Jump to content

Anna

Members
  • Content count

    88
  • Joined

  • Last visited

1 Follower

Profile Information

  1. Anna

    Automatically send data feed to Froogle

    Update: I tried utf8_encode & that sorted out the "?"s, but some products appeared in Google Base with undefined characters that I think were originally long "em" dashes. So there's more to do, and I'm really not going to come back to this for a while. Happy weekend folks! anNA
  2. Anna

    Automatically send data feed to Froogle

    It seems we can upload our Froogle feed as usual and now products go into Google Base as well as Froogle. .....BUT.... it seems the Froogle file is being processed by the MUCH fussier Google Base upload/server. I was getting 100% success on Froogle feeds, but that instantly dropped to about 50% after the changeover. The errors are all "An invalid encoding was specified for the bulk upload file", which the Help elaborates as "Your bulk upload contains an invalid UTF-8 character.". Most of the failed items contained a "?" in the description. As an experiment I converted them to "GBP " and they uploaded successfully. Unfortunately this still leaves odd characters that cause errors. I think the real solution is to use something like utf8_encode, iconv, recode or mbstring in the code, but I don't know which yet (and probably won't have time to get back to this for a while). Hope this enlightens others wondering why their feeds are now erroring. aNNa
  3. Anna

    Official PayPal IPN Support Thread

    Do you get the same problem with encryption switched offF?
  4. Anna

    Official PayPal IPN Support Thread

    (Re: PayPal IPN Address Change During Checkout, Not updating Order & http://www.oscommerce.com/community/bugs,2498 ) Great news thanks. :) I'm less sure when it comes to the billing address as I don't use checkout_payment.php, so my untested suggestion would be to add $cart->cartID = $cart->generate_cart_id(); $cartID = $cart->cartID; at line 37 i.e. just after the "// avoid hack attempts" block. I hope these changes don't affect the hack detection, which I've yet to check, but frankly it's more important to me that the correct addresses get saved! anNa
  5. Anna

    Official PayPal IPN Support Thread

    Hi Applauz I hope you weren't reading my code as a solution for your $0 problem - which I'm sorry I have no idea about - as my code was in reply to the earlier post I quoted! annA
  6. Anna

    Official PayPal IPN Support Thread

    Hiya, I've hit this too and seem to have fixed it. I have messed hugely with my checkout code so unfortunately can't guarantee this'll work for others, but for what it's worth: add $cart->cartID = $cart->generate_cart_id(); into checkout_shipping.php at about line 47: if (!tep_session_is_registered('cartID')) tep_session_register('cartID'); $cart->cartID = $cart->generate_cart_id(); //<- this is the new line $cartID = $cart->cartID; Please do & backup & test it well! Let me know if it works & I'll update the bug report. The problem also affects the billing address so I'm going to see if the same approach will solve that too. annA
  7. Anna

    Official PayPal IPN Support Thread

    Hi Andy (& anyone else interested!) Here's a quick fix to hide from shoppers their orders that are currently "Preparing" status. Store admin is completely unchanged. It does rely on "Set Preparing Order Status" having been set to a distinctive value e.g. "Preparing [PayPal IPN]" in the Store Admin's Payment Modules - Paypal IPN section. I have NOT checked to see what would happen if this was, for example, 'default' account.php about line 97: Replace $orders_query = tep_db_query("select o.orders_id, o.date_purchased, o.delivery_name, o.delivery_country, o.billing_name, o.billing_country, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id desc limit 3"); with $orders_query = tep_db_query("select o.orders_id, o.date_purchased, o.delivery_name, o.delivery_country, o.billing_name, o.billing_country, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_status != '" . MODULE_PAYMENT_PAYPAL_IPN_PREPARE_ORDER_STATUS_ID . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id desc limit 3"); account_history.php about line 65: Replace $history_query_raw = "select o.orders_id, o.date_purchased, o.delivery_name, o.billing_name, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id DESC"; with $history_query_raw = "select o.orders_id, o.date_purchased, o.delivery_name, o.billing_name, ot.text as order_total, s.orders_status_name from " . TABLE_ORDERS . " o, " . TABLE_ORDERS_TOTAL . " ot, " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$customer_id . "' and o.orders_status != '" . MODULE_PAYMENT_PAYPAL_IPN_PREPARE_ORDER_STATUS_ID . "' and o.orders_id = ot.orders_id and ot.class = 'ot_total' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' order by orders_id DESC"; (I added and o.orders_status != '" . MODULE_PAYMENT_PAYPAL_IPN_PREPARE_ORDER_STATUS_ID . "' to each file's database order query.) Warning! IF a shopper's only orders are (all) preparing status AND they look at account_history.php, they may see something like "Result Pages: -4 -3 -2 -1 0". I think this is because tep_count_customer_orders probably won't exclude orders with preparing status. I don't want to look at the implications of changing tep_count_customer_orders right now. For now, I'd rather show "Result Pages: -4 -3 -2 -1 0" than the "Preparing" orders. Hope that helps! Anna
  8. Anna

