Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by jasehead

  1. I'm having some issues upgrading. What I'm wanting to do is to create a test upgrade of the store in a different folder. The issue now is that links in the new store seem to be redirecting to the old one. So if my old store is BOB and my test upgrade is HENRY, every time I click something in HENRY (like a product or menu) then it redirects and I'm back to BOB again. And if I do force the address to HENRY then I get a 404 not found error. The admin side is working fine in HENRY and is reading from the HENRY database OK, so I'm not sure what's going on. Nevermind - worked out that .htaccess needed edits for the base and 404 lines.
  2. I did have a rewrite set up in .htaccess to catch links coming from mysupplier.com to send to the supplier product page in my online store. I recently found that it was no longer working (probably since the site migration from old to new host years ago). The problem is that the link to www.mysite.com.au from https://www.mysupplier.com/en/retailer/online-stores/australasia/ is ending up at http://www.mysite.com.au instead of being captured by mod-rewrite and being redirected to https://www.mysite.com.au/shop/supplier-stuff.html I can't see anything in .htaccess that would be pushing the link to http instead of https, even if the referrer is not being caught properly. Is there somewhere else in cPanel that might be pushing the referrer link to http before/over my rules in .htaccess? --- This is the section in .htaccess that should be working: RewriteEngine on ## Options +FollowSymLinks RewriteCond %{HTTP_REFERER} ^https://.*mysupplier.*$ [NC, OR] RewriteCond %{HTTP_REFERER} ^http(s)?://(www.)?mysupplier.*$ [NC] RewriteRule ^(.*)$ https://www.mysite.com.au/shop/supplier-stuff.html [R,L]
  3. It would help more people than just me if plugin release notes specified which version of CubeCart they were designed for (not just v6). It would also help if older plugins were still available rather than being redirected to a new version that may not be compatible with my store. Yes, I understand that keeping CubeCart bog standard makes things easier, but it doesn't meet every business need so my own upgrades are more difficult and spaced further apart. Back to my original question: Is the PayPal Commerce plugin only for UK, France, Italy, Spain - or is it going to work for all countries including Australia/New Zealand?
  4. Is this only for UK, France, Italy, Spain - or is it going to work for all countries including Australia/New Zealand? Is this only for Cubecart 6.2.9 and php 7.4.7, or will it work for older versions like 6.1.14 and php 7.0.33 (or older v6 cubecarts and php 5.6)? More generally, are plugin updates being recommended by cubecart always compatible with the version of cubecart and php that is currently installed?
  5. I need help thinking in MySQL - working in phpMyAdmin. I want to create a query to: join order_inventory to order_summary by the order number use all of the order_inventory columns but also add the status column from order_summary (where status = processing) filter the list to show only products that DO NOT contain 2021 in the product name
  6. Something like this under the filter on products.index.php <br><button onclick='window.location.search+="&q="+prompt("enter string:");'>Search</button> Not working for me though (because I had it inside the exisiting form). But the idea would be you filter for a category and then tweak the results by searching for an item in that category. Although I DID get it to work externally as a bookmarklet, so I'll use this for now: javascript:window.location.search+="&q="+prompt("enter string:"); It is messy because it keeps appending and appending and appending to the URL, but only the last value gets used so it does work. Also, I can search for multiple words in the same way as the search slide out box.
  7. Would a simple approach be to use a javascript prompt and append to the URL that way?
  8. I have been editing together the URL from the search and the filter to get a filtered search result. What about a simple javascript that takes a textbox value and adds it to the URL? window.location.search += 'q=searchboxtext';
  9. Is there an easy way to add a text box and submit button to (admin) products.index.php so that admin can search within a category for matching products? Just enough to change the submitted URL from admin_stuff.php?_g=products&cat_id=72 to admin_stuff.php?_g=products&q=searchtext&cat_id=72
  10. Is anyone using this successfully? Does anyone have advice or experience with this? How useful is it? What exactly does it do and not do? Does it help to track sales or just page visits? If it tracks sales, then does it work for all gateways?
