Jump to content
Latest News: (loading..)
Harald Ponce de Leon

osCommerce Online Merchant v2.3.4

Recommended Posts

@@altoid

 

Are you sure that unsecured content come from the stars? Could be something additional. Disable the reviews to make sure it comes from there

 

Hello,  In Admin>Catalog>Review with no reviews in place, secure content is all good

 

Setting up a trial review I see the partial secured warning in reviews.  Viewing page source I have two instances where the stars are not secure, that is (http)

Around line 74:  

<td class="dataTableContent" align="right"><img src="http://www.myshopdomain.com/images/stars_2.gif" border="0" alt="" /></td>

Around line 114

<td class="infoBoxContent">Rating: <img src="http://www.mydomain.com/images/stars_2.gif" border="0" alt="" /></td>

Double checking admin/includes/modules/dashboard/d_reviews.php here is what I have in place after applying the code change starting line 45.

        $output .= '  <tr class="dataTableRow" onmouseover="rowOverEffect(this);" onmouseout="rowOutEffect(this);">' .
                   '    <td class="dataTableContent"><a href="' . tep_href_link(FILENAME_REVIEWS, 'rID=' . (int)$reviews['reviews_id'] . '&action=edit') . '">' . $reviews['products_name'] . '</a></td>' .
                   '    <td class="dataTableContent">' . tep_date_short($reviews['date_added']) . '</td>' .
                   '    <td class="dataTableContent">' . tep_output_string_protected($reviews['customers_name']) . '</td>' .
                   '    <td class="dataTableContent">' . tep_image(tep_catalog_href_link(DIR_WS_IMAGES . 'stars_' . $reviews['reviews_rating'] . '.gif', '', 'SSL')) . '</td>' .
                   '    <td class="dataTableContent">' . $status_icon . '</td>' .
                   '  </tr>';

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

The changes I posted refer to the admin dashboard module, not to admin/reviews.php that you are looking at when going to admin>catalog>reviews

 

It looks like admin/reviews.php has the same issues, will take a look at it later on

Share this post


Link to post
Share on other sites

The changes I posted refer to the admin dashboard module, not to admin/reviews.php that you are looking at when going to admin>catalog>reviews

 

It looks like admin/reviews.php has the same issues, will take a look at it later on

 

OK, confirming that when viewing the dashboard page, the page is entirely secure even with a test review showing with stars.  Drilling down to the review page itself gives the partial insecure issue.

 

Thanks


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

@@multimixer

 

Made these changes in admin/reviews.php and the insecure content issue is gone.

 

Change from:

                <td class="dataTableContent" align="right"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'stars_' . $reviews['reviews_rating'] . '.gif'); ?></td>

to:

                <td class="dataTableContent" align="right"><?php echo tep_image(tep_catalog_href_link(DIR_WS_IMAGES . 'stars_' . $reviews['reviews_rating'] . '.gif', '', 'SSL')); ?></td>

and

 

Change from:

        $contents[] = array('text' => TEXT_INFO_REVIEW_RATING . ' ' . tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'stars_' . $rInfo->reviews_rating . '.gif'));

to:

        $contents[] = array('text' => TEXT_INFO_REVIEW_RATING . ' ' . tep_image(tep_catalog_href_link(DIR_WS_IMAGES . 'stars_' . $rInfo->reviews_rating . '.gif', '', 'SSL')));

But I'd appreciate a professional opinion.


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Maybe this should be posted in another thread, not sure so here goes.

 

I am using the reviews.php from the header tags reloaded add on.  Looks like there are a couple more insecure content issues when previewing both a review and a testimonial.  I believe the lines causing this are:

            <td class="main" align="right" valign="top"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $rInfo->products_image, $rInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'hspace="5" vspace="5"'); ?></td>

and

           <td class="main" align="right" valign="top"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $rInfo->products_image, $rInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'hspace="5" vspace="5"'); ?></td>
Edited by altoid

I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

Hello

Help me please

Install osc v2.3.4 ok finish, This page catalog or index ok work thai and english,

But admin pag english very good, this  thai no good.

