Latest News: (loading..)


  • Content count

  • Joined

  • Last visited

  • Days Won


cannuck1964 last won the day on September 3 2015

cannuck1964 had the most liked content!


About cannuck1964

  • Rank
    Contract Coder
  • Birthday 06/30/1964

Profile Information

  • Real Name
    Peter McGrath
  • Gender
  • Location
    Ontario, Canada
  • Interests
    osCommerce development, customization and related services. I provide code development not found here on the osCommerce site, implementing functionality built to meet your business needs. If you need contributions installed or modified, I have worked with osC for many years and understand the code very well.
  • Website
  • Skype
  1. Actually Jack the TLS1.2 requirement will be in 4 months (Sept 18, 2017).
  2. A a mistake I seen here: should have stated : For defining the shipping to type (commercial or residential) I have added a new field to the address_book table called address_type. The address book needs this as the customer may have multiple ship to addresses which means each address should be checked. Cheers Peter
  3. For defining the shipping to type (commercial or residential) I have added a new field to the customer table called address_type. On log in, this new field is made as a session, having the values : residential commercial empty (not set since customer has not added to the cart any items and checked out) the session variable $address_type is added to the shipping module function quote as a global. New code to add into the function quote is: if($address_type == ''){ $path_to_address_validation_wsdl = DIR_FS_CATALOG . DIR_WS_INCLUDES . "wsdl/AddressValidationService_v2.wsdl"; $av_client = new SoapClient($path_to_address_validation_wsdl, array('trace' => 1)); // Refer to for more information ini_set("soap.wsdl_cache_enabled", "0"); $residential_address = true; $address_validation = false; $av_request['WebAuthenticationDetail'] = array('UserCredential' => array('Key' => $this->fedex_key, 'Password' => $this->fedex_pwd)); $av_request['ClientDetail'] = array('AccountNumber' => $this->fedex_act_num, 'MeterNumber' => $this->fedex_meter_num); $av_request['TransactionDetail'] = array('CustomerTransactionId' => ' *** Address Validation Request v2 using PHP ***'); $av_request['Version'] = array('ServiceId' => 'aval', 'Major' => '2', 'Intermediate' => '0', 'Minor' => '0'); $av_request['RequestTimestamp'] = date('c'); $av_request['Options'] = array('CheckResidentialStatus' => 1, 'VerifyAddress' => 1, 'MaximumNumberOfMatches' => 10, 'StreetAccuracy' => 'MEDIUM', 'DirectionalAccuracy' => 'MEDIUM', 'CompanyNameAccuracy' => 'MEDIUM', 'ConvertToUpperCase' => 1, 'RecognizeAlternateCityNames' => 1, 'ReturnParsedElements' => 1); $av_request['AddressesToValidate'] = array( 0 => array( 'AddressId' => 'Customer Address', 'Address' => array( 'StreetLines' => array(utf8_encode($street_address), utf8_encode($street_address2)), 'Company' => $order->delivery['company'], 'PostalCode' => $postcode, 'City' => $city, 'StateOrProvinceCode' => $state, 'CompanyName' => $order->delivery['company'], 'CountryCode' => $country_id ) ) ); try { $av_response = $av_client->addressValidation($av_request); if ($av_response->HighestSeverity == 'SUCCESS') { $address_validation = true; if ($av_response->AddressResults->ProposedAddressDetails->ResidentialStatus == 'BUSINESS') { $residential_address = false; $address_type = 'commercial'; tep_session_register('address_type'); }elseif(($av_response->AddressResults->ProposedAddressDetails->ResidentialStatus == 'INSUFFICIENT_DATA') || ($av_response->AddressResults->ProposedAddressDetails->ResidentialStatus == 'UNAVAILABLE') || ($av_response->AddressResults->ProposedAddressDetails->ResidentialStatus == 'NOT_APPLICABLE_TO_COUNTRY')) { $address_type = 'residential'; tep_session_register('address_type'); } } } catch (Exception $e) { } if ($address_validation == false) { if ($order->delivery['company'] != '') { $residential_address = false; } else { $residential_address = true; } } if(isset($customer_id) && ($customer_id > 0)) tep_db_query("update " . TABLE_ADDRESS_BOOK . " set entry_delivery_type = '" . tep_db_prepare_input($address_type) . "' where address_book_id = '" . (int)$order->delivery['delivery_id'] . "'"); }else{ if ($address_type == 'commercial') { $residential_address = false; } else { $residential_address = true; } } This new code work is based off of USPS tables that fedex looks up the address to find out the address type. If no type is returned and the customer has a company name then defaults to commercial, else all others are residential. hope this helps. cheers Peter
