Jump to content
Latest News: (loading..)


  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by MrPhil

  1. MrPhil

    Please Review my Website

    Site is up, but there are some errors listed. By the way, is this osCommerce? I looked through the source listing, and I didn't see anything familiar looking. If it's not osC, it should be removed from this forum immediately.
  2. MrPhil

    Offsite Product linking?

    Please use "code" tags (or click on <> and enter your code there) so that everything doesn't get run together: Find function display_price($products_price, $products_tax, $quantity = 1) { return $this->format($this->calculate_price($products_price, $products_tax, $quantity)); } Replace with function display_price($products_price, $products_tax, $quantity = 1) { if ($products_price > 0.01) { return $this->format($this->calculate_price($products_price, $products_tax, $quantity)); } else { return 'Buy on Amazon'; } } (you were missing a }, by the way). Even better than just returning a string "Buy on Amazon", make that a link, something like return '<a href="https://amazon.com/......">' . $txt['buyOnAmazon'] . '</a>'; where you have defined a "Buy on Amazon" language string, in case you're handling more than just English. Of course, keep in mind that the link to Amazon has to be manually maintained and kept updated if it changes or goes away. I think there are some add-ons for linking to Amazon that handle this stuff for you -- you might want to check them out and see if they do the job.
  3. MrPhil

    Video questions 2.3.4BS Gold

    How are you editing this "snippet"? Are you saying that you can successfully add it via CKeditor, but if you edit it via CKeditor, it immediately vanishes? That sounds like a bug in CKeditor if it's losing pure HTML content. Does it not immediately vanish when you save your edit, but disappear some time later? Are you able to add it back in with the CKeditor? You might want to browse the product data table in phpMyAdmin (or equivalent) to see if the HTML "snippet" truly vanished, or is still hiding in there somewhere. If you want to autoplay a video, please be considerate of your customers. At least mute the sound so that their co-workers don't get irritated by it.
  4. MrPhil

    OsCommerce OSC Taxes Tax App Build 2.3.4(.1)

    OK, so what is this about? These are two fairly old add-ons. What's your point? Craig, please understand that this is not Twitter. Things work much better if you consolidate your material into one topic (thread) rather than beginning a new topic for every thought.
  5. MrPhil

    osCommerce V2.3.4.1 Japanese

    It is unfortunate if you based your work on the official release, as it is totally obsolete. You may want to port your work over to "Frozen", or even "Edge". If all it is a Japanese language file add-on, that should not be much work. If you went and added new function, that's more work. Please respect the osCommerce license and the hard work of many people, even if you are not selling it, and consider making an add-on package that can be distributed from this site (rather than being off on some separate site). Google Translate: あなたが2.3.4.1の公式リリースに基づいていれば、それはまったく時代遅れなので残念です。 "Frozen"または "Edge"に作業を移植することができます。 すべてが日本語のファイルのアドオンであれば、それほど大きな作業ではありません。 あなたが行って新しい機能を追加した場合、それはより多くの作業です。 osCommerceライセンスと多くの人々の努力を尊重してください。たとえそれを販売していなくても、(別のサイトではなく)このサイトから配布できるアドオンパッケージを作成することを検討してください。 Anata ga 2. 3. 4. 1 No kōshiki rirīsu ni motodzuite ireba, sore wa mattaku jidaiokurenanode zan'nendesu. 2. 3. 4. 1 BS" furōzun" matawa" Edge" ni sagyō o ishoku suru koto ga dekimasu. Subete ga nihongo no fairu no adōndeareba, sorehodo ōkina sagyōde wa arimasen. Anata ga okonatte atarashī kinō o tsuika shita baai, soreha yori ōku no sagyōdesu. OsCommerce raisensu to ōku no hitobito no doryoku o sonchō shite kudasai. Tatoe sore o hanbai shite inakute mo,(-betsu no saitode wanaku) kono saito kara haifu dekiru adoonpakkēji o sakusei suru koto o kentō shite kudasai.
  6. MrPhil

    APACHE AH01797 error message

    I doubt that "Options -Indexes" would cause the reported symptoms. All it does is keep visitors from browsing that directory by forbidding the automatic creation of an "index" file (which lists and links to all the files in the directory) if none exists. It could cause a 500 error if your host has banned the "Options" command. Is one logged anywhere? Otherwise, I don't think that reading or writing a file in a directory would cause .htaccess to be run, but it's always possible. Yes you are. You're on the Internet, so we know.
  7. MrPhil