    Official PayPal IPN Support Thread

    Andy, I agree. I'm interested if anyone has any reasons that shoppers should be able to see orders with this status? Anna
  9. Anna

    Official PayPal IPN Support Thread

    Hello all, IF your unencrypted calls to Paypal work, but encrypted ones don't AND at checkout_confirmation.php you view page source and see that the hidden field called encrypted is empty AND you have safe_mode on, then read on.... The rest of the store was fine & live since last year. I've just added osCommerce-PayPal_IPN-v1.1 and have been testing in the Sandbox. Unencrypted calls went fine (great contribution & easy to install!), but encrypted calls to Paypal were not working as field 'encrypted' was empty. I looked at function process_button in includes/modules/payment/paypal_ipn.php and determined that line 355: if (function_exists('openssl_pkcs7_sign') && function_exists('openssl_pkcs7_encrypt')) was not true for us (if it's true for you then you have a different problem sorry!) so instead of the openssl_pkcs7_... calls it was doing the execs at lines 382 & 385. Except that they were not creating the signed and encrypted files which they should have. Well there's problems with exec & spaces with safe mode on (see the 2nd Warning in the PHP Manual (exec) that seems to mean that exec commands using redirects ("<" & ">"), among other things, will not work as expected. (The openssl commands worked fine at the linux command line.) Sure enough, just switching safe mode off for the site worked for us.:thumbsup: (If you're on a shared server this has security implications.) It would be great if this bit were coded in a way that did not rely on safe mode = off, but having spent too long hunting this down I'm off to tackle my next bit of work. I hope this helps anyone else hitting the same issue. All the best Anna (using osCommerce-PayPal_IPN-v1.1 and PHP 4.3.4)
  10. Anna

    Official PayPal IPN Support Thread

    :blush: Please excuse my brain-death above - I just couldn't see the tep_db_input in tep_db_perform. Not so bad after all!
  11. Anna

    Official PayPal IPN Support Thread

    Hi I believe I see a security vulnerability in osCommerce-PayPal_IPN-v1.1/catalog/ext/modules/payment/paypal_ipn/ipn.php POSTED variables are inserted in the database (via $comment_status) at line 147 without having gone through tep_db_prepare_input or tep_sanitize_string. I know these should be safe from Paypal (equally unprotected insert at line 111), but the insert at line 147 is specifically for invalid IPNs - therefore any not originating from Paypal would be processed here. Please tell me I'm wrong as this looks pretty easy to exploit... Anna
  12. Anna

    Worldpay Secure Payment Page

    Hi Jane I can't provide files as my designs were custom, but here's some tips: Change the easy stuff in the WorldPay Payment Page editor - font sizes, colours etc. Saves you having to get into the properties files or use any html. If I remember correctly it's pretty easy to replace button images too. Don't try to do all the files at once. You'll go a long way towards customising it if you start with just header.html & footer.html. Download the default header.html & footer.html from WorldPay. Look at your own site in a browser and 'view source' to get the html. Identify the header and footer parts of your shop's html and start modifying header.html & footer.html to match. Don't forget that any tables etc you open in the header will have to be closed either there or in the footer. You'll need to know some html, but you can start easy by replacing say the worlpay logo with your own. Upload in the worldpay file manager any images your design needs and make the image tags refer to the uploaded images e.g. <img src="/i/123456/mylogo.jpg"> where 123456 is your installation id. If your store has the default 3-column oscommerce layout then you'll have a bit of work reproducing that unless you're very patient with html! My advice is don't sweat the difficult stuff - change the easier stuff to match your store and people might not notice the difference! Sometimes I found that changes I uploaded went 'live' immediately and sometimes they took a long time. When the latter happens use the Payment Page Editor test transaction facility to see the results of new files. Use their backup screen to save your files whenever you get a result you like the look of. That way you always have something to fall back to. Sorry I can't give you files but then you wouldn't want your payment pages to look like the stores I customised! Hope that helped Anna
  13. Anna

