Jump to content


  • Content count

  • Joined

  • Last visited

Posts posted by Chadduck

  1. Hello Everyone

    I thought I would share an interesting development and a work around for the issue.  I do not know how many have actually ran into this issue but it is distressing when it happens as it did to me.  

    After working for 6 months updating from OSC 2.3.4 to become mobile friendly and useable I recently updated my desktop Quickbooks version.  I had been at Enterprise 2018 and updated to Qucikbooks Enterprise 2020.

    The OSC qbooks module that I had used for years and that had been working wonderfully with the 2018 version during the IIF import was suddenly giving me errors.  Like anyone who has ran into this issue, I went to the quickbooks help section and to my dismay the solution was to recode the interface - not something I was relishing the thought of doing.  BUT like anyone who refuses to change I began - which is a whole different story.

    This morning, I decided that I could NOT be the only one with the issue so I went to the OSC contributions section.  There is no module that indicates it was updated in the last two years which is when this became a problem (with Quickbooks version 2019).  So that was a bust.  Time for a Google search of the situation.  There were tons of articles dealing with IIF files, in general, but none that appeared to be the solution to my (and the ecommerce community in general) issue.  However one did catch my eye entitled "QuickBooks 2019 & 2020 IIF Import « Big Red Consulting".

    After reading through the article and obtaining a better understanding of its contents - I figured "What can it hurt?".  If it failed I was no worse off.  FORTUNATELY it worked and I was back in business.  I have checked the procedure with a PENDING status order export, a SHIPPED status order export, and a PARTIAL status order export.  

    I have attached a pdf of the Big Red Consulting website page.  IF you wish to read it online you can find it here


    Hopefully this will assist some else who dreads going back to the old days of manually entering their data into Quickbooks.



    QuickBooks 2019 & 2020 IIF Import « Big Red Consulting.pdf

  2. Jack

    As previously discussed in Honeypot I had set Block IP Automatically to 4. After the following incident I put it back to the original setting - blank.

    Last evening I had a lady that was having difficulty creating an account.  Ultimately got herself, or I should say her IP, banned.  She emailed me and identified herself and asked IF I could help.  Being late I told her to send me a phone number to contact her.  She did.  I will manually take her order over the phone.

    Anyway - this morning, I tried to create a generic account for her BUT was unable to do so.  Prior to doing so, I manually removed her IP from the Honeypot log.  

    HER IP from Honeypot (manually removed)

    XXX.YYY.ZZZ.209 01-07-2020: Denied due to captchaThis IP has 1 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Denied due to being too soon by GENNA ______ .This IP has 2 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Denied due to captchaThis IP has 3 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Denied due to being too soon by genna ______ .This IP has 4 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 5 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 6 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 7 violations.
    XXX.YYY.ZZZ.209 01-07-2020: Permanently blocked from the site due to too many violations.This IP has 8 violations.

    After REMOVAL when I attempted to create the account I received the following

    MY IP
    XXX.YYY.ZZZ.15 01-08-2020: Denied due to count limit by Genna ______ .This IP has 3 violations.

    2 of the violations were for the password being too short. DOH!!!

    HOW DO I REMOVE her name, IP from the Honeypot and/or View Counter ban?

    I have done the following

    1. searched the database - her name does not exist
    2. searched the Honeypot log and removed the IP that she used


  3. Jack

    Have done the above with the Block Country.  It has eliminated much of the issues we have discussed (both publicly and privately) and for that I am thankful.

    However, the country Hong Kong is NOT in the "Choose the countries to be blocked" list.   And while I am aware I can ban the individual IP - the IP is does not seem to be re-used nor the same on the report see graphic.  



    view_counter 1.JPG

  4. 10 hours ago, Jack_mcs said:

    Try changing this line in the captcha.php file

    $font = 'verdana.ttf';

    to this

    $font = realpath('verdana.ttf');



    Again - I am indebted to you.



  5. This is such a wonderful contribution.  It is an invaluable security tool for every store.

    Having said that - I decided after a week of having my new store operational to enable the captcha portion.  Up to this point I have had this setting set to None

    Show Captcha
    Do you want to display a security challenge on the page?


    FIRST I tried Numbers - No Joy.
    I then tried Image - No Joy.

    For some stupid reason I can NOT get the captcha question (numbers or image) to show.  I do get the the line showing "Security Question" then a space where the captcha should be and finally the text entry for the answer.  

    Reviewing the php_error.log there are these entries. the ....../ indicates the long directory on the server

    PHP Warning:  imagettfbbox(): Could not find/open font in ....../captcha.php on line 44
    PHP Warning:  imagettftext(): Could not find/open font in ....../captcha.php on line 89

    As pointed out earlier in this topic - GD Support is enabled.

    The verdana.ttf is located in the same directory as captcha.php

    What should I be looking at or looking for.

  6. This may be silly to ask BUT is there a SPECIFIC set of header tags the SHOULD be enabled?

    I realize much depends on the store but I did not disable any and have added those that have been required by module addons.


  7. I can't seem to locate another topic that addresses this searching with "Social bookmark wording" OR "Facebook wording" so I will ask here.

    I recently updated my store from OSC 2.3.4.  I have enabled the Social Bookmarks modules which is the source of my question.  When sharing to Facebook the item's pic is displayed with this "You must have JavaScript enabled in your browser to utilize the functionality of this website. Click here for instructions on enabling javascript in your browser."

    Can that wording be changed or is it Facebook's wording?

    If it can be changed WHERE is it done?

    Thanks in advance.



