Jump to content


  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by ecartz

  1. ecartz

    Attribute Addon

    Have you tried installing osC 3 to see if the variations system supported what you need? I ask because porting the variations system to Phoenix seems like something that is both feasible and generally desirable. Not trivial, but possible.
  2. The problem is not that it needs to be updated with every increment. The problem is that the current version of this module requires a core change (to admin/modules.php ). So every time that the modules.php file gets updated, it wipes out the core change which then needs to be reapplied. This could be fixed by adding a hook file or database defined hook to replace the core change. The hook point was added in this commit. But no one has updated the package with that. @greasemonkey uses that hookpoint for another module requiring the same change. Someone could also modify the module to use the standard form: https://github.com/gburton/CE-Phoenix/blob/master/admin/modules.php#L40..L42. That might avoid the need for a hook. But again, no one has updated the module to to do that.
  3. You might try clearing the cache and cookies in your browser. Sometimes using an entirely different browser (e.g. Microsoft Edge instead of Chrome or vice versa) helps. Or a browser on a different computer. If you have a second RewriteEngine On line in your .htaccess, you might try deleting the second one. if you have a .htpasswd_oscommerce file in your admin directory, you might download and back it up, then delete it on the server. Then try logging in again. Make a backup of your database in general and then (separately) the administrators table in something like phpMyAdmin. Then truncate (empty) the administrators table and see if it lets you create a new administrator account. If it doesn't, restore the administrators table from your backup (which is why you back it up separately). If you can view error logs on your server, you might go look in them to see if they show any errors.
  4. https://apps.oscommerce.com/Gqql6&store-pickup-shipping-module
  5. If you make the password confirmation not required, then what does it do? I.e. if you want it not to be required, the simplest thing would be to turn it off. If you want to change the behavior, duplicate cd_password_confirmation.php as something like cd_password_confirmation_pwa.php (both module and language files) and edit it. Don't forget to change the class name (to match the new file name) and the CONFIG_KEY_BASE to be something unique. And of course change the constants to match. Where? Note that $customer_details will only exist after process is run and only if it finishes successfully. So perhaps in $OSCOM_Hooks->call('siteWide', 'injectFormVerify'); and certainly in $OSCOM_Hooks->call('siteWide', 'postAccountCreation'); $OSCOM_Hooks->call('siteWide', 'postLogin'); at least on the create_account page.
  6. is available on GitHub for those who want to do a fresh install (as opposed to an upgrade). 

  7. ecartz

    Htaccess not blocking private IP addresses?

    It should tell you your Apache version on admin > Tools > Server Info page, under HTTP Server.
  8. You're bebopping along the internet. You find an HTTP link to a site. But you want HTTPS, what do you do? The typical response is going to be to find another site. Because the typical user won't think to add an s to the http in the URL to see if it works. Particularly as browsers often hide the protocol, just showing a lock or not. There are far more users who you will lose from search engine rankings or simple browsing than by not having an up-to-date browser. Elderly browsers mostly appear in intranets with no internet access. And beyond that, this would be a core change. Each time the html_output.php file is updated, you'd have to reapply it.
  9. ecartz

    Htaccess not blocking private IP addresses?

    deny from would match all 10. addresses and not match anything that does not start with a 10. The /8 is how many bits from the beginning to mask. There are eight bits in each group (thirty-two total in the four groups of numbers). So the /8 says just look at the first number. would have at least worked against addresses that started with 10.179. But would only match through Some other things to consider. What version of Apache? If 2.4 or later, do you have mod_access_compat installed? Is AllowOverride and AllowOverrideList set in a way that allows you to use mod_access from a .htaccess file? This isn't really an osCommerce question. You might get better help either from your host or from an Apache forum.
  10. ecartz

    Incorrect link on order update

    What page do you use to add a comment to the order? Have you looked for FILENAME_ACCOUNT_HISTORY_INFO on that page? Have you looked in the language file? Here it is for Phoenix: $email = STORE_NAME . "\n" . EMAIL_SEPARATOR . "\n" . EMAIL_TEXT_ORDER_NUMBER . ' ' . $oID . "\n" . EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link('account_history_info.php', 'order_id=' . $oID, 'SSL') . "\n" . EMAIL_TEXT_DATE_ORDERED . ' ' . tep_date_long($check_status['date_purchased']) . "\n\n" . $notify_comments . sprintf(EMAIL_TEXT_STATUS_UPDATE, $orders_status_array[$status]); It might be in a similar place or somewhere different for you.
  11. That wasn't the reason. Traditionally it was more expensive to serve HTTPS pages (in terms of server resources). So servers were configured to avoid it. Also, shared hosting would often share the SSL across sites. So the HTTPS_SERVER might have been a different domain than the HTTP_SERVER. Now the standard is to make the whole site HTTPS, but osCommerce still has the original configuration. Eliminating that is on the list of things to do for Phoenix, but I'm not working on it yet. Setting the HTTP_SERVER to match the HTTPS_SERVER is the near term workaround. I don't know of any client circumstance where HTTP works but HTTPS does not. Client browsers can all handle HTTPS as far as I know. And if one couldn't, the user would not be able to register, log in, or check out. Because all of those tasks require HTTPS_SERVER. So unless you are willing to make the whole site http, you can't support an "https-impaired" user anyway.
  12. ecartz

    Incorrect link on order update

    What version of osCommerce? What page are you on? The two main possibilities would be the page itself and the language file for the page.
  13. ecartz


