SimChris

Hello - ran across this looking for something else. Just wanted to make note of the fact I'm using latest Vector (v. 1.3) which is awesome if you want to do "bootstrap" vs classic CC 20th century skins ;-) Specifically, the search function works properly in our store. Remember of course that searches will look at all the stuff in the record not just the title - so if you reference another item in another product, both would come up in search. Assuming you already sorted this out. Just wanted to update this that I personally have no problems with store search using 1.3.

Manual upgrade .... only way to fly ... !

Anybody running their own ecommerce site should spend some time to research the error logs options available from your hosting provider, as you can often see brute force attacks on your store where IPs will be captured, so that you can block them. This may often reveal folks trying to login or create repeat accounts and generating errors -- particularly if they're using human powered spam posts to your site. Your host should be running iptables, csf, or whatever to block most attacks, but human powered stuff can only be stopped by figuring out how to track those folks by IP and then adding that to a firewall or to .htaccess "deny" rules (DENY FROM). However, accounts which don't show an IP in the store can be frustrating, but if you look at your server logs you can often see WHERE the traffic is coming from... so, if you have no clients in Argentina and suddenly have bunch of IP traffic from there, you can often see if that perhaps is where the baddies are coming from. It's a time suck for sure, but it's one of those things you can look into, with your hosting provider as to options for playing detective to block some stuff, particularly the worst offenders. It would be AWESOME if CubeCart would consider implementing some of the solutions out there like bad behavior, or other tools already used for Wordpress like akismet as this will force capture of IPs (we do this to block all the shoe comment spammers hitting our magazine portals). NEW CAPTCHA! .... and we've actually had some fairly good success using the add-on "visual captcha" module sold by ... um...(had to look that up) "GWorks" ... he's updated it to work with IE10 (it didn't originally), and (CAVEAT!) he also has an advertisement link in the Captcha which isn't disclosed during sale of the module (ahem). So, we just edited that link out as having an advert to services in a captcha during customer signup is so wrong on many levels. Anyway... the captcha uses little graphic that somebody has to drag into a box to register. Maybe this helps somebody somewhere....

I've just learned to do the manual upgrade process each time - just because it's the best way to see what directories or permission need to be manually changed (CHMOD) to be writable by the upgrader (it's nice that it tells you ..."I can't write this file ..."). With most modern security scenarios, particularly on Linux, and PCI-DSS setups like ours, anything that runs that can write or rewrite stuff needs to be in a perfect place of "owning" all the files it wants to write to, but then you can't edit stuff as FTPuser. So, uploading stuff manually and running setup, but making clean backup first, always seems best way to go. :-)

Yes! Just came here to look for this so I wouldn't run into any gotchas, and also to see if 522 borked the universe for anybody before I touched it (me paranoid, nah?). THANKS!

Getting these again: appear to be related to my being logged in as admin and then going to view pages in the store in browser. PHP Fatal error: Call to a member function select() on a non-object in /var/www/vhosts/mysitenamehere.com/httpdocs/ecom/classes/seo.class.php on line 719, referer: http://mysitenamehere/

Hi, in my testing with Google checkout, I had to make sure I had the "serial number" radio button checked instead of the XML option, and used 2.5 method vs 2.0 method (in Google's new settings). Kind of confusing, this. Often, with the update you can simply go to cc admin, go to the google checkout plugin, then uncheck, then check again, then try placing a test order. Not sure if this helps or not... all my errors were due to the "XML" radio checked in Google vs "serial number." ...

Hi, folks, including CC moderators. Any chance you can always post a differential file when there is an upgrade ? Super helpful, although i know I can run my own software to do that, I have so many versions and backups of the skins, it's a bit complex to run a differential without moving some stuff around here. Thanks :-) Primarily only looking for differential file on the "skins" each time, as that helps us fast-track anything critical to edit on any line by line basis. Keep up the great work! We switched to CC in 2010 from an inhouse solution and we earn our living off sales made via CC, so thanks for the continuing bug fixes, security patches, and evolutionary improvements. It *is* appreciated! Chris

Hi,. if you search some of my posts, you'll see I have been trying to eliminate the "ship-to" fields entirely without any success at this point. I will update you if I figure something out, but I have a hunch somebody needs to develop a plugin/mod for "customer data fields" .... which hooks into things without breaking them. Not sure this helps in any way, but this is one of the few things we haven't been able to quite wrangle in moving from CC4 to CC5 either since last October (2012).

