Jump to content


  • Content Count

  • Joined

  • Last visited

Community Reputation

7 Neutral

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Yeah, yeah, I know - upgrade to version 6. It's harder than it looks. I'm working on it, really I am, but I tuned up a few things, did a bit of tweaking, and moving this all to V6 is taking more time than I want to tell the wife about. Anyway, back in 2018 ReCaptcha V1 was switched off, so I disabled it. For 12 months, everything was sweet. Recently, some prick in Minsk (a rouble's throw from Pinsk) has discovered that he (almost certainly) can create users with mangled address details (title = REG, town = MINSK) and what looks like a real email address, so my store sends some poor devil an unexpected "Welcome to the family" email. Solution is to replace the now non-operationalReCaptcha V1 with one of the V2 options. Does anyone have a recipe for this?
  2. BSmither, The eWay gateway is one of those “you harvest the data then send it to us as a service call” jobbies. That opens up a whole can’o’worms. Add to this my custom developments, and I get a questionnaire that is about 500 questions long. I was going to shut the direct CC interface down and let Paypal do it all, but after the mandatory cooling-off period, I’ve decided to do the manly thing and treat it as a hobby. I think it would be useful to create a resource for small CC installations like mine that collects draft documents that attempt to meet the requirements by stating manageable policies.
  3. I use eWay to process card payments. They recently signed all their customers up to Trustkeeper, allegedly to help us all become PCI-DSS compliant, although some cynics say it was a shameless grab for $150 per customer since it was delivered on an opt-out basis right at peak tax return time so most people would have assumed it was junk mail and not read it. I only discovered I was enlisted when I was reconciling my bank account and found a $149 payment that I was not expecting. Anyway, for $149 I found out that PCI-DSS exists which is a benefit in itself. I started going through the audit questionnaire. It includes questions like “Does your organisation adhere to modern development practices?” Well, yeah, I use Coda rather than vi, if that is what you mean. No punch cards... It is not at all what they mean, I suspect, but they don’t actually say what they do mean. There is a whole section on firewalls. These, of course are provided by my hosting service. I opened a ticket asking if they are PCI-DSS compliant. Got an answer that said yes. Added some other questions to the ticket and a different guy (they are all guys - well, boys probably) answers and says “well, ac-tuallee, **cough**, your plan is so old (I installed CC 4.3.4 in 2009) that it is -not- PCI-DSS compliant” well, who even knew it was optional? These are just examples - I am going to fail compliance immediately because I am still running CC 4.3.4, so my personal problems are huge... What I want to do is start an ongoing discussion about the need for compliance in the first place, the meaning of the questions, and ways of achieving compliance for small store operators and CC software developers. Doesn’t that sound almost as much fun as discussing tax returns? So - do you think you are compliant? If not, why not and do you know what you can do to fix it?
  4. Just stumbled across you response - thank you for taking the time, Noodles. The largish table of options is about 20 rows - probably a couple of hundred bytes in the global area. I appreciate your comments about putting the data into a database table, and that may well be what I finally choose to do, if only because I can maintain the data with PhpMyAdmin. I was exploring the possibilities with the global area and my main interest in the posting above was to determine why it does not work. It may be that the code was never finished and this aspect of it actually does not work, but it is more likely that I missed a nuance (or an explicit and obvious instruction somewhere, which is quite likely.)
  5. I am building an own-use module that offers a choice from a largish table of options that may change over time. It makes sense to: Initialise this table during module installation Offer a maintenance dialog to add new options down the track The benefit of initialisation is that all sandpit, development, test and production systems will have the same initial set of data; I won't have to initialise it manually; Eliminates opportunities for error when setting up a new system I studiously cribbed the example provided by SWFS Product Dimensions - viz: if(!