 

 

I use appserv >>>appserv-win32-2.4.9  & change new version is appserv-win32-2.5.10, is also an old hand

Because i cannot use thailanguage in admin, English login ok work , because thai no good

please you tell me. i have sample. i no understand

 

 

Warning: cfg_modules::include(includes/languages/thai/modules/cfg_modules/cfgm_action_recorder.php) [cfg-modules.include]: failed to open stream: No such file or directory in C:\AppServ\www\os234\spc221\includes\classes\cfg_modules.php on line 28

Warning: cfg_modules::include() [function.include]: Failed opening 'includes/languages/thai/modules/cfg_modules/cfgm_action_recorder.php' for inclusion (include_path='.;C:\php5\pear') in C:\AppServ\www\os234\spc221\includes\classes\cfg_modules.php on line 28

Warning: cfg_modules::include(includes/languages/thai/modules/cfg_modules/cfgm_boxes.php) [cfg-modules.include]: failed to open stream: No such file or directory in C:\AppServ\www\os234\spc221\includes\classes\cfg_modules.php on line 28

Warning: cfg_modules::include() [function.include]: Failed opening 'includes/languages/thai/modules/cfg_modules/cfgm_boxes.php' for inclusion (include_path='.;C:\php5\pear') in C:\AppServ\www\os234\spc221\includes\classes\cfg_modules.php on line 28

Edited by spc221

Share this post


Link to post
Share on other sites

Hi Somporn,

 

I have a working Thai language pack for 2.3.4 bootstrap should be ok for normal 2.3.4 

 

I will download and send a link in 20  minutes now maybe not perfect but is better than what you have some things may still need translated

 

Regards

sakabua

 

Joli


To improve is to change; to be perfect is to change often.

 

Share this post


Link to post
Share on other sites

Hello there

Since I have updated to version 2.3.3.4 always when I add a picture to the shop in the admin part (I am using FCKeditor), the permission is 777. When I try to change to 755 or other, I get the error message: Unable to execute site command chmod .....

 

What I am doing wrong?

THank you for helping

Share this post


Link to post
Share on other sites

I am using Core FTP lite. And since I done the upgrade in oscommerce, it is no more possible to change the permissions in this Core FTP program. What I am doing wrong?

 

 

Thank you 

Share this post


Link to post
Share on other sites

Hello Everyone

 

Please help me again

 

I want to show box paypal logo. of me not' show how to setup

 

thank you very much help me

Share this post


Link to post
Share on other sites

@@spc221

 

Assuming you are using PayPal in your shop then

 

admin>modules>boxes>install module

 

Look for card acceptance module


I am not a professional webmaster or PHP coder by background or training but I will try to help as best I can.

I remember what it was like when I first started with osC. It can be overwhelming.

However, I strongly recommend considering hiring a professional for extensive site modifications, site cleaning, etc.

There are several good pros here on osCommerce. Look around, you'll figure out who they are.

Share this post


Link to post
Share on other sites

I think you mean  you want  a full width shop best is to go with the new bootstrap version of oscommerce .as it is always full width

 

The standard oscommerce is 960px wide

 

http://www.oscommerce.com/Products

 

but the very latest oscommerce bootstrap is fully responsive for computer / tablets / phone etc.. this will always be full width

 

demo :  http://template.me.uk/2334bs3/

 

download  Zip

 

https://github.com/gburton/osCommerce-234-bootstrap

 

Regards

Joli


To improve is to change; to be perfect is to change often.

 

Share this post


Link to post
Share on other sites

Ok good you say me,

 

https://github.com/g...e-234-bootstrap

 

because disturb i want to use show footer.php and header in web pag.

 

i put counter.php file and data table This show >>>

 

1146 - Table 'e234.table_counter' doesn't exist

select startdate, counter from TABLE_COUNTER

[TEP STOP]

 

==============

Table counter

-- phpMyAdmin SQL Dump
-- version 2.10.3
-- 
-- โฮสต์: localhost
-- เวลาในการสร้าง: 
-- รุ่นของเซิร์ฟเวอร์: 5.0.51
-- รุ่นของ PHP: 5.2.6
 
SET SQL_MODE="NO_AUTO_VALUE_ON_ZERO";
 
-- 
-- ฐานข้อมูล: `os234`
-- 
 
-- --------------------------------------------------------
 
-- 
-- โครงสร้างตาราง `counter`
-- 
 
CREATE TABLE `counter` (
  `startdate` char(8) collate utf8_unicode_ci default NULL,
  `counter` int(12) default NULL
) ENGINE=MyISAM DEFAULT CHARSET=utf8 COLLATE=utf8_unicode_ci;
 
-- 
-- dump ตาราง `counter`
-- 
 
INSERT INTO `counter` VALUES ('20141201', 680);
 

How to repair.

thank you 

Edited by spc221

Share this post


Link to post
Share on other sites

I am using Core FTP lite. And since I done the upgrade in oscommerce, it is no more possible to change the permissions in this Core FTP program. What I am doing wrong?