Also, fyi: the instructions seriously need to be updated for this module in CC5, as Google has introduced a number of things like v2 to v 2.5 protocols (which one to use with CC5?), option for serial number or XML hookback or a third option?. I think it's supposed to be serial number, but no way of knowing that from lack of docs. Order placed returned "unable to connect to your store, error was 'serial number expected' so guess that means serial number if the option to use. On another note re "zones" with Google Wallet: Also, had somebody from India who was blocked from using credit card or PayPal then use the Google checkout (trying to get around the international requirement for our services to QUERY us first to add support for their locale.. idiots think they're somehow going ot get a service from us without us knowing they tried to bypass our requirements? BAH! ... still, there was no "allowed" zone for India, yet they were able to go to making an order). For now, we just decided to remove the Google Wallet since it seems most people don't even know what it is, and so far only a fraud-based company tried to use it. Sheesh. Anyway.... will revisit this later on. Only updating this for anybody else searching for stuff related to Google Wallet setup with head scratching mode enabled :-)

HI, usually when I upgrade my store via FTP, then run the setup script, it will tell me if any files need to have permission changed; on my system this requires changing the config file from 444 to 777. And sometimes one other file, but the setup script will tell you. While the "auto udpate" in the store won't. I have never been able to get the auto update to work due to how my Linux-server with Plesk is configured. If you follow the instructions in the README text file, it's actually really simple 1) make backup of everything (both through the store backup all function) 2) make FTP download backup of everything; note some stray files won't download for whatever reason due to some oddball permission set by the store (a "DE" language file for instance) 3) backup your skins folder if any mods done 4) upload the contents of the update to over-write existing contents (this will "merge" new files and leave unmodded files alone in most cases with modern FTP software like CuteFTP, FileZilla, etc.) 5) go to setup, launch, run; if something doesn't have correct permissions; change that via FTP; often easy to do right after the upload 6) next step in setup; and then it will run - progress bar - done. 7) delete setup folder !!!! 8) change permission of your config file back to 444 from 777 (the store admin panel will warn you to do this also) 9) login to store as admin.... check it. In my case FTP is quick, easy, and the only way that actually works. Hzahhh! Also heads up for most problems in upgrading come from ownership permissions... whether owned by Apache (or whatever on your server), or by the ftpuser. If owned by the server, the auto-upgrade should work if you simply change the write permissions on the config file to 777 temporarily. If you have ownership of the files by the ftpuser (typically the superuser of the domain on the server), it's often best to do it by FTP anyway, to ensure you can actually edit stuff in future like skins.

Also worth noting that changes to the skin files are often not as extensive, often minimal and perhaps only couple of files with some skins and a kind soul often posts a "comare them" file here. For instance I just upgraded from 5.15 to 5.21 and the skin mods i made all stuck with my originals. And today I'm trying to find the "compare" file on the forum or CC support to check if I need to fix any specific lines. Often when a kind person posts the "changes" file here as a courtesy you can scroll or search through that for your skin and then it will show side by side things like line 56 on skins/skin/filenamx.php "blah blah blah" which you can copy-paste over your modded skin to be "up to date" with any technical element such as dbase calls or pushes. On Windows, TextPad is an awesome free application for editing your files while keeping essential things like line breaks and viewing the line numbers. Worth learning, vs paying somebody to do it for you. Also be careful with some of the consultants on the forums as I went to work with one, and he had CC for his payment thing but didn't have an SSL cert for payments online (BAD!), and another person selling expertise had downloads, but when you checked out using CC, he wasn't using the digital download function built in to CC which seemed wonky to me. Always check feedback on ANY consultant and make sure the feedback isn't from somebody who is a shill (meaning that person only ever provided feedback or posts for the person being "recommended"). Sorry to rant on this here, but came to mind on the topic. Upshot ... checking the compare file for each upgrade is a quick way to see how much actually changed if anything with skin files, to give you peace of mind. Then proceed from there. :-)

HI, Havensoft folks... thanks for the reply here (pardon starting the thread here ... it was one of those days ...) Happy to help you debug the third party store for Cubecart for your listing. To wit: if you go to the CubeCartForums site > left menu > CC5 > Gateway > Index of mods/plugins ( Portal > CubeCartForums.org Catalogue> CubeCart v5 > Gateway ) > to your listing (ref: http://www.cubecartforums.org/catalogue/cubecart-v5/gateway/checkout-by-amazon-cubecart-v5-payment-gateway/prod_930.html ) > in the box on page the largest link "Buy This Product" > goes to a "Nothing found for Clients" (https://www.havenswift-hosting.co.uk/clients/clients/cart.php?gid=13) breadcrumb = You are here: Home >> Blog >> New Firewall IP Unblock Utility FYI, none of the mods we had for CC4 had annual fee or phone home and worked for 2 years with no issues until we moved to CC5. We've been doing ecommerce since 1996, so pretty 'hip' on how this stuff works. However, it makes sense as the Amazon gateway may change over time and need updates to keep working, point taken :-) However, the phone home thing is a potential security hole as it's an opening into the system data and may not be PCI-DSS compliant. We'd prefer to have a "key file" tied to the domain name, as CC does. Considering most people savvy enough to hack the key could likely just write their own code for a module like this, we don't support phone home plugins or mods tied into a secure system. Just my two cents.

