Al Brookbanks

Please send a support ticket with FTP access. Normally we require technical support access but we need to make sure PayPal is working.

Yes they should be able to help. They know the onboarding process for CubeCart as we work closely with them.

There should be a button to return to your store instead of that link to PayPal. I can follow up with PayPal on Monday if you wish.

There should be a blue button at the end of the process. "Return to CubeCart". You may have to scroll down to see it or hide a PayPal feedback going over it. Don't use the x in the top of the window to close it.

This can happen (I've not seen it for years) when CubeCart caches the URL and path when accessed from incorrect URLs like a hosting temporary URL or alias. I'd suggest three things. 1. Get rid of the "temporary" URLs designed for uses to access your website before the main domain has propagated. 2. Add some code to the htaccess for a permanent redirect from all the URLs you don't want to your main one. It's best to do that by redirecting when the URL doesn't match your desired one. 3. In the includes/global.inc.php file set two values $glob['rootRel'] and $glob['storeURL'] with values like /store/ and https://www.example.com/store respectively.

Excellent. Well done Claudia!!

We are pleased to announce the release of 6.5.6. This version contains an important security patch to prevent SQL injection but also contains a number of new features. Many thanks goes to Tim for disclosing this vulnerability responsibly. Upgrade is strongly recommended as this vulnerability exists in all versions up to and including 6.5.5. All official CubeCart Hosted stores have all been proactively patched at their current version and are not vulnerable to this security issue. What's New? Issue Description #3622 Security: Password reset SQL injection vulnerability & misc. improvements. #3591 Store credit: Allows customers to use a stored amount of credit. Requires skin changes if Foundation skin isn't used. #3620 Elasticsearch: Feature to only index items that are in stock. #3605 Default Gravatar changed to person silhouette. #3603 Customer group discount by category. #3599 Foundation skin to have styles related products on checkout. #3595 Anonymous reviews for unauthenticated customers. Can I patch store manually without upgrading? This can be done by updating one line of code. Open classes/admin.class.php. Find: public function passwordRequest($username, $email) { Replace with: public function passwordRequest($username, $email) { $username = preg_replace('/[^a-z0-9.@_\-\+]/i', '', $username); Download: CubeCart-6.5.6.zip

Hi Bert, I'm working on this for you now. Please can I kindly ask you to not test it during this time.

That's odd. Do you have a lot of product options?

Well done!!

Oh dear!!! Do you have a server admin you can turn to?

This looks like a web hosting php session configuration issue. If you shoe them this error message I have no doubt they can fix it.

In this case make it a standard key instead.. ALTER TABLE `CubeCart_filemanager` ADD KEY(`md5hash`); #EOQ

That can fail. I've seen many stores with duplicate images with different names. So long as the images actually are unique it will work. This opens the debate as to whether duplication should be allowed or not.

There's been a bit of a debate as to whether it needs to be a unique key or normal key. Either will be fine.

Very fugly. I think I the best solution is to downgrade the right text editor.

My development store uses the following but you can use anything. $glob['adminFile'] = 'admin.php'; $glob['adminFolder'] = 'admin';

And it deleted the images! I've never come across that before. Please restore a backup and manually upgrade with FTP.

The only option is to restore a backup. What method did you your to upgrade? Some FTP clients can replace instead of merging files and folders. It sounds like that may have happened.

Drop me an email at [email protected] if you want to explain the customisations in more detail. Thanks Bryan. I hope I can work with you soon. Enjoy your day.

I can look at this via support for sure. The service includes up to an hour per month of development time. If it's just a matter of hiding a few things it's a small quick job.

I saw another merchants with scrip tag problems since the latest update. He has a simple bit of JS like which failed. I think we're going to have to roll back to an older version of CKEditor. This had open and close script tags with a variable declared for the page layout which was then picked up elsewhere to manipulate the page.

This is a known bug which is very complex as it's with 3rd party code. https://github.com/cubecart/v6/issues/3573 For now please delete them replace the includes/ckeditor folder from an older version.

There isn't I'm afraid but these things can always be pulled out the code. I appreciate that makes extra work upgrading.

Thats good news. Can you paste the whole transaction request and response? Make sure you edit any sensitive text. This is probably one for PayPal tech support.