    There is. A product or any product. Or (different newsletter) all newsletter subscribers or mail all customers or a single customer.
  14. $GLOBALS['customer_data']->get('password', $GLOBALS['customer_details']) $GLOBALS['customer_data']->get('email_address', $GLOBALS['customer_details'])
  15. Which is why I'm suggesting setting a payment_completed flag on all of "shipped", "delivered", etc. But what I want to avoid is where each time we have a problem like this, we add another flag that means the same thing. We already have a download flag. And I bet that if people set it, it would exactly match what you want from your statistics flag. So I'd rather rename download to payment_completed and use it both for gating downloads and for determining what to show in revenue statistics. Another alternative would be to change how the status of the order is handled from a single monolithic status to a set of statuses. Payment status: preparing; processing; deferred; completed; rejected; etc. Ship status: waiting for payment; packing; waiting for pickup; shipped; delivered. Refund status, etc. And what if people don't want those to be affected the same way? What if they want those reports (which aren't total revenue) to include incomplete orders? Are we then going to make two more flags just for those? I would rather add a Show All/Show only payment completed to those. Then people could choose which way to show it. As a matter of general principle, we've been trying to get away from third party modules relying on core configuration to operate. So if there are third party modules that have the same problem, they should find their own solution. I would be willing to compromise that for a payment_completed flag that would be used internally. But a "Show in Statistics" flag? The module should figure that out on its own.
  16. I would rather have a "payment complete" flag. Otherwise we end up with a bewildering series of flags that everyone has to set to get the desired behavior. Even though the actual desired behavior is much simpler. If payment complete, allow download. If payment complete, show in revenue statistics. When transitioning from payment not complete to payment complete, generate a notification. Alternately, I was thinking that we might create configuration just for the dashboard module that allows people to set what statuses they want the module to include. That would be a much more limited change.
  17. ecartz

    Wishlist For Phoenix does not change how the tep_session functions work. But if you want to write them out, the code would look like if (!isset($_SESSION['wishList']) || !($wishList instanceof wishlist)) { $_SESSION['wishList'] = new wishlist(); $wishList =& $_SESSION['wishlist']; } But I don't think that has anything to do with the issue. Note that the part that prevents the add to cart action is if (isset($_POST['wishlist'])) { If that condition is true, then it redirects the page. If it is not true, it keeps going until it reaches the add to cart action. So there's really only two things that can be going wrong. One, that condition is not being set. Two, the redirect is failing in some fashion without showing an error. The first is far more likely and suggests some kind of browser issue. For example, Lee may be using a different browser than you. Or have different browser settings. Or perhaps some other issue unrelated to the browser. For example, if Lee is using Internet Explorer, perhaps you are hitting https://stackoverflow.com/a/1903505
  18. That's a bug in Please delete (around line 48 of admin/includes/application_top.php ) : require DIR_FS_CATALOG . 'includes/classes/hooks.php';
  19. You need to get the new hooks file. Also be sure that you are using the latest admin/includes/application_top.php and autoloader files. Gary hasn't posted the update instructions for in the Bootstrap forum yet. Until then, you might find it easier to update if you join the Phoenix Club.
  20. ecartz


    So which is it? It sometimes does not finish the order? Or it never finishes the order? If you didn't have the return URL set, you might also check to see if you have the IPN URL set. I don't remember offhand where that is set, but it's somewhere on the PayPal side. There are two ways to get notified of an order with the standard module. One way is the return URL. PayPal sends the customer back to finish the order. The other way is the IPN. That way PayPal sends your site a notification that the order has processed. Note that the PayPal App has multiple modules. Standard, Express, hosted, payflow, etc. They each operate differently.
  21. ecartz

    Adding hook?

    You should not echo a hook call in application_top. You shouldn't start echoing until after template_top.php has been included. You don't need the wishlist to be a session variable. Instead, only load what you actually need into the session. On most pages, you wouldn't have to read the wishlist at all. I'm not crazy about using application_top as the group there. It would make more sense to use your own group, like wishlist. But none of that is the question that you were asking. The most likely problem is that you are missing the group register. In this case, $OSCOM_Hooks->register('application_top'); You need to do that before you call. Immediately prior is fine.
  22. ecartz

    echo / print current products id

    (int)$_GET['products_id'] E.g. https://github.com/gburton/CE-Phoenix/blob/ad0026cd1bbc91043a0fac1117aed6a0f92bd6c2/product_info.php#L21 For security reasons, you should do a cast to int with both. So someone doesn't craft a special URL that allows them to do something malicious.
  23. If it's never set, then the first one or echo ' ' . TEXT_ADMIN . '&nbsp;' . tep_draw_pull_down_menu('ticket_admin', $ticket_admins, TICKET_DEFAULT_ADMIN_ID ) . "<br><br>"; would give the same effect.
  24. Probably echo ' ' . TEXT_ADMIN . '&nbsp;' . tep_draw_pull_down_menu('ticket_admin', $ticket_admins, ($ticket_last_used_admin ?? TICKET_DEFAULT_ADMIN_ID) ) . "<br><br>"; But it's possible that it would need to be something like echo ' ' . TEXT_ADMIN . '&nbsp;' . tep_draw_pull_down_menu('ticket_admin', $ticket_admins, (($ticket_last_used_admin ?? false) ?: TICKET_DEFAULT_ADMIN_ID) ) . "<br><br>"; It really depends how $ticket_last_used_admin is set.
  25. ecartz

    Autoloader question

    The catalog side has no dependencies on admin/includes/classes In admin, I think that you will find that uploads won't work. Also you may have problems with message stack messages, active rows, and the modules pages. Which one? The one that matters is the most recent one under includes/system/versioned (currently under ). Note that admin/includes/classes/shopping_cart.php was removed. But even before that, it would only affect things on the admin side. If you want a custom version for the catalog side, put it in includes/system/override The autoloader loads a fresh copy every time that a page is loaded. It has no caching between requests.