  8. Jack suggested that if we do not cater / sell to a particular country that it should probably be banned to prevent spam and bandwidth usage.

    Since I am really just learning to use View Counter how is the best way to ban an entire country?



  9. 20 minutes ago, Jack_mcs said:

    The $text in that line is sending the same entry that you see in the log file. That explains what the failure was. Are you not seeing that?

    Sorry about that - I missed it.  Yes it is showing in BOTH I was so focused on getting the email - and when the emails happened - Well excitement took over.  This upgrade process has been 6 months in the making and making sure things are working with emails, credit cards, etc. - I was excited when I started getting the HoneyPot emails since I thought I had coded something which immediately made me start questioning IF I had miscoded it had I done the same elsewhere.

    I have told you privately but I will do so here in public 

    Thanks again for all that you give to the community as a whole and especially the help you have provided to me.


  10. Jack

    Thank you for the assist.  A follow on question

    Since that solved the NO EMAIL issue what do I need to do to STOP emails that are for valid accounts?  Since I have emails working now I have received two separate ones like this for VALID accounts

    WWW.XXX.YYY.Z 01-03-2020: A new account was created by by Jane Doe.This IP has 1 violations.
    WWW.XXX.YYY.Z 01-03-2020: A new account was created by Frank Smith.This IP has 1 violations

    I know they are valid accounts since orders were placed by the individuals creating the accounts.

    Also, can this code

    tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

    be changed in any manner to indicate what the violations were?  Just asking because right now I am ecstatic to be getting the emails.



  11. 6 minutes ago, Jack_mcs said:

    Try replacing that line with this one

    tep_mail('to me', STORE_OWNER_EMAIL_ADDRESS, 'honey pot failure', $text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);


    THAT WORKED... Email arrived

    Subj: honey pot failure
    WWW.XXX.YY.ZZZ 01-03-2020: Denied due to numbers in a nameThis IP has 2 violations.


  12. Jack as per your instructions I have tried the various combinations to no avail.

                error_log($text, 1, STORE_OWNER_EMAIL_ADDRESS);
    //            error_log('hello', 1, STORE_OWNER_EMAIL_ADDRESS);
    //            error_log($text, 1, 'webmaster@XXXXXXX.com');
    //            error_log($text, 1, 'XXXXXXXX@gmail.com');

    WWW.XXX.YY.ZZZ  01-02-2020: Denied due to numbers in a nameThis IP has 2 violations.
    WWW.XXX.YY.ZZZ  01-02-2020: Denied due to letters in phone or fax fields.This IP has 3 violations.
    WWW.XXX.YY.ZZZ  01-02-2020: Denied due to numbers in a nameThis IP has 4 violations.
    WWW.XXX.YY.ZZZ  01-02-2020: Denied due to being too soon by testing testing.This IP has 5 violations.

    The interesting part is that the View Counter email works (see post here https://forums.oscommerce.com/topic/392949-view-counter/?page=21)  
    With that working - it is obvious that the store's email is correctly configured.  

    This is off the wall BUT it is possible that the code inserted in the create_account.php for View Counter could be conflicting somehow?  I ask since the only difference between the OLD version store and the NEW version store - View Counter was NOT installed into the create_account.php file.

    I will attempt to restore the create_account.php WITHOUT the View Counter code and check.

  13. 17 minutes ago, Mikepo said:

    Just ban the IP to stop the event happening again.  Hope that helps.


    Thanks - that is what I thought and the first thing I did was ban the IP before trying figure out the rest.


  14. Forgive me if this has been asked or explained elsewhere.  I searched this topic for "Trap warning" and although several posts were flagged they all seem to deal with the installation and errors others were having with View Topic installs.

    When I arrived at my desk this morning I had this email waiting on me 

    Subj: View counter IP Trap warning for IP
    The IP attempted to alter the url in a way that is consistent with hacking attempts.
    ******* This IP should be banned *******.
    Click this url, http://www.projecthoneypot.org/ip_5.101.0.209, to find out more information about this IP.

    My question is simple - while I assume that it is/was View Counter that wants "Projecthoneypot.org" to be visited and notified - WHO/WHAT is the "Projecthoneypot.org" organization?  

    Yes I have read the "About" on the site but it also refers to this "To participate in Project Honey Pot, webmasters need only install the Project Honey Pot software somewhere on their website. "

    I KNOW that I did NOT install their software ANYWHERE on my server.

    What's going on?

  15. Jack

    I hate to bother you but I have a small issue that I am certain is a setting.

    As you are aware (from our private messages) I recently moved over to a newly updated store. In the OLD store Honeypot was sending emails to the store owner (me).  Since I switched over those emails have stopped.

    The Honeypot log is being updated as shown in this excerpt 01-02-2020: URL's are not allowed in the message.This IP has 2 violations. 01-02-2020: URL's are not allowed in the message.This IP has 1 violations. 01-02-2020: Denied due to a country - state mismatch.This IP has 1 violations. 01-02-2020: URL's are not allowed in the message.This IP has 2 violations.

     The settings from the header tag (setup file settings) are
    Log Tracker

    Emails from the store are working and being sent. 

    There is nothing showing up in the php_errors.log nor is anything showing in the domain error logs either

    Can you point me in the right direction?  Or at least give me a starting place?  


  16. ecartz


    I am ALWAYS amazed by those that can find an error induced by a module other than the one that is failing.  Incorporating your change above solved the unescaped apostrophe.

    I, myself, would have never looked outside of the module that I had just installed.

    Thanks again.