cannuck1964

I was having issues with the - (minus sign) within the urls. there is also additional code to prevent the XSS with the replacement of specific characters with the encoded representatives of the character... cheers

Here is my canonical fuction I changed a bit so it passes PCI scans (XSS issue) and a few minor changes : // remove duplicate content with canonical tag by Spooks 12/2009 function CanonicalLink( $xhtml = false , $ssl = 'SSL' ) { global $request_type; $rem_index = true; // Set to true to additionally remove index.php from the uri $close_tag = ( false === $xhtml ? ' >' : ' />' ); $spage = ''; $domain = ( $request_type == 'SSL' && $ssl == 'SSL' ? HTTPS_SERVER : HTTP_SERVER ); // gets the base URI // Find the file basename safely = PHP_SELF is unreliable - SCRIPT_NAME can show path to phpcgi if ( array_key_exists( 'SCRIPT_NAME', $_SERVER ) && ( substr( basename( $_SERVER['SCRIPT_NAME'] ), -4, 4 ) == '.php' ) ) { $basefile = basename( $_SERVER['SCRIPT_NAME'] ); } elseif ( array_key_exists( 'PHP_SELF', $_SERVER ) && ( substr( basename( $_SERVER['PHP_SELF'] ), -4, 4 ) == '.php' ) ) { $basefile = basename( $_SERVER['PHP_SELF'] ); } else { // No base file so we have to return nothing return false; } // Don't produce canonicals for SSL pages that bots shouldn't see $ignore_array = array( 'account', 'address', 'checkout', 'login', 'password', 'logoff' ); // partial match to ssl filenames foreach ( $ignore_array as $value ) { $spage .= '(' . $value . ')|'; } $spage = rtrim($spage,'|'); if (preg_match("/$spage/", $basefile)) return false; // REQUEST_URI usually doesn't exist on Windows servers ( sometimes ORIG_PATH_INFO doesn't either ) if ( array_key_exists( 'REQUEST_URI', $_SERVER ) ) { $request_uri = $_SERVER['REQUEST_URI']; } elseif( array_key_exists( 'ORIG_PATH_INFO', $_SERVER ) ) { $request_uri = $_SERVER['ORIG_PATH_INFO']; } else { // we need to fail here as we have no REQUEST_URI and return no canonical link html return false; } $remove_array = array( 'currency', 'language', 'main_page', 'page', 'sort', 'ref', 'affiliate_banner_id', 'max', 'gclid'); // Add to this array any additional params you need to remove in the same format as the existing $page_remove_array = array( FILENAME_PRODUCT_INFO => array('manufacturers_id', 'cPath', 'reviews_id', 'keywords', 'gclid', 'filter_id', 'inc_subcat', 'pfrom', 'pto', 'dfrom', 'dto', 'fl'), FILENAME_DEFAULT => array('sort', 'filter_id', 'src', 'OVRAW', 'OVKEY', 'OVMTC', 'OVADID', 'OVKWID', 'ysmwa'), FILENAME_CATEGORIES => array('manufacturers_id', 'cPath', 'reviews_id', 'keywords', 'gclid', 'filter_id'), FILENAME_PRODUCT_REVIEWS => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id'), FILENAME_ADVANCED_SEARCH_RESULT => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id', 'x', 'y', 'inc_subcat', 'categories_id', 'pfrom', 'pto', 'dto', 'dfrom'), FILENAME_ADVANCED_SEARCH => array('manufacturers_id', 'cPath', 'keywords', 'gclid', 'filter_id') ); // remove page specific params, should be in same format as previous, given is manufacturers_id & cPath // have to be removed in product_info.php only if (is_array($page_remove_array[$basefile])) $remove_array = array_merge($remove_array, $page_remove_array[$basefile]); foreach ( $remove_array as $value ) { $search[] = '/&*' . $value . '[=\/]+[\-\]+[\w%..\+]*\/?/i'; } $search[] = ('/&*osCsid.*/'); $search[] = ('/\?\z/'); if ($rem_index) $search[] = ('/index.html\/*/'); $request_uri = preg_replace('/\?&/', '?', preg_replace($search, '', $request_uri )); //XSS isssue resolved here $request_uri = str_replace("<", "<", $request_uri); $request_uri = str_replace(">", ">", $request_uri); $request_uri = str_replace("'", "'", $request_uri); $request_uri = str_replace("\"", """, $request_uri); $request_uri = str_replace(")", ")", $request_uri); $request_uri = str_replace("(", "(", $request_uri); // added this in for home page issues modify if you do not use a sub folder or is a different name for the cart system if (($request_uri == '/catalog/') || ($request_uri == '/catalog/index.php')){ echo '<link rel="canonical" href="' . $domain . '"' . $close_tag . PHP_EOL; }else{ echo '<link rel="canonical" href="' . $domain . $request_uri . '"' . $close_tag . PHP_EOL; } } /// Nice function by the way....I would highly recommend this be added to all shops to remove duplicate content issues. cheers