  4. Distance based shipping This module will allow you to define a set radius from 0 to any other value in your selected unit of measure imperial or metric, (base radius). This defined zone around your shipping area can have a defined cost associated with it from 0 to any other value (defined zone cost). The unit of measure will be calculated based on the per unit of measure cost that is defined in the settings section in the admin. Distance outside of this defined radius will incur charges based on the following formula: shipping cost = (define zone cost + ((total distance shipped - base radius) * per unit of measure cost) Distance is rounded up to nearest KM or mile. Requests are sent in SSL mode (I may change this later but would fully expect people to use SSL in the checkout section) Add on is found at: cheers Peter M
  5. We have successfully implemented UPS dimensional shipping. Did you make any changes to the UPS XML version or just implement shipping sizes in the product editing and set up the shipping sizes in the admin tool? As well did you use the same logic for the Fedex module? thanks, Peter
  6. Just curious, where did you get this module?
  7. Hi, I was looking to install this module on a site, but ran into issues with PHP compatability. In the create_order.php file, you are using : $result = $rs->fetch_all(MYSQLI_ASSOC); // line 89 which works with php 5.3 and beyond. With the 5.2 serries it has issues. I switched to an older file you have there and the drop down has some strange test options to use. On any selection I then get another error: Which again I am sure would be related to compatability issues. Will your newest version fix compatability issues? and when might you release this? Just curious if you have a time line is all. thanks Peter M PS. it is a pretty impressive piece of work still :)
  8. The latest release has an issue with the categories editing tool, it does not save the Category name or the description. No error is generated, as well the category id is not set on the redirect after the edit... cheers Peter
  9. Yes, this also leaves you open to liability issues, and if the credit card companies find out, they can remove your credit card processing entirely from your business (and sue you for any losses they incurred). The CVV is never to be stored, it is used and discarded, even PCI does not allow for the saving of this value.. cheers
  10. Hi, I am wondering a few things on the new release being based on BSD License. There are several flavours of BSD ( see ) , which is going to be used ? What will this mean in terms of code, will code still be required to be released with both the source code ( for binaries ) and no encryption? Is there a reason that a move away from the GPL has been done for ver 3 ? I have been using GPL based code for many years and just not positive of all of the changes that this will bring about in terms of requirements on code development and releases. cheers
  11. I was having issues with the - (minus sign) within the urls. there is also additional code to prevent the XSS with the replacement of specific characters with the encoded representatives of the character... cheers
  12. Here is my canonical fuction I changed a bit so it passes PCI scans (XSS issue) and a few minor changes : // remove duplicate content with canonical tag by Spooks 12/2009 function CanonicalLink( $xhtml = false , $ssl = 'SSL' ) { global $request_type; $rem_index = true; // Set to true to additionally remove index.php from the uri $close_tag = ( false === $xhtml ? ' >' : ' />' ); $spage = ''; $domain = ( $request_type == 'SSL' && $ssl == 'SSL' ? HTTPS_SERVER : HTTP_SERVER ); // gets the base URI // Find the file basename safely = PHP_SELF is unreliable - SCRIPT_NAME can show path to phpcgi if ( array_key_exists( 'SCRIPT_NAME', $_SERVER ) && ( substr( basename( $_SERVER['SCRIPT_NAME'] ), -4, 4 ) == '.php' ) ) { $basefile = basename( $_SERVER['SCRIPT_NAME'] ); } elseif ( array_key_exists( 'PHP_SELF', $_SERVER ) && ( substr( basename( $_SERVER['PHP_SELF'] ), -4, 4 ) == '.php' ) ) { $basefile = basename( $_SERVER['PHP_SELF'] ); } else { // No base file so we have to return nothing return false; } // Don't produce canonicals for SSL pages that bots shouldn't see $ignore_array = array( 'account', 'address', 'checkout', 'login', 'password', 'logoff' ); // partial match to ssl filenames foreach ( $ignore_array as $value ) { $spage .= '(' . $value . ')|'; } $spage = rtrim($spage,'|'); if (preg_match("/$spage/", $basefile)) return false; // REQUEST_URI usually doesn't exist on Windows servers ( sometimes ORIG_PATH_INFO doesn't either ) if ( array_key_exists( 'REQUEST_URI', $_SERVER ) ) { $request_uri = $_SERVER['REQUEST_URI']; } elseif( array_key_exists( 'ORIG_PATH_INFO', $_SERVER ) ) { $request_uri = $_SERVER['ORIG_PATH_INFO']; } else { // we need to fail here as we have no REQUEST_URI and return no canonical link html return false; } $remove_array = array( 'currency', 'language', 'main_page', 'page', 'sort', 'ref', 'affiliate_banner_id', 'max', 'gclid'); // Add to this array any additional params you need to remove in the same format as the existing $page_remove_array = array( FILENAME_PRODUCT_INFO => array('manufacturers_id', 'cPath', 'reviews_id', 'keywords', 'gclid', 'filter_id', 'inc_subcat', 