    Worldpay support III

    Hi Joanna, I have completely reworked my callback script BUT something like this might work for adding the WorldPay transaction ID into admin. SO BACK UP FIRST, and if any of this doesn't match what you have then revert to your backup and apologies for wasting your time! I hope you're comfortable with php because I may have made a few mistakes here & there. This gets the ID into the admin order lists (default order.php display). If it works for you then it won't be much effort to add the ID into the order detail page, invoice etc. I'm afraid I don't have much time to spend on this board so don't count on any support of this. I'm providing this as a hint rather than a solution! anna 1. In mysql: alter table orders add `worldpay_transId` int(16) unsigned default NULL; 2. In catalog/wpcallback.php approx line 74: replace $url = tep_href_link(FILENAME_CHECKOUT_PROCESS, $cartId, 'NONSSL', false); with $worldpay_transId = (int) $_POST['transId']; $url = tep_href_link(FILENAME_CHECKOUT_PROCESS, $cartId.'&trans='.$worldpay_transId, 'NONSSL', false); as WorldPay should POST the transId to the callback and you need to send it on to checkout_process.php 3. In catalog/checkout_process.php approx line 95: In the line before: tep_db_perform(TABLE_ORDERS, $sql_data_array); that ends 'currency_value' => $order->info['currency_value']); change the end from 'currency_value' => $order->info['currency_value']); to 'currency_value' => $order->info['currency_value'], 'worldpay_transId' => (int) $_GET['trans']); to get it into the database. 4. In admin/orders.php approx line 350 After <td class="dataTableHeadingContent" align="right"><?php echo TABLE_HEADING_STATUS; ?></td> add <td class="dataTableHeadingContent" align="right">Worldpay ID</td> to give a heading. Note this doesn't use the language file - I was lazy as I don't have any call for multi-language admin. 5. Still in admin/orders.php 3 lines follow soon after and they all start with $orders_query_raw. Add o.worldpay_transID into the sql as below: Change $orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by orders_id DESC"; to $orders_query_raw = "select o.orders_id, o.customers_name, o.customers_id, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, o.worldpay_transID, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.customers_id = '" . (int)$cID . "' and o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by orders_id DESC"; then change $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC"; to $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, o.worldpay_transID, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and s.orders_status_id = '" . (int)$status . "' and ot.class = 'ot_total' order by o.orders_id DESC"; and change $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC"; to $orders_query_raw = "select o.orders_id, o.customers_name, o.payment_method, o.date_purchased, o.last_modified, o.currency, o.currency_value, o.worldpay_transID, s.orders_status_name, ot.text as order_total from " . TABLE_ORDERS . " o left join " . TABLE_ORDERS_TOTAL . " ot on (o.orders_id = ot.orders_id), " . TABLE_ORDERS_STATUS . " s where o.orders_status = s.orders_status_id and s.language_id = '" . (int)$languages_id . "' and ot.class = 'ot_total' order by o.orders_id DESC"; all to retrieve it from the db 6. Still in admin/orders.php approx line 379 after <td class="dataTableContent" align="right"><?php echo $orders['orders_status_name']; ?></td> add <td class="dataTableContent" align="right"><?php echo $orders['worldpay_transID']; ?></td> to display it. good luck!
  14. Hi Susan, I don't know if there's a "quick" way! :( I think you're in the same boat as me as I posted the message below nearly a month ago but got no replies. Function calculate_credit in includes/modules/order_total/ot_coupon.php checks a whole load of things such as minimum order amount, restrict to products and restrict to categories, but I don't find any mechanism for displaying a message if any of those checks fail. As I wrote before, I don't want to change that code as it seems to be called from all over the place. I'd really appreciate a reply from someone who's more familiar with this stuff, especially as it now looks like I'm not the only one! Anna
  15. Hi Rick, I think it's set in the session by the order_total class pre_confirmation_check() at checkout_confirmation.php but, once again, I have heavily modified the store code. I hope that clue helps! Good luck! Anna
×