$module_config = $GLOBALS['config']->get('sfws_product_dimensions')) { $module_config = array ( 'dimensions_unit' => 'cm', 'display_length' => true, 'display_width' => true, 'display_height' => true, 'display_package_count' => true, 'product_page_tab' => true, 'product_page_specifications' => true, 'product_page_other' => false, 'status' => true ); $GLOBALS['config']->set('sfws_product_dimensions','', $module_config); $record = array ( 'module' => 'plugins', 'folder' => 'SFWS_Product_Dimensions', 'status' => '1', ); $GLOBALS['db']->insert('CubeCart_modules', $record); $GLOBALS['main']->setACPNotify("The 'Product Dimensions CC6 Plugin' configuration has been installed."); $redirect_status = 1; } To initialize the table, I cooked up this monster: if(!$module_config = $GLOBALS['config']->get('testModule')) { $module_config = array ( 'products' => array ( array ( 'id' => 1, 'active' => true, 'colour' => 'Red', 'flavour' => 'Chilli, avocado and broccoli', 'priority' => 1 ), array ( 'id' => 2, 'active' => true, 'colour' => 'Grey', 'flavour' => 'Pineapple, turnip and liver', 'priority' => 2 ) ) ); $GLOBALS['config']->set('testModule','', $module_config); } if ($redirect_status == '1') { httpredir(currentPage()); } $module = new Module(__FILE__, $_GET['module'], 'admin/index.php', true); $page_content = $module->display(); The module class should deliver an array named MODULE_DINNER to the Smarty template, but it never arrives. If I remove the bang from the if statement to get if ( $module_config = $GLOBALS['config']->get('testModule') ) then the table is displayed when I enter the form (for example by clicking the module name in the breadcrumb trail at the top of the page) but it is not when I click Save. I believe the template is working perfectly because it displays correctly when MODULE_DINNER is available, so the problem is in the logic of the PHP module. Refining the code above to: if($module_config = $GLOBALS['config']->get('testModule') && !isset($module_config['products])) { $module_config['products'] = array ( array ( 'id' => 1, provides an amusing variation on the existing disfunction, but makes no real difference. The theory of what is happening above is that the module config is initialised before the module class is instantiated. Therefore the module reads the updated config, builds $MODULE, which contains the scalar config values, and creates MODULE_<KEY> for all module config entries that are arrays. The effect that I am seeing is: if the config does not exist already, it is not saved by $GLOBALS['config']->set(. The Save action Clearly I am doing something wrong, and given an infinite amount of time, I may well be able to work it out, but I have spent more hours than I can spare on it so far, so expedience over-rules pride and I am <sob!> asking for help, hoping that someone has managed to get this to work already. My heart is in your hands... There must be a pattern for this already, right? I can find lots of examples that manage scalars, but I have not found a module that initializes a table that has visible code. Thank you for your help. Russ
  6. Howdy, I am updating to CubeCart 6 from 4.3.4. It is complicated because my 4.3.4 installation is somewhat modified which is why I am still on 4.3.4. However, I'm all grown up now and I don't want to make the same mistakes again. I am developing my custom code as extensions. This has several benefits, even if I don't share them. Mainly, coding an extension means it will plug itself tidily into any new sandpit environments I create with no effort on my part. However... I am having trouble working out what is going on behind the curtains for the admin pages. By inspection, I have determined that the coding pattern is: Add any new tables that do not already exist. Add any new fields that do not already exist. Instantiate a module with $module = new Module(__FILE__, $_GET['module'], 'admin/index.tpl', true); Display the template with $page_content = $module->display(); Clearly there is a lot going on under the hood because the location of the template is not explicitly declared, and the global config is provided and saved automatically. All the template has to do is flash up the configuration page, drawing values from a magically created $MODULE array then assign the results to an output array called "module" and the results are somehow magically saved. This is fine provided (a) you don't want to initialise the config scalars and (b) you don't want to do anything dramatic such as initialise a table of config values. Which, of course, I do. The institutional IT guy in me desperately does not want to have to reverse-engineer all this to figure out how it works. I have looked at a mess of extensions and none of them seem to do anything dramatic except SFWS_Product_Dimensions which does some pre-initializations, but when I copy and hack it just the tiniest bit, it does not work - my values to not get added to the global config and the initialisations are not persisted. Is there any documentation on this anywhere? I have been thrashing around intermittently for a couple of days and it is starting to really annoy men. It is just too ghastly to think that everyone wanting to use this magnificent facility has to reverse engineer the entire thing before they become productive. Thanks for your help, Russ
