Latest News: (loading..)


  • Content count

  • Joined

  • Last visited

  • Days Won


MrPhil last won the day on August 19

MrPhil had the most liked content!

About MrPhil

Profile Information

  • Real Name
  • Gender

Recent Profile Visitors

101,660 profile views
  1. If you've been editing .php files, and start getting a 500 error, it's quite possible that you left a blank or empty line at the very beginning of the file (before <?php) or after the very last line (after ?>). Check that. If you're using a poor quality editor (like Notepad), it may be difficult to see such corruption. Try using a good editor such as ViM or Notepad++.
  2. I wouldn't be terribly surprised if giving the currency twice (explicit '$' in price, and 'USD' in currency), is upsetting somebody. Can you format the price as simply '179.00'? If the code is pulling the price from some other field, and it already has '$' in it, something as simple as changing $price to ...substr($price, 1)... might do the job.
  3. So which is it? I would say that it's more likely that the software that's been around for years was the one hacked, although you might have installed osC and neglected to check that installation files, etc. were removed when you were done. These can provide a path into your site if you're not careful. A host that wipes out your files so you can't see what happened doesn't sound like a very good host to me. You might want to start looking around for a new host if your current one is that uncooperative. How can you determine what happened if all evidence is gone? On top of that, you say they are demanding that you use expensive services from now on? osC 2.3.4 and Bootstrap (osC 2.3.4BS Edge) are entirely different animals. If you installed the "official" 2.3.4 offering, it's obsolete and non-responsive. 2.3.4BS Edge (available from GitHub) is the only up-to-date production-ready version (and is responsive). Everything else is either obsolete or beta (or even alpha) test. Fascinating, since Tim Berners-Lee didn't release the first web software until 1989...
  4. Just curious... does this "abandoned carts" only apply to human users? That is, have web crawlers pushing buttons and following links been weeded out? How about comparison shopping site bots/scrapers? I've heard of them loading up carts and then just walking away once they have the data they're looking for. While I'm asking, is there a standard "inactive time" for a cart before you declare it abandoned? I suppose that someone might be called away in the middle of a shopping session (dinner time, bed time, favorite TV show, emergency, etc.) and would like to pick up where they left off, but that might be asking too much past an hour or two. If someone is already signed in, it shouldn't be too hard to preserve and restore their cart, but if they're guests, that could be harder.
  5. PHP

    $total_price *= 1000000; There you go!
  6. PHP

    Is there a concise listing of what new features/fixes are in a given date Edge, without having to download the full package? I'm thinking of being for the benefit of someone on a older release, who wants to see quickly what's been added/fixed since their version, and whether it's worth upgrading. A release date is certainly as useful as a version number, provided the date is still accessible long after the "packaging" has been thrown away.
  7. I don't think a one-page checkout is the Holy Grail... a customer has a certain amount of information to input, and putting it all on one page means more scrolling, regardless of the screen size. Multiple pages (within reason) are OK, so long as each page sticks to one related area (and is clean and minimal, with no product listings or other extraneous clutter that slows loading), there is a progress indicator, and the customer can easily jump back to an earlier page. Personally, I would rather see several clean, well-organized pages than one cluttered and disorganized page that goes on forever and ever. To each his own. You know your customer set, and what they are more likely to want and expect. Note that when the customer has signed in to an existing account, the information should be presented for confirmation and update, to reassure the customer about where it's going and permit temporary or permanent update (don't forget to offer a password update). Thus, the amount of information presented, with or without account, should be about the same. Ask for the password again if they want to update their account. And don't forget to be under SSL if you are taking sensitive information, especially credit card numbers!
  8. 1, 3, and 4 are closely related. Giving shipping costs early in the process can be difficult for guests (you don't know the shipping address yet) and if you need to consolidate multiple items (by weight and volume) it can be difficult to estimate. If you have fixed overhead S&H costs, I would suggest not giving the shipping estimate per item as it's added to the cart, as the first few items are likely to show as quite high, and can drive away customers at that point. If your shipping and handling costs are per item and either distance-insensitive (e.g., USPS First Class) or you know the shipping address, it could be feasible to give the approximate shipping cost along the way. You may be able to give a range of shipping costs for each item (cheapest) if you don't know the shipping address. One thing you could do is make it obvious that the customer can enter their shipping address at any time, so that shipping costs (cheapest method) can be calculated on the fly. During checkout, bring up this address and ask only for update/confirmation. For Free Shipping, this is usually based on purchase value, so you can show a running tally of "buy $XX.XX more and get free shipping on the entire order!". 5. A slow site is a general problem that you need to fix. It will cause problems for customers long before they get to checkout. 6. Some sort of guest checkout (Purchase Without Account) is good here. I suspect that most people hesitate to register for four reasons: They fear they will be innundated with spam. You need to make it clear when inviting people to register that they will be able to control the mailings coming to them at all times, and their email address will not be sent to others. All marketing mailings must be explicit "opt in", with no "opt out" or preselected "opt ins". They fear that you will hold their credit card number or other personal information for extended periods. You need to make it clear what data you will hold and how it is protected and used, before they start the registration process. Make it clear that whatever data protection laws apply, you will obey them. They fear that you will ask for a lot of additional information, dragging out the process. Once they have filled out the PWA information, something like, "Just add an ID and password to register with us, and you can speed through future purchases without having to fill in this information again! Here is the information we keep and how we use it and protect it, All marketing emails, etc. are under your control.". Make sure the form information they just typed in doesn't get vaporized when you go to the other pages! Being able to track an order with a shipping company should not depend on having an account with you (give them the UPS etc. Tracking Number in an "order has shipped" email). They figure they are unlikely to visit you again, and will probably have forgotten they even have an account by then (yet another password to remember). This one you can't do much about, except to make it easy to register if they find themselves shopping with you again. Any followup email or product review is an opportunity to suggest they register -- you can even offer (for a limited time) to pre-fill the registration form using this order's information (and a one-time code). 7. Obviously, having a tremendous amount of information requested is confusing and irritating, particularly if it's poorly organized. Be careful about cramming too much on one page. If you have multiple pages, show a progress bar of where the customer is in the checkout process, and what's coming up. 2 or 3 short, clear, pages are better than 5 or 6, or one that goes on forever. if the shipping address is different from the billing address, fill out the shipping address first, and then ask if billing is different (bring up the input form only if the customer says yes). Anything to be less intimidating and lengthy is helpful. 2 and 8. Duh. Not much you can do about these.
  9. PHP