It's quite possible that your host did a security upgrade recently, and no longer permits FTP clients to change permissions. In that case, you need to use your hosting control panel to change permissions.

 

By the way, no good hosting service permits 777 permissions ("world writable"). osC ought to be fixed to use 755 permissions from the start.


If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get (stable) Frozen or (unstable) Edge. See also the naming convention and the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites

1146 - Table 'e234.table_counter' doesn't exist

select startdate, counter from TABLE_COUNTER

It sounds like the macro name is not defined for TABLE_COUNTER. Did you somehow remove this "define" from database_tables.php?

 

 

CREATE TABLE `counter` (

It's trying to create a table named COUNTER, not TABLE_COUNTER.

 

By the way, this thread is NOT the right place to report problems and ask questions. It is for news and announcements regarding osC 2.3.4. Please open new threads in the appropriate support area.

Edited by MrPhil

If you are running the "official" osC 2.3.4 or 2.3.4.1 download, your installation is obsolete! Get (stable) Frozen or (unstable) Edge. See also the naming convention and the latest community-supported responsive "Edge" release

Share this post


Link to post
Share on other sites

@@raiwa, you will have to update your add-on to support the fixed behaviour of $PHP_SELF. Modules taking advantage of the new Content Modules implementation may call pages from the ext/ directory which is why $PHP_SELF was fixed to be compatible with pages being called from subdirectories.

 

New behaviour:

 

account.php

ext/modules/content/account/set_password.php

 

Old behaviour with basename():

 

account.php

set_password.php (broken link due to basename()).

 

Hope that helps,

 

Hello,

 

I have a question that possible is very simple but ...

 

Why is better use $PHP_SELF instead of basename($_SERVER['PHP_SELF']) ?

 

Thank you!

Share this post


Link to post
Share on other sites

Hello, First I wish to say that, I am in NO WAY a computer wiz. I have very basic skills. I am creating a website for my artwork to sell. I need an online shop that the host I am using can not provide. They sent me here. I downloaded the Online Merchant 2.3.4 and it downloaded into a zip file on my computer but that's it. Your web site wouldn't move to the next step and now I have a file just sitting here and I have no idea what to do or how to do it.

I came here and got into the Live Chat and started speaking with "XXXXX" or maybe "XXXXX" and pretty much told him exactly what I just typed here. He left the room. Again, I am NOT a computer wiz but that was pretty rude and disrespectful of him. I'm trying my best to figure this out and needed someone's help and he walked away. Now I have no idea what to do.

Edited by wHiTeHaT
No need to mention names.

Share this post


Link to post
Share on other sites

@@JosephIsaac  First, don't assume that the person in the chat was being rude. He may have lost his internet connection or had to respond to some local emergency. We do our best, but everyone here is an unpaid volunteer. Cultivate patience.

 

Now unpack that Zip file you downloaded. There is a file named documentation.pdf in the docs folder in that package. Open that PDF and read the first chapter.

 

Basically, you need a web server to run osCommerce, and probably also a domain name. You can rent both of those from multiple providers. If you want to ask more questions, please post a new thread in the Installation forum, so we don't clutter up this announcement thread.

 

Regards

Jim


See my profile for a list of my addons and ways to get support.

Share this post


Link to post
Share on other sites
 

Thanks team! I love there!

----------------------------------------------------------------------------

Edited by landev

Share this post


Link to post
Share on other sites

@@prince11 In the future you might want to post to the General Forums area referencing the version of osC that you need help with.   I doubt that many regulars on here would notice your post in this area.

 

As for your question...have a look at the Easy Populate addon.

 

Dan

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×