  11. By 2018/2019 code, I'm just referring to when posts were added to this topic. And by "should be", I mean that the program should be robust enough to handle +/- as input, and also AND/NOT, like this example from 2001: https://evolt.org/Boolean_Fulltext_Searching_with_PHP_and_MySQL
  12. So, would that work for OR as well? In the 2018 changes above, OR still resulted in AND. If I make the 2019 changes above and I have links or adwords set to use AND, OR and NOT in searches, are they going to need to be changed to +/- or can this be handled in the search code? In my old version, I could use AND, OR and NOT to varying degrees. My search worked on parts of words, so I could filter results for a particular product code prefix, eg. PB, and then for an item name, then remove any unwanted results. So right now, I could search for: 2019 diaries NOT bronte which would bring up all remaining 2019 diaries but keep out the one journal which has text in the description that includes 2019 and that the Bronte sisters used to keep diaries.This is a section of old code (messy, and probably based on 6.0.12 or earlier) where you should see that AND OR and NOT were picked out using $usSearchTerm, and str_replace was used on the search string to cope with NOT / AND NOT. So maybe something similar in your 2018 code around: $like = ' AND ('.implode(' OR ', $regexp).' OR '.implode(' OR ', $regexp_desc).')'; $noKeys = count($searchArray); for ($i=0; $i<$noKeys; ++$i) { $ucSearchTerm = strtoupper($searchArray[$i]); if ( ($ucSearchTerm != 'AND') && ($ucSearchTerm != 'OR') && ($ucSearchTerm != 'NOT') && (strlen($ucSearchTerm) > 0) ) { $searchArray[$i] = str_replace(array('%','_'), array('\%','\_'), $searchArray[$i]); $regexp = '%'.$searchArray[$i].'%'; $rlike .= "(I.name LIKE '".$regexp."' OR I.description LIKE '".$regexp."' OR I.product_code LIKE '".$regexp."')"; // modified? $rlike = str_replace(array(')(',') NOT ('), array(') AND (',') AND NOT ('), $rlike); // add AND between words and cope with NOT // if($i+1 < $noKeys){$rlike .= " AND ";} // add AND between words } else { if(strlen($ucSearchTerm) > 0){ $rlike .= " ".$ucSearchTerm." "; } continue; } } $rlike .= " )"; In your 2019 code, if +robot -grumpy was a way to search, then robot NOT grumpy should also be acceptable/compatible.
  13. From what I can tell, this only seems to be working as an AND search. If I try "robot OR dog" what I'm getting is "robot AND dog". Can this be modified to work with AND, OR and NOT operators in the search, eg. robot AND dog, robot OR dog and robot NOT dog? Or a complex search like: robot red dog OR cat NOT plush - which would be treated as ((robot AND red) AND (dog OR cat)) NOT plush. Or even: robot dog OR grumpy cat NOT plush NOT small - ((robot AND dog) OR (grumpy AND cat)) NOT plush AND NOT small The purpose would be to show filtered search results only with no unwanted items. --- I'm sure I've posted similar long ago (and working code for 6.0.12), but can't see any of my comments in the forums before 2016. I can only glimpse a cached version in Google search results. In any case, having this working for 6.2.5 would be great. --- I'm also seeing errors like these in the System Error Log: File: [catalogue.class.php] Line: [1897] "SELECT COUNT(I.product_id) as count, MATCH (I.product_code,I.name,I.description) AGAINST('2019 DIARIES' IN BOOLEAN MODE) AS Relevance FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.status = 1) AND I.status = 1 AND (MATCH (I.product_code,I.name,I.description) AGAINST('2019 DIARIES' IN BOOLEAN MODE)) >= 0.5 AND AND `live_from` < UNIX_TIMESTAMP() AND `live_from` < UNIX_TIMESTAMP() GROUP BY I.product_id ORDER BY `name` ASC " - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND `live_from` < UNIX_TIMESTAMP() AND `live_from` < UNIX_TIMESTAMP() GROUP BY' at line 1 File: [catalogue.class.php] Line: [1997] "SELECT I.* FROM CubeCart_inventory AS I LEFT JOIN (SELECT product_id, MAX(price) as price, MAX(sale_price) as sale_price FROM CubeCart_pricing_group WHERE group_id = 0 GROUP BY product_id) as G ON G.product_id = I.product_id WHERE I.product_id IN (SELECT product_id FROM `CubeCart_category_index` as CI INNER JOIN CubeCart_category as C where CI.cat_id = C.cat_id AND C.status = 1) AND I.status = 1 AND AND `live_from` < UNIX_TIMESTAMP() AND `live_from` < UNIX_TIMESTAMP() AND ((I.name RLIKE '[[:<:]]2019[[:>:]]' AND I.name RLIKE '[[:<:]]DIARIES[[:>:]]') OR (I.product_code RLIKE '[[:<:]]2019[[:>:]]' AND I.product_code RLIKE '[[:<:]]DIARIES[[:>:]]') OR (I.seo_meta_keywords RLIKE '[[:<:]]2019[[:>:]]' AND I.seo_meta_keywords RLIKE '[[:<:]]DIARIES[[:>:]]') OR (I.description RLIKE '[[:<:]]2019[[:>:]]' AND I.description RLIKE '[[:<:]]DIARIES[[:>:]]')) ORDER BY `name` ASC LIMIT 18 OFFSET 0 " - You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near 'AND `live_from` < UNIX_TIMESTAMP() AND `live_from` < UNIX_TIMESTAMP() AND ((I.' at line 1 So I searched for this line: $query = $q2.' '.$order_string.' '.$limit; And added this before it: $q2 = str_replace("AND AND","AND", $q2); // fix AND AND
  14. store_title, store_meta_description, store_meta_keywords and store_copyright are all encoded into the config. Given that these fields can contain all sorts of store-specific text and code, some stores could occasionally trip mod_security after a server-level Core Rule Set update by the web host. If these fields turn out to be the source and the problem is reported by other stores, then maybe store information that is readily available to Google/customers doesn't need to be base64 encoded in the config array. If this problem turns out to be more widespread, then maybe it's the variables in the array. This was not a problem that I picked up right away, it was a few weeks after the CRS security update when I tried to update store settings (set a storewide discount for a temporary sale). Other stores that don't fiddle with store settings may be affected by a server update but never notice.