'pfrom', 'pto', 'dfrom', 'dto', 'fl'), FILENAME_DEFAULT => array('sort', 'filter_id', 'src', 'OVRAW', 'OVKEY', 'OVMTC', 'OVADID', 'OVKWID', 'ysmwa'), FILENAME_CATEGORIES => array('manufacturers_id', 'cPath', 'reviews_id', 'keywords', 'gclid', 'filter_id'), FILENAME_PRODUCT_REVIEWS => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id'), FILENAME_ADVANCED_SEARCH_RESULT => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id', 'x', 'y', 'inc_subcat', 'categories_id', 'pfrom', 'pto', 'dto', 'dfrom'), FILENAME_ADVANCED_SEARCH => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id') ); // remove page specific params, should be in same format as previous, given is manufacturers_id & cPath // have to be removed in product_info.php only if (is_array($page_remove_array[$basefile])) $remove_array = array_merge($remove_array, $page_remove_array[$basefile]); foreach ( $remove_array as $value ) { $search[] = '/&*' . $value . '[=\/]+[\-\]+[\w%..\+]*\/?/i'; } $search[] = ('/&*osCsid.*/'); $search[] = ('/\?\z/'); if ($rem_index) $search[] = ('/index.html\/*/'); $request_uri = preg_replace('/\?&/', '?', preg_replace($search, '', $request_uri )); //XSS isssue resolved here $request_uri = str_replace("<", "<", $request_uri); $request_uri = str_replace(">", ">", $request_uri); $request_uri = str_replace("'", "'", $request_uri); $request_uri = str_replace("\"", """, $request_uri); $request_uri = str_replace(")", ")", $request_uri); $request_uri = str_replace("(", "(", $request_uri); // added this in for home page issues modify if you do not use a sub folder or is a different name for the cart system if (($request_uri == '/catalog/') || ($request_uri == '/catalog/index.php')){ echo '<link rel="canonical" href="' . $domain . '"' . $close_tag . PHP_EOL; }else{ echo '<link rel="canonical" href="' . $domain . $request_uri . '"' . $close_tag . PHP_EOL; } } /// Nice function by the way....I would highly recommend this be added to all shops to remove duplicate content issues. cheers
  13. It seems paypal has changed the IPN system. Now for every recurring payment, a notice is sent on every payment made to the IPN system. This means any old urls still having recurring payments or new ones will need to handle this differently. For the old urls, a success code is needed to be sent to paypal upon receipt of the IPN, for new IPNs being processed on live IPN links, the system will now need to check the status of the order, and then send emails based on the status that are more clear to the customer. cheers
  14. Just a word on the module the file includes/modules/payment/paypal_wpp.php : [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]1608[/b] [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]2190[/b] [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]2192[/b] fix : Comment out the lines : $this->cardinal_centinel_lookup($auth_info, &$order_info); $this->cardinal_centinel_authenticate($auth_info, &$order_info); $this->cardinal_centinel_before_process(&$order_info); This will also disable the centinel feature. I have no use for it, but other may so you might want to look at the $this-> reference as this is the issue. cheers
  15. In regards to the PWA inclusion, I have a suggestion and one which I have implemented on many sites already. I took part of the PWA idea and converted it so that an account is created if one does not exist, this is done and is part of the checkout process. So if a customer does not have an account and they checkout, the data from shipping and payment are stored and an account is created. Defaults are used for newsletters and a random password is sent to the user. What this does, it removes the create account process (or redirect to it) allows for a login on the same page, saves the data for further marketing uses and streamlines the checkout process. I have also added both the shipping and the payment pages together and used javascript for dynamic updates to the costs based on shipping methods selected. This new checkout system has, one page for the gathering of the shipping/billing info (login if an account already) creates the account and sends the user to the shipping/payment page. Here they are allowed to edit the addresses for billing and shipping and select the shipping method and payment method, third page is the standard confirmation page. click it and complete. I am sort of wondering why you would not want to have an account created for the purchase, this has never really made sense to me as the vast majority of the info is saved anyways, and generally leads to more issues then it solves (order tracking and comments etc). I understand that the redirect and the three additional pages is not a good idea, but removal of the account totally does not make much sense either. I propose that a streamlining of the checkout in a similar fashion would lead to a more robust checkout and ability to market to these people in the future, which is what sales are all about. cheers,