  7. I recently made a rare purchase from Amazon. I also recently made a rare decision to upgrade from CC 4 to CC 6. CC 6 is beautiful. I love it. Except the checkout process. Everything is there but it is monolithic. The Amazon approach is phased across multiple pages approximately as follows: Review cart Enter billing address Optionally enter delivery address Select shipping options Enter payment information Review summarized information with option to change everything Commit CubeCart has all this, but it is on just two pages, one of which is optional: View Cart Check-out I believe Smarty will allow something more like the Amazon solution merely by changing the template Is there an existing template that already has something like this? My vision is: Review Cart (always) - including shipping quote according the current solution (with adjustments noted elsewhere) This gets us the country and postcode from which we derive the region And it completes the shipping method solution so we have a finalised order right here, on one clean, simple and beautiful page. Provide billing address there is a "Back to Basket/Cart" button there is an "I want to deliver to a different address" button there is a "Check out" button Optionally provide delivery address there is a "Back to billing address" button there is a "Back to Basket/Cart" button There is a "Check out" button Check out Start with "Would you like to save these details for next time?" If so, enter passwords Saving details for next time is a statement of customer benefit. Create an account sounds like something that benefits us. The benefits are clearly listed You wont have to enter address details next time. You can save multiple billing and delivery addresses You can see your order history You can reprint receipts and invoices any time You can create and park an order, then review it and pay later Then solicit permission to send newsletters Then select payment method or offer to park the order. All three sections have large clear headings. Summary List the cart, shipping information, account status (including username) payment method Buttons or links to revise any part of the order Buy or Park for later payment: Park is useful if the customer is having card trouble, or if they need to query the shipping price. It is also useful for us if the shipping solutions do not deliver, in which case, park is the only option. And it may be useful in other circumstances, for example where we have agreed to adjust the order in some way before payment. I use it for international shipments, because the price is heavily dependent on packed dimensions: Customer creates and parks order (I currently use the Direct bank deposit option for this, but it is somewhat misleading for the customer and requires explanation .) Ideally, at this point, the store sends an order confirmation. I work out the actual parcel size and weight, get a quote, adjust the shipping cost, notify the customer with instructions on how to find the parked order. Ideally, at this point, the store sends a notification of payment pending, with instructions. Customer chooses to proceed, logs in, pays. I ship.
  8. Heavens to betsy... This will need some intervention. We definitely should not give an estimate until we know where the parcel is going. With my aforementioned Alice Springs example, the postage quote goes up by 3x when the postcode goes in. There are a bunch of potential customers who will find that very angryfying. That "Estimated" link is pretty subtle. I'm not a novice at this and I didn't guess it. It's an online store, not a gameified learning experience. On the other hand, once found it is very nice. Bouquets to the implementer, and a marshmallow brickbat to the interface designer. The interim solution has to be: initial state a snippet that checks if the "estimated" postcode is set, and if not, it hides the "select your shipping method" box. (minor coding change) change the link text from "Estimated" to "Get a shipping quote" (Text change) move the quote link to the location of the invisible "Select your shipping method" box. (Template change) User enters country and postcode (I presume the region is here because in some jurisdictions it determines the tax.) The shipping method dialog elements appear as now, but with an option to "Change your quote" below the list box. (Coding change to switch the text - template probably does not change,) Does that make sense? R
  9. After due reflection I am thinking that the neatest correct answer here is to have "View Basket" and "Checkout" do the same thing for anonymous users, which is take the punter to the nice, clean "View Basket" page, where added Country, Postcode fields are abetted and abutted by a "Quote Postage" button. The punter can choose to skip the quote and Checkout, or enter the postcode and country (which defaults appropriately) to get a quote. The first page of checkout has quite enough on it already so there is no need to make it busier. For account customers, we already have their details, so we can provide postage automatically. If the punter chooses to get a quote, the postcode and address information should be populated into the address fields of the next window. Incidentally, if the customer nominates a delivery address, I think it should start out defaulted to the billing address because often they are very similar - home address for billing, work address in the same town for delivery, for example. Post box for billing, house address in the same town for delivery. The names and contact details are generally the same. Thoughts? R
