Jump to content

lybrary

Members
  • Content count

    46
  • Joined

  • Last visited

1 Follower

Profile Information

  • Real Name
    Chris Wasshuber
  1. lybrary

    PayPal App for osCommerce Online Merchant

    What changes, if any, do we need to do if our admin directory has a different name?
  2. lybrary

    PayPal App for osCommerce Online Merchant

    Trying to install this app I am getting the warning: Warning: constant(): Couldn't find constant OSCOM_APP_PAYPAL_PS_STATUS Warning: Cannot modify header information - headers already sent When I change the level of error reporting to have this warning suppressed it goes into a redirect loop and nothing is installed. Any help would be appreciated. I am trying to install this on an older osCommerce version from 2005.
  3. lybrary

    SiteMonitor

    Oh my oh my, the algorithms used in function runSitemonitor are really bad. Any site with more than a few hundred files will not be able to run this function because it most likely will time out with a server error. SiteMontior uses nested for loops, the same 3 times in a row! And the logic of file comparison is incorrect. I think SiteMonitor would need a complete overhaul but I don't have the time to do this. But I will show what I did with runSitemonitor to make it lightning fast even for large sites and allow file comparison even if files where deleted (of course comparing those that are still there, not the deleted ones). First you need to store refFiles in an associative array where the file name is the index rather than a numeric index. Once you have done that you can simply use array_key_exists() to check if the file is there and do your comparisons. And we fold the three loops into one. Here is the key part that I changed in runSitemonitor /************** SEE IF THE FILE SIZES ARE DIFFERENT ****************/ /************** SEE IF THE TIMESTAMPS ARE DIFFERENT ****************/ /************** SEE IF THE PERMISSIONS ARE DIFFERENT ***************/ $msg .= "\nSIZE MISMATCH:\n"; $error = 0; $msg_time = ''; $error_time = 0; $msg_perm = ''; $error_perm = 0; $size = count($files); $refFiles = GetReferenceFilesAssoc($referenceFile); //reload for all checks below for ($i = 0; $i < $size; ++$i) { if (array_key_exists($files[$i], $refFiles)) { // check file size $newSize = GetSize($files[$i]); $oldSize = GetPart(SIZE - 1, $refFiles[$files[$i]]); // -1 because in associative version the first element is missing if ($newSize != $oldSize) { $msg .= DisplayMessage($verbose, ('Difference found: New-> '. GetFileName($files[$i]) . ' '. $newSize . ' Original-> ' . $oldSize)); $logEntry['Size Changed'][] = $files[$i]; $error++; $ttlErrors++; } // check timestamp $r = @stat($files[$i]); if ($r[9] != GetPart(TIME - 1, $refFiles[$files[$i]])) { $msg_time .= DisplayMessage($verbose, ('Time Mismatch on '. GetFileName($files[$i]). ' Last Changed on ' . gmstrftime ("%A, %d %b %Y %T %Z", $r[9]))); $logEntry['Time Changed'][] = $files[$i]; $error_time++; $ttlErrors++; } // check permissions $pCurrent = substr(sprintf('%o', @fileperms($files[$i])), -3); $pLast = GetPart(PERM - 1, $refFiles[$files[$i]]); if ($pCurrent != $pLast) { $msg_perm .= DisplayMessage($verbose, ('permissions Mismatch on '. GetFileName($files[$i]). ' Currently set to "' . $pCurrent . '" was set to "' . $pLast .'"')); $logEntry['Permissions Change'][] = $files[$i]; $error_perm++; $ttlErrors++; } } } if (! $error) $msg .= DisplayMessage($verbose, 'No size differences found...'); $msg .= "\nTIME MISMATCH:\n" . $msg_time; if (! $error_time) $msg .= DisplayMessage($verbose, 'No time mismatches found...'); $msg .= "\nPERMISSIONS MISMATCH:\n" . $msg_perm; if (! $error_perm) $msg .= DisplayMessage($verbose, 'No permissions mismatches found...'); And GetReferenceFilesAssoc() is the same as GetReferenceFiles() but it has a little addition at the bottom where the associative array is built. Hope this helps others on larger sites. Again, the idea of SiteMonitor is brilliant, the programming is subpar and fails for larger websites. function GetReferenceFilesAssoc($path) //use curl if possible to read in site information { global $username, $password, $admin_dir; $lines = array(); if (! empty($admin_dir) && ! empty($username) && ! empty($password) && function_exists('curl_init')) { $path = $admin_dir . '/' . $path; $ch = curl_init(); $timeout = 5; // set to zero for no timeout curl_setopt ($ch, CURLOPT_URL, $path); curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_USERPWD, $username.':'.$password); $file_contents = curl_exec($ch); curl_close($ch); $lines = explode("\n", $file_contents); } else { $fd = fopen ($path, "r"); while (!feof ($fd)) { $buffer = fgets($fd, 4096); $lines[] = $buffer; } fclose ($fd); } if (empty($lines)) { echo 'Failed to read Reference File'; exit; } $return_array = array(); for ($i=0; $i<count($lines); $i++) { $pos = strpos($lines[$i], ","); $return_array[substr($lines[$i], 0, $pos)] = substr($lines[$i], $pos+1); } return $return_array; }
  4. lybrary