Heh. It's under the "plugins" menu item in 5.1.5, not under payment gateways. In case anybody else was stupid like me today. ((doh)) you can mark this one resolved ...

Note the link in the third party forum doesn't work ... this appears to be the actual info page https://www.havenswift-hosting.co.uk/clients/cart.php?gid=13 also, on the Havensoft Hosting plugin ... not to keen on the idea of recurring annual fee for the plugin ? Does it phone home everytime to check license .... ? why not make it a one time fee? Hopefully we'll have a proper plugin integrated with upcoming CC version. Will add my vote on request page.

Guess I need to RTFM on this one ....

Hi for some reason I thought this was one of the gateway options until I just tried to find it. Doh. Will this be supported ? Google Wallet / Merchant Support?

Well. FYI, in editing the /skinname/templates/content.checkout.confirm.php changing the ><input type="checkbox" name="register" id="show-reg" value="1" class="" {$REGISTER_CHECKED} /> to <input type="hidden" name="register" id="show-reg" value="1" class="" {$REGISTER_CHECKED} /> basically hid both the checkbox and the fieldset for is=account-reg. Doh. So, for moment I put "strong" notice [*required] with the checkbox, and changed the class here to "textbox-required" like the other stuff: <input type="checkbox" name="register" id="show-reg" value="1" class="textbox required" {$REGISTER_CHECKED} /> So, for the moment best I could come up with in v 5.1.5. I might be able to do a style with a white color on white backing or some such, but not up to dealing with that right now. Just updating this for those on hunt for same solution. :-)

Hey party people.... any tip on adding the company name on the customer registration page? Couple of people have started putting in their company name in the first name/last name boxes as it's not clear where they put in the company name, since missing on the registration page ... Now that we're asking folks to register FIRST, it seems like it would be a good idea. Presumably I could copy the company field from the checkout page to the registration page, but anybody elsedone this? Doing forum search on topic comes up with nothing, hence the post. Thanks, folks!

THANK YOU! Exactly what I needed to make sure nothing was hosed in the transition since I'm using modified skins for the "Kurouto" style.

TIP: if you do the FTP upgrade option, simply replace the favicon in the new installer with your own, as a quick way to ensure you don't show the "cc" one. There really should be option to set this in the admin panel that "sticks."

Hi, I have the same error ... anybody have the differential for the skins difference from 5.14 to 5.15 ? HELP! I need this to make sure there isn't an item I need to tweak to ensure compatibility..... THANKS!

make a note of your original URLs when upgrading or changing your version, if you change URLs. you will need to make 301 redirects in your .htaccess file pointing old page to new page (if applicable to you). Doesn't hurt to register with Google Webmaster tools, and submit your sitemap, too. A 301 looks like this Redirect 301 /store/original-store-page-item1345/ https://www.your-store.xyz/store/new-store-page-without-item-number* *THESE ARE EXAMPLES ONLY

Heh.. yeah, folks need to see what the costs are before they choose to use our service, even though it's all on the pricing page; however, they obviously need to see pricing, perhaps be able to do a quote to get boss approval by adding multiple services ... etc. -- but then we want to make sure they register. I think I will see about hiding that checkbox "do you want to create an account' to be hidden field always checked, but leaving the password fields... in theory this might work. Will update if I get that to work ! :-)

Howdy folks... was trying to find an option for this in the store, but after about 6 months with 5x, we still have only couple of customer issued. I solved the annoying ship-to requirement bug today, but still have one thing ... we NEED to have all customer REQUIRED to register, not option for guest account. Preumably I could hack the main template to make the checkbox a hidden checked element, and then they put in their password at checkout to enable the account. But, we'd like to make that a permanent fix ... no checkbox to "if you wish to create account" ... meaning, they MUST put in password to checkout and the account is created. Ran into the issue where sometimes with "guest" checkout the "print invoice" option link we added on final page would not work, so for other reasons as well we need to ALWAYS have the customer registered ... no floaty ghosts in the customer list :-) Is there a setting for this I have missed (I'm on 5.15 as of today). THANKS FOLKS! (Note: I tried searching forum for this, but after 2 searches with no result, "flood control" came on and said.. no more for you bunkie...) doh.