Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


keat last won the day on October 12 2019

keat had the most liked content!

Community Reputation

23 Excellent


Profile Information

  • Gender
  • Location
    Leeds UK

Recent Profile Visitors

7,614 profile views
  1. On the admin side, when I mark an item in or out of stock, and save changes the cart randomly removes the Product_Code, whereby the cart then allocates a randomly generated one. It's doesn't appear to be every time, maybe 8 out 10. The change only seems to come about after the page refresh, so I can change the stock level, check the stock level check box, nothing changes on the product code. However, when I save and the screen refreshes, it happens at this point. Any ideas ? V6.2.6
  2. It was the IP address relating to PayPal which had me concerened. All sorts of stuff crossed my mind, was someone IP spoofing maybe, etc etc etc. So I called PayPal, they confirmed that they had indeed placed a test order to see how our gateway worked, and that i should expect a call from someone trying to up sell in a few days time. I tore a little strip off the girl, saying that they should have atleast left some form of note. All sorts of alarm bells were ringing.
  3. I received a bit of a strange order last night. It was someone obviously testing as they used names like test, test and email address [email protected] You get the picture. They added an item to the cart and then chose the SecPay (Pay360 Gateway) Nothing overly strange in all that I guess, just some one potentially having a play, However, the IP address relates to PayPal - Now i'm a little concerned, what just happend ????
  4. A while back BSmither gave me a piece of code where the latest products would rotate, but for the life of me I can't find my notes, I can't find it on the forum, and I can't locate which file it's in. Any thoughts on where I might start looking. I found it in cubecart.class.
  5. What version are your running. I found this, which relates to custom_oid missing, not sure if it's related. https://forums.cubecart.com/topic/53991-database-error-message-in-admin/https://forums.cubecart.com/topic/53991-database-error-message-in-admin/
  6. How did you get on with your WAF ? I use CSF firewall, along with OWASP and Comodo Mod security, and was still seeing these. Not seen any for a month though now, maybe they went away :-)
  7. I raised this maybe 2 years ago. There is something not quite right with gift cards. I don't recall exactly what, but something along the lines that the person buying the gift card is charged VAT, and then the customer spending the gift card is also charged VAT. Or maybe the customer buys a gift card, is charged VAT, and the spending value is now reduced. eg: £20 gift voucher bought, but the spending value is reduced to £16.00 due to the vat portion. The recipient, comes to spend his £16.00 and is charged VAT on top. Like I say, I don't recall exactly what the problem was, but it was enough for me to not bother implimenting it. It needs some experimentation and looking at.
  8. keat

    PHP functions

    As far as I'm aware, this has to be done at server level using php ini editor, and adding the line ' disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open ' Whether or not one can do this at a user level, I'm not sure. ?? As for creating dangerous functions. I guess when PHP was being developed, these functions were not considered dangerous, but over the years, as software develops, and hackers learn of work arounds and vulnerabilities, software becomes less safe. Windows 7 a prime example. Incidentally, these functions are not CubeCart functions, these are PHP server software functions. I disabled these in my PHP. ini, and up to press I've seen no problems with functionality.
  9. Security advisor on my server suggests: You should consider disabling commonly abused php functions, e.g.: disable_functions = show_source, system, shell_exec, passthru, exec, popen, proc_open Some client web scripts may break with some of these functions disabled, so you may have to remove them from this list: Are all these safe to remove as far as Cubecart V6 goes.
  10. I've see this, but I can't find any reference on the forum. I seem to think it might have been related to: Store Settings > Features > Force Order Completed Emails. An email is sent intitally when the status changes to pending or processing (which ever you have selected), And then another is sent when the status changes to complete.
  11. I added an item to my basket, clicked on the cart icon (top right), this took me to the create a profile page. I didn't progress beyond this point, but didn't see any issues. Samsung Galaxy S9
  12. I saw a similar message on the Cpanel forum thats all. I had a recent issue with a PHP setting 'allow_url_fopen', which was disabled in PHP, this stopped me opening URL's In the left hand column on the admin side, go to PHP info at the bottom When the PHP info appears, just check allow_url_fopen is switched on. It's a long shot, but worth a look. If this is disabled, you might need to ask your server people to enable in in PHP.ini
  13. A long shot, but did you post a message on the Cpanel forum ??
  14. May I ask why PayPal isn't an option. ? I use PayPal without any issues. I also use SecPay (now Pay360) which is faultless. But you would rneed a merchant Id for Pay 360 (so a few hoops to jump through)
  15. @wkd Just bear in mind what I mentioned 6 posts up. If a customer had his caps lock on, and his first and second name ended in the same letter, then he's going to get caught by BSmithers trap. From my point of view It's not often that a customer will leave his caps lock on, and what's the odds that if he did, that he might just have the same end letter in both his first and second name? However, if we lost a customer, and he was about to spend £500 (or above), then this would be more annoying than the bot. Maybe we should collectively try to find another pattern ?
  • Create New...