    SiteMonitor

    Site Monitor is a great contribution, however it obviously was not tested on sites with lots of files. My site has close to half a million files. There are a couple of bugs I have found. The out of memory error is easy to fix, but for others I had to debug for hours. Here are my findings: - function ExcludeDirectory: Why do you pass a start_dir variable? It is never used for anything even though you run some string operations on it but then never use it. So I removed that one. (This was not really a bug but unnecessary code.) - file: sitemonitor_configure_setup.php: You are missing a "require('sitemonitor_configure_setup.php');" right at the beginning and you need to get rid of "$excludeList = array();" /****************** BUILD THE HACKED FILE LIST *********************/ $excludeList = array(); Because otherwise the excluded directories are still being processed which on big sites leads to a failing script. With these changes I can at least run the site monitor, however not the check for hacked files. There again we have a function rglob() which tries to traverse all subdirectories ignoring the excluded ones. On big sites this is simply not possible. rglob should also obey the exclusions or if you want have another set of exclusions for this operation. What I did is add a if (ExcludeDirectory($sSubDir, $sDir)) continue; Inside the foreach of the rglob() function plus adding the necessary "require('sitemonitor_configure.php');" in sitemonitor_admin.php. It seems to be running even though I have not fully thought this through. In general I have to note that some of the coding techniques used in this contribution is pretty strange or awkward if you will. I like the idea of the contribution but execution is a bit shaky.
  5. lybrary

    Official PayPal IPN Support Thread

    I have installed version 2.3.4 but the total payment that shows up for the customer at Paypal is zero dollars. Did anybody run into the same problem? Any ideas of what this could be? I am using Aggregate. Everything else looks right. When the customer comes to the confirmation page, the order is entered correctly into the order table. But then when he clicks 'confirm order' on the first Paypal page the total is zero. Any help would be appreciated.
  6. Found another error and fix with this contribution. The first rewrite rule is RewriteRule ^(.*)-p-(.*).html$ product_info.php?products_id=$2&%{QUERY_STRING} The second (.*) is way too open and should be modified to ([0123456789_]*) because there are only digits and underscores to be found. It fails for example with one of my manufacturers called 'M. P. Adams', which translates to a link of m-p-adams-m-17.html The -p- triggers the product_id rewrite line and of course fails because there is no product_id adams-m-17. By using ([0123456789_]*) one prevents this from triggering. The same applies to the -c- and -m- rules. Any comments? I have never written any .httaccess files, so am not sure if what I do is actually ok.
  7. Do you know how to reach him?
  8. Ok, after some more poking here is why this fails and how to correct it. I think this is a real bug. Comments appreciated. The function that causes the problem is function stock_href_link() The last line is: return htmlspecialchars(utf8_encode($link)); Why is there a htmlspecialchars() function? This function turns every & into an & I replaced it with: return str_replace('"','"',str_replace('>','&gt',str_replace('<','<',utf8_encode($link)))); This does the same as htmlspecialchars except leaves the & unchanged, because these are the parameter separators. It would be great to hear from the contribution author if my fix is ok or could cause other problems later on. Any other solution would be appreciated, too.
  9. I tested the above comment a bit and it seems that the error is introduced by the tep_redirect: tep_redirect(tep_href_link(FILENAME_LOGIN,'login=fail&reason=test')); This statement will produce the following link .../catalog/login.php?login=fail&reason=test the & should either be a & or a SEO safe url. The way it is now is broken.
  10. I have encountered the following error or misbehavior: The PWA (purchase without account) contribution uses the following redirect: tep_redirect(tep_href_link(FILENAME_LOGIN, 'login=fail&reason=' . urlencode(str_replace('{EMAIL_ADDRESS}',$check_customer['customers_email_address'],PWA_FAIL_ACCOUNT_EXISTS)), 'SSL')); The & between fail and reason is turned into a & which causes the next page to display the incorrect error message. Any ideas how I can rectify this issue?
  11. There is another error when one uses 'search engine safe urls'. If the name/email matches it redirects to the login page, but this redirection fails if the search engine safe urls are set true in the admin section. Has anybody fixed that or run into this issue?
  12. Has anybody tried the 'purchase without account' with the PayPal Express Checkout payment module? I am getting a weird behavior in the case where the Paypal account email address is different to the email address specified for the guest account. Has anybody run into this issue? Any suggestions?
  13. lybrary

    Country-State Selector

    I found the problem. I set Telephon minimum numbers to blank which caused an error and didn't load the file with the refresh function. Problem solved. Does anybody know how to make Date of Birth or Gender not-required, but still show it as an optional entry for the customer to fill in? Chris.....
  14. lybrary

    Country-State Selector

    When I change the country the webpage does not refresh? Why? Chris....
×