    All versions of 2.3.4BS Edge should work on PHP 5.6. I think Gold, too, but I won't swear to it. Only recent releases have been upgraded to work with PHP 7.0, and I'm not sure about 7.1. You may need to either update to the very latest Edge for 7.0 compatibility, or at least compare files and update your store manually. Keep in mind that there have been many releases of "Edge" (with changes)... Gary really fell down by not putting some sort of version number in it, so now there's no way to easily tell them apart.
  10. What osCommerce version? It sounds like you're on an older one which only supports MySQL (not MySQLi, like the newer versions). The "Cannot send session *" and "Cannot modify header" messages are a consequence of the "Deprecated" message and will go away once that's dealt with. If this store has been running unupdated for years, I'll bet it's still back on 2.2! In that case, it's time to install the current version, 2.3.4BS Edge, and migrate your data over to it. Edge is not on the site download page -- you have to get it from GitHub. You can make a copy of your database and install in a private test directory, although if your store isn't working at all, you might dispense with that (at least keep a backup of the current store and its data).
  11. Any action above and beyond the sale or registration itself should be explicit opt-ins, not chosen unless the customer takes action to select it. It's common sense and common courtesy that customer should not have to untick a box, or tick a box with an "undo our preselection" action (opt out). Oh, wait a minute -- they're not so common anymore, are they? Be careful that you don't abuse the consent the customer gave you to do one thing, to do other things too, even where the law permits. Interesting thing I read about the Nobel Economics Prize winner today (Thaler). He founded behavioral economics (how people really make their decisions, in a non-rational manner). One of his suggestions is to encourage personal retirement savings by automatically signing up new employees to a retirement savings plan (e.g., 401(k)), making them explicitly opt out of participation if they don't want to. Kind of the opposite of the GDPR mandate, even though saving for retirement is generally considered a smart thing to do (people tend to need a little kick to do it).
  12. It actually dates back to Benjamin Franklin (to reduce candle usage), and first appeared in WWI (in Germany, IIRC). It used to save energy when electric lighting was inefficient (incandescent bulbs only) and was the major user of electric power. Nowadays, it's believed that Air Conditioning actually uses more due to the Sun being higher in the sky when people get home, so the net is that DST uses more energy than Standard Time. Nonetheless, Congress extends DST at each "energy crisis" to show it's on top of things (ha!). Most people would be happy to have either ST or DST year round and avoid the annoying and hazardous changeovers. The outdoor recreation industry (golf courses, amusement parks, ski resorts, etc.) always do heavy lobbying to make sure DST doesn't go away, and would prefer to have it year round. I would prefer ST year round because I can't wake up and get going until the sky gets light, but maybe that's just me. Also, if it's extra dark on school mornings, more parents will be driving their kids to school rather than having them wait for the school bus in the dark (dangerous), wasting even more energy. I can remember waiting for the bus back in '74 in the pitch black.
  13. If you already have commercial hosting (on the Web), I strongly recommend that you make your test install there, in a private directory (it can even be password protected until you're ready to go live with your store). There are two advantages to this: 1) the configuration is exactly the same, so you won't get any nasty surprises when you try to migrate your store from your PC server to a real server, and 2) you won't be tempted to host your store yourself (on a PC), which is an engraved invitation to hackers to mess with you. The only time you should think about a *AMPP server on a PC/Mac is if you don't yet have commercial hosting, and want to play a bit before laying out the money, or you require a PHP version for development and testing that your hosting service doesn't yet provide. Either way, never put a live website on a self-hosted server.
  14. Your server is cutting off the Query String at {, leaving you only with 2255. You have two choices: add code to URLencode() the Query String as it's produced ({ } to %7B %7D), or change the PHP code to use something other than { }. Neither Gary (definitely) nor Harald (likely) have any plans to fix this, so you're on your own.
  15. Just to level-set everyone reading this, MariaDB is an open source fork/clone of MySQL, led by the original developer of MySQL. Many people became nervous about the future of MySQL when Oracle acquired Sun Microsystems, owner of MySQL, and feared that MySQL would become closed, or even be dropped in favor of expensive Oracle products. MariaDB is supposed to be a drop-in replacement for MySQL (at least initially), but it is probable that the two will diverge over time. It should be possible to write all database calls to a tep_db_* layer, which could convert DB-specific phrases in queries so that MySQL, MariaDB, PostgreSQL, and even Oracle and IBM proprietary SQL databases could all be used. This might be a preprocessor for query strings to take something like the LIMIT phrase in a MySQL-syntax query and convert it to the format used by another database, or it could be keeping the base SQL totally neutral (common) and adding on DB-specific phrases such as LIMIT in MySQL and the equivalent for other databases.