It seems paypal has changed the IPN system. Now for every recurring payment, a notice is sent on every payment made to the IPN system. This means any old urls still having recurring payments or new ones will need to handle this differently. For the old urls, a success code is needed to be sent to paypal upon receipt of the IPN, for new IPNs being processed on live IPN links, the system will now need to check the status of the order, and then send emails based on the status that are more clear to the customer. cheers

Just a word on the module the file includes/modules/payment/paypal_wpp.php : [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]1608[/b] [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]2190[/b] [b]Warning[/b]: Call-time pass-by-reference has been deprecated in [b]includes/modules/payment/paypal_wpp.php[/b] on line [b]2192[/b] fix : Comment out the lines : $this->cardinal_centinel_lookup($auth_info, &$order_info); $this->cardinal_centinel_authenticate($auth_info, &$order_info); $this->cardinal_centinel_before_process(&$order_info); This will also disable the centinel feature. I have no use for it, but other may so you might want to look at the $this-> reference as this is the issue. cheers

Why not simply copy and create three products and then keep the inventory managed for each. You should change the descriptions which would allow you to keep the SEO aspect (no duplicate content). Inventory is not managed well in osCommerce and needs work in several areas. cheers, Peter

You would need to edit the includes/functions/quick_pick.php file an look for the function which displays the past orders. It is there that the drop down is created. cheers, Peter M

The past orders have two new fields added to the orders DB table. These new fields will not break the My Account area at all, as that area will ignore the new fields added to the orders table. The orders prior to the adding of these new fields should also work correctly, but will not display any attributes associated with the past order as the new fields added to the orders table are only for the orders attributes. The pulling of the past orders is done though the includes/functions/quick_pick.php file and gets data from the orders table, and if the order had attributes associated with it, then from the attribute tables. I suspect something else is going on there as this should be working fine and works without issue on the fresh install of osCommerce on my dev server. I have run several orders through and all display correctly. Do you have other contributions installed on the site which effect the orders? Are these orders done with paypal IPN? There is something strange going on here and I would be curious as well to know what the issue is so it can be fixed. cheers, Peter M.

Did you install the changes missed from the initial release? If so, then past orders that were made prior to the installation of the quick orders system will not have all of the stored info needed to pull the past orders made. All new orders will contain the correct info and will display correctly though, and over some time this situation will correct itself automatically. cheers, Peter M

Update added to the contribution: Changes added to it for the use of icons instead of button images. There has been a small change to the english.php file as well for fixing a spelling issue. Thanks go to Scott (olsonsp4c) for the additions for the icons to the script. cheers and happy holidays to all. Peter M

Not sure about auto expand, but this can be adjusted so it is set to a larger value. I would have to review the code to see where this would be done.... cheers, Peter M

I am up and running right. Thanks I will fix this and add a new upload, not a huge thing to fix :) cheers, Peter M

Yes it is complete and functioning fully. There were a few minor issues which I missed but if you obtained the most recent, then it should be working just fine. cheers, Peter M

The system allows customers to save products that are in the cart as an order, this order is saved with a name, then recalled by selection of the saved order name. The past orders made by the customer are also displayed and allow for simple adding to the cart via one button selection. test it some and you will see that is is a simple but useful tool for re-ordering of products by customers. cheers, Peter M

Thanks, Now I understand what you ment there ;) I have fixed up the distribution and it should be complete now. cheers, Peter

cheers and Glad it is straightened out for you and have a happy holiday season :) Peter M

Did you add in the new SQL as well? here is what is needed: ALTER TABLE orders_products_attributes ADD products_options_id int NOT NULL; ALTER TABLE orders_products_attributes ADD products_options_values_id int NOT NULL; As well there was a change to the checkout_process file. This is documented in the install doc found in the newest release. cheers, Peter

Ok, I missed some file changes and two DB changes for the orders_products_attributes table. The installation docs and the changes for the checkout_process.php file have been added to the install doc. Please add the changes and re-test. I believe I have gotten all of the file changes in place now. cheers, Peter M