  15. Finally resolved by the webhost by whitelisting a mod_security rule to avoid the false positive. My workaround in the meantime was to use .htaccess at the web root to temporarily disable mod_security, make my store settings changes and save as normal, then enable mod_security again: (in .htaccess) ## Remove hash from start of lines below if mod_security is throwing a 403 error, comment out with hashes again when done. # <IfModule mod_security.c> # SecFilterEngine Off # SecFilterScanPOST Off # </IfModule> I think the 403 forbidden/permission error, in this case, did relate to the base64 encoded config array - probably because mod_security detected a word like "ON" within the base64 text ((( OntpO decodes to :{i ))) which was common in the CubeCart_config arrays. Mod_security is probably going to be a recurring problem for some stores because: there's no telling what legitimate text is going to base64 encode into banned words, hosts using mod_security continually update the CRS (Core Rule Set) which may result in new matches/problems, and base64 can be used to hide malicious payloads - so mod_security is focussing more attention on any obfuscated code.
  16. I did try a blanket reset of file and folder permissions - didn't fix the problem.
  17. My webhost runs a suPHP environment. Am I going to cause issues with CubeCart if I blanket reset file permissions to 644 and folders to 755 ? Anything I need to be careful about or make custom changes afterwards?
  18. Still no luck with the webhost. Do you think that encoding the config could be tripping a security rule? There has to be some reason why saving the store settings produces a different result to the other admin tasks.
  19. I exported the database, deleted the duplicate rows from CubeCart_config, dropped all tables then imported the database. I was then able to assign a unique key to the name column and edit the table. Still talking with the webhost trying to sort the mod_security issue. So I decoded the config, made my settings changes, re-encoded it as Base64 and pasted it back - my changes are working OK. I'm going to need to make another settings change later, so I'm hoping to get the 403 permissions error sorted with the webhost by then.
  20. There are no indexes or keys applied to the table - it's just simple.
  21. I've tracked the .htaccess with the 403 redirect to the web root (tested .htaccess files in web root, store folder and admin folder). ErrorDocument 403 https://www.mysite.com.au/store/ Saving changes to the store settings is causing a 403 error. Should I be looking at file permissions or contacting my host about mod_security rules? Can't add a column to the CubeCart_config table - the table cannot be edited because of the duplicated rows. I would expect I'd probably have to export the database, edit the text file and import it back. I think the duplicate rows crept in during multiple CubeCart upgrades over the years.
  22. I had a look at decoding the config with Base64, making changes and pasting into phpMyAdmin - but the config table has config, Free_Shipping and Print_Order_Form twice so I can't assign a unique key to be able to edit the config. I guess I could write a replace in SQL but I'm starting to feel like I'm hacking at this problem with an axe.
  23. Could an apostrophe in the settings be a new issue? It wasn't previously, but checking the staff access log the last "Settings updated" entry was 11 days ago, and that would have been updating 2018 to 2019 in the Search Engine Settings > Meta Keywords. In Settings, we have apostrophes in the store name, meta description and copyright. Unfortunately, I can't remove the apostrophes to test this theory because the store settings won't save.
  24. The admin file and folder are both correct in global.inc.php - I can log into admin OK, view and edit orders, add products, clear cache etc. But trying to save changes to store settings is the problem. I did try commenting out 404 and 403 redirects in .htaccess at the web root and also the store folder but still had the problem. In Admin, .htaccess says: ErrorDocument 404 "<html></html> So I tried commenting that out too - no change.
  • Create New...