  10. That's amusing - it's the only field on that tab that isn't documented. I wonder what it does? Problem: Regardless of its value, and without a postcode selected, my anonymous user is getting a shipping quote that is offering a remarkably low price for delivery to anywhere in Australia (which seems to be selected by default automatically as the country in the address block.) There is no postcode information entered, so the postage module is making it up. I am running this particular query in a newly started Firefox browser. Firefox has never seen this installation before, so it is not using a previous login context. The cart really should be asking for a postcode and country before providing the estimates. (If the customer is in Alice Springs, the cheapest price is $42.) And without confirming the delivery country, it should not be quoting tax, in this case, since all prices are ex-tax. At this point in the dialog, the user has no idea that Australia is selected as the default because the address block is not yet displayed. The case below should show the cart items and the subtotal only, since it is purely about confirming the adjusted quantities. There is nowhere here to enter address information for the cart to derive tax and postage. Tax should only be displayed once the jurisdiction is known. Shipping costs should only be displayed once the postal code and country are both known. To add clarity, I disabled the Store Collection option and I now get $11.41 as the default selection in the list box. Bsmither - can you confirm this behaviour on one of your many installations? Preferably one of the few that has not been monkeyed with in this area. The completely correct solution is to put a note under Shipping "To see shipping options, select a country and region above and enter a postcode" and under the tax block "To see taxes, please select a country in the address block above." The postcode, region and country boxes should be enclosed in a box caption "Complete these for a shipping and tax quote". Problemette 2: The checkbox "Deliver to billing address" seems non-intuitive to me - it really should be "Deliver to another address" and not selected. I can hack it. But I wish I didn't have to." Apparently-already-solved-problem 3: Why don't we have a "Continue Shopping" button in the cart like my existing 4.3.4 store, and all other non-communist online stores have. I see there is an enhancement request and a forum thread on this already, but I cannot work out what eventually happened. Do I use the bsmither amendment to action it myself? Russ
  11. Is there an existing plug-in that provides shipping quotes for ad-hoc customers? I am looking for something that allows a new customer to build a card then enter postcode and country to get a shipping quote and therefore a total price before they commit to the effort of building an account and parting with their personal details. Thank you for your advice, Russ
  12. Question: Does CubeCart really assume that each store has exactly one size of parcel for each shipping channel? Corollary: Is there really no way to provide a shipping method with actual dimensions other than by modification of the code? From inspection of a variety of postage interfaces for version 6, it seems all still assume a single size of box. Use of any other dimensions means hacking the interfaces because they do not contain any hooks. Parcel volume is essential when there is air travel or couriers involved, or when large, light objects (like foam iceboxes) are send by post and the postal service invokes volume pricing. Getting these wrong results in under-charging and potentially significant profit reductions. Tell me it is not so... If not, I feel an enhancement request coming on... Russ
  13. Licensing question:

    I have a sandpit store, a development store, a test store (which is a frequently-updated copy of the live store) and the live store.  Can I use the same license code/download key in all of them?

    1. havenswift-hosting


      If they are using the same domain name and the test stores are in maintenance mode, then this is fine and the licence code will work. If your sandpit / test stores are using a different domain (including sub-domain) then it will need manual intervention from us to make the same licence code to work and you can contact us via a support ticket to get this sorted

    2. ploughguy


      Excellent response.  Thank you!

  • Create New...