    APACHE AH01797 error message

    "client denied by server configuration" can be caused by an IP block, but possibly there are other causes. The first thing is to check your .htaccess file(s) for an IP deny list, and make sure you didn't get swept up in it by accident. That's unlikely, if some accesses still get through. Then check your .htaccess file(s) for anything blocking on certain URL Query Strings that might be showing up (e.g., "edit" in the QS). Maybe your host slipped in something there without your realizing it. If that doesn't do the job, you'll have to talk with your host to see if they're blocking something upstream from you. Many hosts will IP block a visitor (upstream from your .htaccess) if an IP address is repeatedly connecting very frequently, or using a lot of time on each access. Maybe you tripped something doing bulk picture-loading page accesses. In that case, explain to your host and ask to be removed from the block list. Then be careful about spacing out your site accesses so as not to trip it again.
  8. Being in the US, I'm not (yet) affected by this sort of thing, but it brings up an interesting point. I'm seeing more and more validation schemes and security measures being pushed on me that require a cell or smart phone (some sort of texting or SMS involved, I guess). I live in the wilds of upstate New York, and the nearest reliable cell signal is about 3 miles (5 km) down the road. I'd love to ditch my landline and just have a smart phone, but short of nationalizing telecom in order to get 100% coverage, it will probably be a while before I get service. Why can't they just have an alternate method where you can dial in and use a touchtone keypad to enter a code? Is anyone out there still actually using a rotary dial phone? Until a couple decades ago there were still some small independent phone companies in the US where you cranked the handle and asked the operator to connect you! Really.
  9. oscommerce.com registration expires this Monday, according to whois. grab your downloads, etc. while you can!

    1. Show previous comments  2 more
    2. ArtcoInc
    3. MrPhil


      Let's see how long it takes the whois I use to update its status. It's probably not instantaneous. Anyway, a relief that it got done.

    4. Dan Cole

      Dan Cole

      Looks like it was renewed for another year.


  10. Anything in this thread which is an enhancement request or an Edge-only bug should be moved to a different thread, or at least clearly listed here as such. Only genuine bugs in Frozen should be here, so that someone could get the Frozen release, manually fix the listed bugs, and not get tangled up in Gary's ongoing Edge work (e.g., Bootstrap v4). Enhancements should be kept out of the Frozen bug list, and leave them for Gary to put into Edge (as he wishes). Wasn't that the original intent of this thread? Maybe Gary will decide at some point to release an updated Frozen, or more likely, a new milestone for Edge ("Slushy") that incorporates all the Frozen bug fixes, plus some enhancements. In case anyone's still using Gold, bug fixes might indicate if they were for Gold only but already fixed in Frozen. Someone is going to have to decide what to do about support for older releases (Gold, Frozen [eventually]), and whether to force people to move to a recent release. Considering that some stores are still running on MS2, it's clear that some store owners are very resistant to upgrading. I don't think I would want to use pre-made patches for Frozen (say, in GitHub) that had not been inspected and approved by Gary, and that is placing even more of a burden on him. I think fixes should simply be listed here and it's the responsibility of whoever is applying them to decide that they are good. Maybe the report of a fix, supporting commentary and discussion (including fixes to the fix) could be consolidated somewhere, perhaps on GitHub?
  11. MrPhil

    Paypal why this error now?

    Cyber Week and the Christmas rush... what better time to disable someone's site? Lesson learned: keep on top of domain registration, hosting, SSL cert, payment system certs, etc. expirations and put them on your calendar to take care of before they bring down your site!
  12. I just get a little peeved at people who should know better, but don't trim out the noise surrounding/after the real bug. It's OK to mention that there were "a bunch of 'Headers already sent' messages", but to clog up the forum with unnecessary cut and paste is annoying to have to read through. Also, one copy of a real bug line with "this was repeated many times" is much better than cut & paste 500 lines of repetitions like some neophytes do. Grrr. I need another cuppa joe.
  13. Lots of things could have gone wrong. Did you move to a different server and not update your .htaccess file's redirections and rewrites, especially if file paths (directories) changed? Did someone update .htaccess and botch the job ?
  14. MrPhil

