query = tep_db_query("select p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id where products_status = '1' and p.products_master_status = '0' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); } else { $new_products_query = tep_db_query("select distinct p.products_id, p.products_image, p.products_tax_class_id, if(s.status, s.specials_new_products_price, p.products_price) as products_price from " . TABLE_PRODUCTS . " p left join " . TABLE_SPECIALS . " s on p.products_id = s.products_id, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c, " . TABLE_CATEGORIES . " c where p.products_id = p2c.products_id and p2c.categories_id = c.categories_id and c.parent_id = '" . (int)$new_products_category_id . "' and p.products_status = '1' and p.products_master_status = '0' order by p.products_date_added desc limit " . MAX_DISPLAY_NEW_PRODUCTS); } this should make only non-master products display IIRC. Hth, Matt
  16. Following my instructions apparently... $products_name .= '<br>' . tep_image(DIR_WS_UPLOADS . $products[$i][$option]['products_options_values_name'], $products[$i][$option]['products_options_values_name'], 5, 5) . '<br>'; I remember thinking that it would need DIR_WS_UPLOADS there, but apparently I forgot to actually write it that way. Sorry, Matt
  17. Try $products_name .= '<br>' . tep_image($products[$i][$option]['products_options_values_name'], $products[$i][$option]['products_options_values_name'], 5, 5) . '<br>'; Hth, Matt
  18. I prefer the built in directory protection of the web server. With Apache, you do this with htpasswd files. There is a discussion of the mechanics in the Tips & Tricks forum. I have also used the Admin Access w/ Levels contribution in cases where directory protection was too simplistic. Hth, Matt
  19. I would try changing $products_options_file->set_filename("$insert_id" . $products_options_file->filename); to $products_options_file->set_filename("$insert_id" . '. ' . $products_options_file->filename); If that doesn't work, try changing both $real_ids[TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i]] = $insert_id . ". " . $products_options_file->filename; $products_options_file->set_filename("$insert_id" . $products_options_file->filename); to $real_ids[TEXT_PREFIX . $HTTP_POST_VARS[UPLOAD_PREFIX . $i]] = "$insert_id" . '.' . $products_options_file->filename; $products_options_file->set_filename("$insert_id" . '.' . $products_options_file->filename); Hth, Matt
  20. ecartz

    NEW PAYPAL

    It looks to me like changing the process_button function in includes/modules/payment/paypal.php to look like the following would work: function process_button() { global $order, $currencies, $currency, $customer_id, $billto; if (MODULE_PAYMENT_PAYPAL_CURRENCY == 'Selected Currency') { $my_currency = $currency; } else { $my_currency = substr(MODULE_PAYMENT_PAYPAL_CURRENCY, 5); } if (!in_array($my_currency, array('CAD', 'EUR', 'GBP', 'JPY', 'USD'))) { $my_currency = 'USD'; } $billing_info_query = tep_db_query("select ab.entry_firstname, ab.entry_lastname, ab.entry_street_address, ab.entry_suburb, ab.entry_postcode, ab.entry_city, co.countries_iso_code_2, z.zone_code, c.customers_email, c.customers_telephone from " . TABLE_ADDRESS_BOOK . " ab, " . TABLE_COUNTRIES . " co, " . TABLE_ZONES . " z, " . TABLE_CUSTOMERS . " c where ab.address_book_id = '" . (int)$billto . "' and ab.customers_id = '" . (int)$customer_id . "' and ab.entry_country_id = co.countries_id and ab.entry_zone_id = z.zones_id and c.customers_id = '" . (int)$customer_id . "'"); $billing_info = tep_db_fetch_array($billing_info_query); $telephone = preg_replace('/\D/', '', $billing_info['customers_telephone']); $process_button_string = tep_draw_hidden_field('cmd', '_ext-enter') . tep_draw_hidden_field('redirect_cmd', '_xclick') . tep_draw_hidden_field('business', MODULE_PAYMENT_PAYPAL_ID) . tep_draw_hidden_field('item_name', STORE_NAME) . tep_draw_hidden_field('amount', number_format(($order->info['total'] - $order->info['shipping_cost']) * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('shipping', number_format($order->info['shipping_cost'] * $currencies->get_value($my_currency), $currencies->get_decimal_places($my_currency))) . tep_draw_hidden_field('currency_code', $my_currency) . tep_draw_hidden_field('first_name', $billing_info['entry_firstname']) . tep_draw_hidden_field('last_name', $billing_info['entry_lastname']) . tep_draw_hidden_field('address1', $billing_info['entry_street_address']) . tep_draw_hidden_field('address2', $billing_info['entry_suburb']) . tep_draw_hidden_field('city', $billing_info['entry_city']) . tep_draw_hidden_field('state', $billing_info['zone_code']) . tep_draw_hidden_field('zip', $billing_info['entry_postcode']) . tep_draw_hidden_field('lc', $billing_info['countries_iso_code_2']) . tep_draw_hidden_field('email', $billing_info['customers_email_address']) . tep_draw_hidden_field('night_phone_a', substr($telephone, 0, 3)); tep_draw_hidden_field('night_phone_b', substr($telephone, 3, 3)); tep_draw_hidden_field('night_phone_c', substr($telephone, 6, 4)); tep_draw_hidden_field('day_phone_a', substr($telephone, 0, 3)); tep_draw_hidden_field('day_phone_b', substr($telephone, 3, 3)); tep_draw_hidden_field('day_phone_c', substr($telephone, 6, 4)); tep_draw_hidden_field('return', tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL')) . tep_draw_hidden_field('cancel_return', tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL')); return $process_button_string; } I haven't tested it though. Use at your own risk. You may want to leave off the telephone lines, as osCommerce doesn't have an exact equivalent to the PayPal choices. Hth, Matt
  21. What do the changes in includes/application_top.php look like in your store? You basically need to change the filename to match the attribute value (it is actually looking for "12. image.ext" rather than the original image.ext name). You should be able to set them to match in includes/application_top.php. The only thing that might concern me is the space between 12. and image.ext. Some filesystems can be goofy about spaces. Hth, Matt
  22. You would make the changes in the .htaccess file in images/upload (to allow images to be viewed), the shopping_cart.php file (to display the image), and possibly includes/application_top.php (you need to save the extension so the browser knows how to display the image). Make sure that you have the includes/classes/upload.php file set to restrict uploads to image extensions as well. Wouldn't want someone to access a PHP file that they uploaded. Hth, Matt
  23. ecartz

    easy populate parse problem..

    'v_froogle_currency' => $iii++, )); should be 'v_froogle_currency' => $iii++ )); Hth, Matt
  24. ecartz

    Easy Populate Question

    No, you can't. Easy Populate uses the products_model to determine which product you are currently uploading. Duplicate products_model values will cause the later products to overwrite the earlier ones. You may want to look into adding a meaningless string to all your part numbers, i.e. something like -0 for unique products, -1 for the second occurrence, etc. Another alternative would be to rewrite EasyPopulate, but you will probably find it easier to add the string unless you are relatively proficient with PHP/MySQL (or hire someone who is). If you do decide to modify EP, I would suggest adding more category fields (to add the second category path) rather than trying to make the products_model field non-unique. Hth, Matt
  25. This is usually a sign that the mail server isn't configured to send email from your store, just to your email address. Adding one of the following commands to the top of includes/classes/email.php may help: ini_set('sendmail_from', STORE_OWNER_EMAIL_ADDRESS); ini_set('sendmail_path', '/usr/bin/sendmail -t -i -f ' . STORE_OWNER_EMAIL_ADDRESS); Otherwise, check with your host to see if they can find a way to do this. Hth, Matt
×