Jump to content
Latest News: (loading..)


  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by MrPhil

  1. OK, being in the US, it figured out that I don't need to pay any VAT. What if I were a French citizen who happened to be on a business trip (or holiday) to the US when I placed the order? Or I was in France, but using a proxy outside the country? Once I gave my billing or shipping address, presumably it would update the VAT to the proper amount, but is it legal for your site to quote one (low) price for display, and increase it at checkout (VAT to be added in)? I would think that at a minimum, I should be able to click on something around the VAT notice to give my country or province (whatever is needed to figure the VAT rate), to display the correct price with VAT. Or have the authorities admitted that it is not practical to show correct VAT on a website (until the shopper takes some action to give their location), and now allow a "without VAT (select your location)" price? In the US, it is customary to display prices sans sales tax, but something similar could be done to update the product display with possible shipping costs and sales tax, given a ZIP Code (postal code), either by manual action by the shopper, or by their signing in.
  2. Depending on the exact order of addition, multiplication by non-integer amounts, and rounding of intermediate results, it's easy to get a penny or two of difference in totals when using different computation methods. If you're getting close to .50 difference, though, something is badly wrong. Generally, most differences end up canceling out (plus and minus), and should not keep adding in one direction. Have you checked that PayPal isn't handling shipping amounts (or tax on it) differently from osC?
  3. For the vast majority of online shoppers, the lowest possible price (so long as the service isn't too painful) rules. The biggest retailers, like Amazon, who can put the most price pressure on their suppliers, will win. There used to be a concept of "trusts" and "monopolies" and "anticompetitive behavior" which governments tried to put an end to, but they all seem to have given up on that, allowing (and even encouraging) ever-larger businesses. Some day very soon Amazon will be large enough to start dictating government policy, and no one will be able to stand up and say, "no." Just look at all the state and city governments falling over themselves to be HQ2.
  4. Well, you still have to know who the customer is before you can tell them the VAT amount. My point is that VAT has always had to be included in the displayed price -- has that requirement been relaxed recently? Is it now legal to display a price "plus VAT" in any country where VAT is collected? If you don't know where the shopper is (geographically), you don't know the VAT rate is, and an IP address is insufficient to determine the whereabouts of the shopper (not to mention that they may be using a proxy or be out of their country when placing the order). Once you know the billing or shipping address of a signed-on customer (or they've filled out the information as a guest), it's simple to figure any tax rate. I assume that no one wants to require that a potential customer sign up/sign on before they can see prices.
  5. My assumption since the first post is that VAT must be displayed for the product even before you know who the customer is. Is everyone else assuming that you don't need to figure the VAT until the customer gives his shipping address? I think we're working on two very different problems. Once you have been given the shipping address, it's easy to figure out the tax rate (merely by country in this case... within US states with multiple tax jurisdictions, it's a nightmare requiring geolocation from the address and determining which county and city the buyer is within). Not having to display VAT to random shoppers would greatly simplify matters.
  6. Hmm. "Shopping habits"? Likely a GDPR privacy violation. IP address? What if online by proxy or while traveling out of the country? Billing address? We're talking about guest shoppers, not logged-in members. I don't think this is going to have a happy ending. More EU idiocy. Or at least, one hand doesn't know what the other is doing.
  7. osC 2.3.4 is known to have minor problems under PHP 5.5. Try falling back to 5.4 or 5.3 and see if that clears up the problem. However, you don't want to stay at backlevels for any period of time, because they are out of support and increasingly vulnerable to attacks. Even 5.5 is obsolete! PHP 5.6 only has a few more months of support left on it, so your host will need to be moving to PHP 7 soon, which osC 2.3.4 will definitely choke on. You should spend some time looking at installing the only current version, Edge (a.k.a. CE, Frozen, Final), which is available on GitHub (it's not the official release). Then your host should upgrade to at least PHP 5.6, if not higher (7.1 or 7.2 is considered current).
  8. Another thing to check: has your host just updated the PHP version? osC 2.3.4 is getting pretty long of tooth and will start to fail as you get up to currently supported PHP versions.
  9. The "dollar stores" are thriving because they're at the very bottom of the food chain, with many customers who can't afford a computer, and/or don't have a credit card (need to pay cash). It's all part of the deliberate destruction of the middle class (and thus, democracy) and the rise of the small oligarchy and the large peasant class. I see a major problem for brick and mortar retailers in that online merchants don't collect sales tax (often, even when they're supposed to). This gives many consumers the impression that it's legally tax free, and that can be a 7 or 8 percent price difference right there (neglecting higher shipping costs to deliver one at a time directly to your door). States are going to have to get their act together and either eliminate sales taxes (making up lost revenue elsewhere) or come up with streamlined consolidated systems that make it very easy for a merchant anywhere to figure out the tax rate on an item, and to remit collected sales tax. I'm not holding my breath for this to happen. B&M retailers of certain classes of items also have a problem with "showrooming", where potential customers come in to inspect the merchandise (perhaps tying up a salesperson for some time), then go online to order it, a double whammy for the retailer. On the other hand, besides higher shipping costs, eCommerce requires very restrictive return policies. Otherwise, customers too often buy one of everything and then return all but one. They can't actually try on a piece of clothing or otherwise personally inspect it, and so abuse the system.
  10. What are the legal issues here? An IP address is not a guarantee that you know the locality (at least to the level of the country), so you could end up giving the wrong rate. Someone could be using a proxy or even be ordering while out of the country, resulting in the wrong price being displayed. Are you protected if you give the wrong price?
  11. preg_replace to preg_replace_callback