    Landing site elimination

    Also commonly RewriteEngine on RewriteCond %{REQUEST_URI} !^/catalog_ontarget RewriteRule ^(.*)$ /catalog_ontarget/$1 [L] This assumes that your store is configured to have /catalog_ontarget in all its links. Only outside visitors who don't explicitly type in the full link get their URL modified. Note that this is not a 301 (permanent) redirect, but you could add that if you want.
  15. First of all, don't worry about the "headers already sent" messages. Fix the underlying cause ("failed to decode session object") and those will go away. In your code, what's at /includes/functions/sessions.php line 97? Something at or near that line is outputting to the browser well before any HTML is expected. It could be an error message, an extra space or Byte Order Marker (especially at the beginning or end of the code), some hacker code, whatever. If it's an error message, you may be able to see it if you look at the HTML page source in the browser (usually Ctrl+U). Possibly your server is sagging under the load and it's pumping out error messages, which, coming before all the headers have been sent, are causing a cascade of problems.
  16. Is the mobile phone connection "direct" to the host, and not going through the normal Internet routing? That's the only way I can think of that you could get past the lack of SSL. If not (you are using a web browser), maybe you tried it after SSL was restored. If you can't get to it using your browsers, have you cleared your browser cache? Hitting F5 or Ctrl+F5 per page may also do the trick for you, if SSL has already been restored.
  17. MrPhil

    Rewrite Rules htaccess combining 2 redirects

    RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ These are ANDed into the chain of RewriteCond's. Note the ! at the beginning of the regex pattern, which means that if the requested URI (the part after the domain, and before any Query String) does match, the RewriteRule will not be executed. The first one is looking for one or more digits followed by a period followed by one or more other characters, and ending with .cpaneldcv. If the URI matches that, the rewrite will not be done. The second one is looking for a URI of .well-known/pki-validation/ followed by 32 hex digits (I presume a key unique to your site) followed by .txt, and possibly ending with a space Comodo space DCV. Again, if a match, the rewrite is not done. What these things actually do, I have no idea, except that an incoming URI matching either prevents your rewrites from doing anything -- presumably the URL goes unaltered to some special place (these are real addresses on your server) and does some sort of magic there. Maybe that "empty file" you mentioned is some sort of "proof of purchase" or something. Just leave it alone. My point about sometimes being able to remove them is that if you are (among other things) testing for a specific URI (%{REQUEST_URI}) before doing a rewrite, neither of those patterns should match, both RewriteCond's should therefore be true (!false), and they're essentially no-ops. Concerning the three rewrites you have there, the first one is to remove any explicit index.php, the second one rewrites if not https and is not a FaceBook hit agent, and the third one rewrites if the domain is not the desired www. Do you know what this FB agent thing is supposed to do, and why it appears in only one rewrite? It appears that it would prevent http from being redirected to https (the second rewrite), if it's not /index.php or site.com.au. If it weren't for the FB agent check, you could combine the second and third rewrites: RewriteCond %{HTTPS} !on [OR] RewriteCond %{HTTP_HOST} !^www\. [NC] RewriteCond %{REQUEST_URI} !^/[0-9]+\..+\.cpaneldcv$ RewriteCond %{REQUEST_URI} !^/\.well-known/pki-validation/[A-F0-9]{32}\.txt(?:\ Comodo\ DCV)?$ RewriteRule ^(.*)$ https://www.site.com.au/$1 [R=301,L] If it's working OK, perhaps the best thing is to leave it alone.
  18. MrPhil

    Rewrite Rules htaccess combining 2 redirects

    In my experience with AutoSSL, the ".cpaneldcv" and "pki-validation" lines may be safely removed if you can guarantee that for that Rewrite section, they will never be triggered (i.e., the REQUEST_URI does NOT match either). Generally this means that you are testing for a specific REQUEST_URI yourself, so both will always be "true" (i.e., not matching those patterns). If in doubt, leave them in -- they're harmless except they eat a few more CPU cycles. As for http::// www.domain.com.au failing to redirect to https, obviously it's because you removed the %{HTTPS} check. Try the following to do a rewrite if non-www and/or http: RewriteCond %{HTTPS} !on [OR] RewriteCond %{HTTP_HOST} !^www\. [NC] That would have to come at the top of a RewriteRule's section, as there is no precedence (hierarchy) between OR and the default AND flags. You can put the .cpaneldcv and pki-validation lines after those. So long as you are careful to fully redirect to both https and www in each section, you should not have a problem with multiple 301 redirects angering the SEO gods. People get into trouble when they have something like "301 redirect non-www to http://www" and then "301 redirect http to https". That creates two 301's.
  19. MrPhil

