Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Kagonesti

Pioneers
  • Posts

    13
  • Joined

  • Last visited

Everything posted by Kagonesti

  1. Does anyone know if this code is safe from exploits and hacking attempts? I've been running it for years and it seems to be fine, but I worry as it is very old code.
  2. Did anyone get anything working for this? I've been doing all my labels manually since January.
  3. Same problem here too. Anxiously hoping someone will post an update. I'm guessing it will change again this weekend when they add and remove some services for shipping to the US. It sucks having to enter everything manually. =)
  4. The last issue i had with the blank entries - I fixed it with a script to force populate all the fields that were blank automatically. Seems to have done the trick. Im curious though . I checked my who's online and i have bingbots and googlebots that show something like: /main/product_info.php/fr/myproduct-in-french-p-11451?language=fr&name=My2520Product2520in25202520french is this normal behaviour? I'm also getting english links like this in my whos online, /main/product_info.php/my-english-product-p-4919?name=my252C2520english25202528product2529 Thanks.
  5. I've been using the USU contrib for awhile now. I think I may have discovered a glitch in the multi-language contribution - rather an exception that is not caught that can cause serious effects. When the second language has a blank products_name (say a mistake was made on entering the product in admin), the category will not load, and the product info page also spits out a non-valid url. Unless there is a workaround im unaware of, i think the best way would be perhaps to check in page_modules/product_info.php if the products_name doesnt exisit - do a second query with the default language. I havent got this working yet though - my sql programming skills are still improving =) I did get something simular working in /catalog/product_info.php to display the default language to the user, when their language doesnt exist. I could, of course, just check every item in my database - but that would take quite awhile. Also, it wouldnt stop further bad entries made in admin, unless i change admin/categories.php to force it to populate the second language in the sql. Thanks again for the contrib!
  6. Just started using this contrib. Had to do a fair bit of modifications to make things work on a heavily modified store - I dont weigh every product, or supply dims to them, because i have over ten thousand products. I just flat rate based on a 5lb box. Also, perhaps im alone here, but I had some issues with Tax - where it was adding tax to the quote, and then taxing it on the final page. Had to hack in a way to remove the tax before displaying the quote to the customer. Still - so far, only got the customer side (quotes) working, and not label printing yet, as that's going to require a lot of work. I'd love to see the mod Natrium has - where each order is shipped separately, rather than the batch processing in the export_eshipper offers, because I am also offering other shipping options that will conflict, and i'd like to see what my options are - after plugging in real dimensions and weight (instead of trying to hack it in). Has anyone developed a mod for this which will allow each order to be shipped separately with dims/weight? I'd expect more renewed interest in this mod with the Canada Post Strike. Also, I was told eshipper will support Canada Post again by the end of Q3. lets see if it happens.
  7. I have discovered my own answer about the plus sign. the answer is to use rawurldecode in place of urldecode. It allows for the plus sign, but has no other obvious issues. Now, my question is, we're still disallowing the most dangerous symbols as ' " ; \ - Yet, there has to be some way of allowing these with little danger, otherwise forums like this one wouldn't allow them. My answer of using the dots is not a good one. what happens when Mr. O'Neil puts in his name to order a product? Maybe he'll think he just mistyped his own name.. haha. Although, I'm not sure how to do it, couldn't the user input be done similar to the password field, using hex characters? I'm still leery about installing this mod on my main site, because of its harsh filtering. Also, I'll need to make it work with oscAffiliate, which has its own signup page and password fields (I'll need to re-create the wheel on that one, I'm sure.)
  8. Thanks for such a great contribution. I've got it running on my development site, and am nearly ready to port it over. Is there a way to allow a + sign? I could see this as important in the comments sections and sort. When I add it, it doesn't seem to work for me, yet when i add other symbols, they work perfectly fine. $vars = preg_replace("/[\*]/i", "\*.", urldecode($vars)); $vars = preg_replace("/[%]/i", "%.", urldecode($vars)); $vars = preg_replace("/[&]/i", "&.", urldecode($vars)); $vars = preg_replace("/[\$]/i", "\$.", urldecode($vars)); $vars = preg_replace("/\+/i", "\+.", urldecode($vars)); return preg_replace("/[^\p{L}\p{M}\w\r\/@ :{}!%&\+\*\$\,#_.-]/i", "", urldecode($vars)); I realize the more i add, the more I leave myself open. I did a couple preg_replace's to add a dot before some of the symbols that could be riskier - i know the code isn't clean, but i'm a novice at preg_replace. Of course, it doesn't seem to make a difference without the first lines, in regards to the + sign. Thanks for your help.
  9. Perfect.. and it looks like it is enabled. I'll keep poking at it, and see what I can come up with. That is, unless you have any other ideas =). Thanks! I also found in the osc admin panel, the TOOLS menu also shows this now. The things you learn.. =) PHP Version 5.2.9 cURL support enabled cURL Information libcurl/7.19.4 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
  10. One thing I discovered, although it might be different in the US (I'm in Canada too) is that Elavon does not have CVV2 turned on by default. You need to contact them on that, if you want that feature. You get a response for CVV on default however - but you should still get the AVS reposnse code. As for why it is redirecting to checkout_process - that seems strange: did you add your account information to that php file? Did you log into virtual merchant and set your site listed in the https referrers?
  11. I'm not sure... How would I find out? I didn't see anything regarding this in cpanel. Thank-you, your help is appreciated.
  12. Great Mod, I've got it installed and working with a few tweaks for my own use. Firstly, I haven't yet contributed any mods here, but I think the chargeit.php should include this for the state lookup (as I am in Canada, and Elavon also operates here.) else if ($cState == 'Alberta') $stateCode = 'AB'; else if ($cState == 'British Columbia') $stateCode = 'BC'; else if ($cState == 'Manitoba') $stateCode = 'MB'; else if ($cState == 'New Brunswick') $stateCode = 'NB'; else if ($cState == 'Newfoundland') $stateCode = 'NL'; else if ($cState == 'Northwest Territories') $stateCode = 'NT'; else if ($cState == 'Nova Scotia') $stateCode = 'NS'; else if ($cState == 'Nunavut') $stateCode = 'NU'; else if ($cState == 'Ontario') $stateCode = 'ON'; else if ($cState == 'Prince Edward Island') $stateCode = 'PE'; else if ($cState == 'Quebec') $stateCode = 'QC'; else if ($cState == 'Saskatchewan') $stateCode = 'SK'; else if ($cState == 'Yukon Territory') $stateCode = 'YT'; Secondly, as I am just learning PHP (My coding skills are all in other languages), I'd like to offer an idea for an improvement. Elavon charges Authorization fees for all attempts made, even if they fail. Comparing their last attempt to their new attempt for a duplicate could save some money in the end. Still, a great mod, and it is much appreciated.
  13. Thanks for the great Mod. I'm not sure If the issue has to do with the Canada Post change recently, but this is the error I'm receiving (this is WITH the new #2 mod above): Warning: curl_setopt() [function.curl-setopt]: CURLOPT_FOLLOWLOCATION cannot be activated when in safe_mode or an open_basedir is set in /home/xxxx/public_html/xxxx/admin/ship_canadapost.php on line 613 Step 1. Initialized. Step 2. Error: Failed check in /home/xxxx/public_html/xxxx/admin/ship_canadapost.php at line 651. This most likely means that Canada Post has changed their user interface. You need to update your Canada Post Automatic Shipping Labels module. The warning message makes me wonder if I am missing something. Ideas? Thanks.
×
×
  • Create New...