    Doing a search ("all topics") on preg_replace_callback gave me 17 hits just on this forum. Were none of those sufficient? If not, I'm sure StackOverflow, among others (via Google), has a ton of suggestions. I'm not sure this is something that you can mechanically perform (i.e., it requires some understanding of what was being done before), but it should be reasonably straightforward.
  12. Is there any mechanism for osC to use the IP address to guess the country a guest is in (before login), and allow them to update it from a menu? Otherwise, this law sounds like another brain-dead EU deal where you're going to have to display multiple prices for each product, at different VAT rates, for all the possible countries. Not until the guest reveals what country they're in (or logs in, and their address is known) can you collapse it to a single price. I guess you could put the assumed VAT location next to the displayed price, and invite the shopper to update it to get the correct VAT. I wouldn't be surprised if an ISP or browser supplying the location (including country) would be considered a GDPR violation! At least in the US, prices are displayed sans tax, and not until the shipping address is known do you have to deal with the state/local sales tax rates. There is no VAT and there is no national sales tax.
  13. Log in disabled

    If this is the "official" 2.3.4 and not the BS/CE/Edge version, my understanding is that it will not work reliably under PHP 5.5.9. You should be looking into upgrading to Edge/CE/Final/Frozen, which is PHP 7.1+ compatible, since there is no official osC release that is truly PHP 7 compatible, and before long that's where your host will be (5.6 will soon be out of support, and 7.1 or maybe 7.2 is the current PHP release). I understand that you will not be looking forward to this, but it simply has to be done sooner or later, and it's simply not worth the effort to try to upgrade an old osC release to work with later PHP versions.
  14. Database structure

    I'm pretty sure things have changed since Gold (which is quite old now), but I don't have any references. The easiest way to check what's changed would be to make a database backup of your Gold (.sql file with table creation code) and compare it to oscommerce.sql in Frozen (assuming you don't have Frozen installed yet). The differences should be fairly minor, but there are likely to be a few.
  15. Log in disabled