    Digital education

    Your request is unclear. It sounds like you want to sell some sort of software ("digital education products"). Yes, osCommerce can handle that. Then you mention "dedicated hardware, to assist the same". What do you mean by that? Are you also selling hardware (again, osC can do that), or are you talking about the web server (a "dedicated" server)? If the latter, why don't you start out on a shared hosting server, and trade up as your activity grows? Eventually, as you become large enough and busy enough, you'll outgrow a shared server and even a VPS, and have to go to either a dedicated or the Cloud. We can't help you with that part, although osC will run on any of these platforms.
  20. MrPhil

    Frozen: tep_draw_button problem

    The problem is that $params was apparently not designated as an array, but is a scalar (such as a string). Older PHP versions would simply promote $params to an array (or do something similar) and do the array assignment. If $params is locally created, check that it uses array(). If it's passed in from elsewhere, you will need to figure out why it is a scalar and not an array. The error message says "illegal string offset", which leads me to believe that $params is a scalar string.
  21. MrPhil

    Consolidated site on "Theme's"

    The subject of "themes" in osC has always been a messy one. Most commercial sellers of "themes" are selling far more than just a "skin" -- they often have a lot of code or even a complete installation (often obsolete). Ideally a "theme" would just be a skin, just a thin presentation layer with CSS and JS, but usually it's a lot more than that. This is partly the fault of the osC architecture (it's not clean MVC), and partly the need to modify base code to get new features (rather than plugging in a module). The bottom line is that I would not expect to see a separate site or subdomain or division of this forum handling just osC themes, even free ones. It would cover just too much ground.
  22. MrPhil

    Edit Opening Page of Shopping Cart

    Malcolm's suggestion to move to the latest osC is good, but may be too late for your client if they're already up and running on the new store. If they are determined to move to another platform, that's their business. In that case, only a stub of osC will remain, and it's even possible to eliminate that with your own custom-written catalog/index.php file. What your client needs to think about is what's going to happen to all those incoming links (search engine entries, personal bookmarks) to their old store, and how they map to the new store. You don't want customers coming into the old store and getting 404 errors -- that's not good. Even if they're brought to the front door of the new store, if they have to start over finding a product (lost the link to product on the old store), that's a big loss. Someone needs to think about getting links transferred to the new store. There might have been a large degree of compatibility if they had stayed with osC...
  23. There is no need to worry about any state where you do not have a nexus (i.e., stay under the old rules). Just ignore other states, as they have no mechanism to enforce tax collection. Once they have implemented a streamlined system as I outlined in my previous post (and restated below), it will be painless to comply and I will be happy to do so. Until then, trying to comply with 45 or so states' sales tax rules is absurd and I won't do it. Write to your congresscritters (both representative and senators) and urge such a system to be adopted: A unified nationwide set of tax classes, so merchants only have to figure out what class a product or service falls under, once. Lookup tables published by states, organized by state and ZIP Code, with a single rate for each tax class. Leave it to each state to break down remittances into state, county, city, special district, etc. amounts. These should be CSV format that can easily be read into a database. Central clearinghouses must be authorized to distribute these tax tables so merchants have a central point to get their information and be notified of updates. A single point of remittance for any given merchant: one form, one CSV list of collected taxes per state/ZIP/class, one payment authorization. This might be a federal agency, several private agencies, or each state's tax agency. Remittance frequency would be annually for small firms up to weekly for the very largest businesses. There will be no exemptions for any business, no matter its size -- the idea is to make it so painless and simple that no one will be burdened, and reporting can be fully automated.
  24. Take a look at https://stackoverflow.com/questions/11539981/htaccess-301-redirect-rule-to-remove-part-of-a-query-string-from-urls-but-leave, before it does any SEO stuff like rewriting to dynamic URL format. It tells how to remove a single term=value entry from your URL Query String (which could end up being the entire thing, including the "?").
  25. MrPhil

    PCI Report Shows Issues

    I don't know if nginx uses .htaccess. It's yet another server (technically, Apache is your server, not Linux, which is the operating system of the server machine -- yes, "server" is ambiguous). Apache runs on a variety of operating systems, including Windows, Mac, and Linux, and maybe others.