    You need to tell us exactly what version of osCommerce, and exactly what version of PHP you're trying to run. It's possible that your host has upgraded PHP and thereby broken an old osC installation.
  16. I seem to recall reports of people starting to experience problems with osC 2.3.4 at around PHP 5.5, maybe even 5.4. Considering that 5.6 will soon be out of support, and 7.1 is considered the current release (or even 7.2?), I wouldn't hang on to osC 2.3.4 for any longer than necessary to get up and running (without being in a panicked rush).
  17. Is there anything in the way of "shipping restrictions" (add-ons) that would end up prohibiting shipping outside a certain zone? If you can't ship it, you can't buy it. That wouldn't prevent the item from being put in the cart in the first place (even if the shipping address is known at that point), but it might help. Maybe a shipping cost of -1 (outside the local zone) could be a flag to block the item? Don't forget to document such restrictions on the product page, to warn potential buyers up front, before they attempt to purchase it. By the way, osC 2.3.4 is quite obsolete. You should be thinking about upgrading to the current version, which is Edge/CE/Frozen/Final on GitHub. This won't help you with your original issue, but you shouldn't let yourself fall so far behind that upgrading (when forced to by your host's server upgrades) becomes an agonizing ordeal.
  18. Would the best approach be to limit "new" products to one or two pages? That, or a selectable age limit that only lets in products young enough to produce one or two pages.
  19. Fatal error php Tools - Security Checks

    Note that HollisterCA was using the non-responsive "stock", not the Community supported Edge/CE/Frozen/Final version, which is good for at least PHP 7.1 (maybe 7.2) out of the box. I don't know if a few oddball cases like this have been fixed. Do not use the stock available on the osC download page: it is obsolete!
  20. Mixed Content Error after installing SSL on site

    Does the directory /home/strato/https/ actually exist? If not, leave it as http/.
  21. PHP 7

    There are various functions around (e.g., tempnam, or possibly tmpfile) for creating unique temporary file names. It might be cleaner to use one of them. Also, when generating names, you have two problems: I don't see anything to prevent duplicates (unlikely, but still possible). Depending on who can see these names, some might be offensive. An easy way out of this to to drop the vowels and use only the 20 consonants.
  22. Select Product Image Directory

    With enough work, I'm sure it could be done. However, is it worth it? Something to keep in mind if you're deleting files or folders is that you want to detect if a product is still using an image, and forbid the deletion while the product is still there. Can an image be referenced by multiple products? Ditto for moving or renaming an image file. Also, showing the image itself in the list (in addition to its name), is fairly complicated coding. Something like Windows Explorer does this, but most control panel file managers are file name only. A better solution would probably be to automatically delete an image when you delete a product, after checking that no other product is still using that image (a reference count?). That's the only way that I could think of that a bunch of zombie images would build up. If you plan to reuse that image for another product, is it even possible to give a name and location for an existing file? Certainly the code would be cleaner to simply delete, and upload again if you want to reuse it. In the meantime, if you have accumulated a bunch of zombie unused images, you would first have to go through the database to confirm that no one is using them, and then delete them through your hosting File Manager. Perhaps automating that process (build list of in-use images, build list of image files, compare, delete unused images) might be a better and easier route. You might also be given a list of image files to be deleted, in case you want to download and preserve them.
  23. You're in for pain, no matter what you do, but over time the least pain will come from upgrading to CE. That part is fairly easy, but replicating additional features you had in your old store could be tough. If you've kept good track of both add-ons installed and custom coding changes, including why you made those changes (what features are added), you can see what's now built-in, what's available through add-ons (which may have to be updated to work with this version), and what needs to be done custom. "Heavily modified" means different things to different people, but if you've kept track of changes, it shouldn't be too bad. If you haven't kept track, prepare for a lot of work comparing old store with new. A hint: even if your store is running fine at the moment, don't let yourself fall more than a year or so behind on releases. When you run a business, you depreciate equipment with the expectation that after some time that equipment will wear out and need to be replaced -- you should do the same with software. Your host upgrades MySQL and PHP, which causes old code to break. Don't wait to start thinking about scheduled updates until it's an emergency and your site is down.
  24. Template system in Existing website

    If you really are interested in separating business logic and presentation code, grafting a template onto an existing osC application isn't really going to do the job. The application needs to be designed from the ground up to do this cleanly and reliably. I don't think even the most recent release ( CE/Edge/Frozen/Final) really does this. You're probably out of luck, or at least, in for a major overhaul of your site.
  25. Orders Not Passing through to Paypal

    Has your host changed anything in the last few days, such as upgrading their PHP version? If so, old osC code like 2.3.3 (quite a few years old now) could easily start to break. Also pay attention to things like TLS version, etc., where PayPal may no longer be accepting older versions.