Jump to content

jka

Member
  • Posts

    244
  • Joined

  • Last visited

Everything posted by jka

  1. We had to mark the product unavailable due to delays in getting in-bound raw materials or parts. This customer seems to have added this product to the cart 10 days or earlier. Often time, customers go and add products to the cart and check shipping costs etc. Now after we marked it unavailable, he placed the order today by just checking out from his 10+ days old cart. Anything we can do to clear cache or something like that to purge pending items in carts with items from previous days? that will be purchased? Also, while typing this, I kinda want to now check on price increases. Say, if we had to increase pricing on some products today and someone has been poking around last week and adding stuff to his cart, do it mean that he will be able to order from the previous pricing? Thanks.
  2. Hello, We had "unchecked" Not available for Purchase for a couple of our products last week. Today we were surprised to find one of the orders was placed for a product not available for purchase. This customer probably had the shopping cart and the product loaded for the last 10 days before we made it un-available. How do we prevent this type of sale when the customer is able to obviously bypass and order. A rare scenario but still the system should have caught it. Does this sound familiar to anyone else? Thanks.
  3. In the secure checkout form, the country name appears are a numeric value. For example 840 for USA. Any ideas where to fix this?
  4. Hello BSmither, Making SMTPDebug = 4 gave the clue. The CN mismatch was causing it. Fixed it. Now both SSL and TLS works as well as PHP Mail Function. Thanks.
  5. This is what I found on phpinfo() Registered Stream Socket Transports tcp, udp, unix, udg, ssl, sslv3, tls, tlsv1.0, tlsv1.1, tlsv1.2
  6. Hello BSmither, We are saving everytime to test. The PCRE library from PHP Info is 10.32. So it also seems to be the latest. If we can see the code thats making the call, we can try to add some debug see why the connection is closed after the server says Hello.
  7. Folks, I have seen others had this issue or similar. We are trying to use SMTP With SSL or SMTP with TLS. All the fields are populated properly and 465 is used for SSL and 587 is used for TLS. However this is what happens ... Can someone point to this code in CC? Store is 6.1.12 and php version is 7.2.30. Error message for SSL... from maillog .. postfix/smtpd[24655]: connect from localhost.localdomain[::1] postfix/smtpd[24655]: lost connection after CONNECT from localhost.localdomain[::1] postfix/smtpd[24655]: disconnect from localhost.localdomain[::1] Error message for TLS .. from maillog postfix/smtpd[24747]: connect from localhost.localdomain[::1] postfix/smtpd[24747]: lost connection after STARTTLS from localhost.localdomain[::1] postfix/smtpd[24747]: disconnect from localhost.localdomain[::1] From the Pop-Up window on Cubecart ... CLIENT -> SERVER: STARTTLS SERVER -> CLIENT: 220 2.0.0 Ready to start TLS SMTP Error: Could not connect to SMTP host. CLIENT -> SERVER: QUIT SERVER -> CLIENT: SMTP ERROR: QUIT command failed: SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting FYI, Sending mail as PHP() Mail Function works properly.
  8. The existing PayFlow Link extension does not work. We will be willing to pay for the development or enhancement of the existing extension or a new one. The Payflow link extension should support "Transparent ReDirect". 1. Info: https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/paypal_transparent_redirect.pdf 2. Examples flow of hosted flow logic https://developer.paypal.com/docs/classic/payflow/integration-guide/#configuring-hosted-checkout-pages
  9. jka

    Authorize.net

    Thanks BSmither, Yes, we want it to be the same behavior as a successful transaction . Will add this line of code and check what shakes out. The "To Review" is really a Credit Card status for the merchant. To the user/purchaser the order has been received. If the merchant goes to the Fraud Detection Suite and sees that its a questionable transaction, then the merchant can always cancel the order. The problem is more to do with the user still sitting on the credit card input page.
  10. I had posted to an existing thread last week. Today I submitted an order in the system on behalf of my customer. the result received from Authorize.net is 4|1|253 bSmither had given us a fix for 1.3 version and then Al had updated to 1.4 with fixes. Since then, the behavior is not as expected. Please see screenshot attached. It shows order received but still still on the credit card form page. How can we mimic the same behavior as 1|1|1 for 4|1|253
  11. We have updated to 1.1.4 for the last couple of months. The status from AIM with "4 1 253" works fine now with the custom message from Authorize.net. However here is the issue, unlike when the status is "1" where its gets redirected to a Order Complete page, in this case of "4", it displays the message properly etc adds to pending order. However it still sits on the credit card form page. Customers that get a "4" (Fraud Detection Suite) from Authorize, get the order received in pending status on the screen with the CC form below. They end up entering the card info again and sometimes we get 2-3 authorizations. How can change the behavior of "4" similar to "1" and take them away from the CC input screen.
  12. The AIM method stopped working since this past weekend. When we contacted Authorize.net they say its probably related to disabling TLS 1.0 and 1.1. We had this issues with UPS module and have the latest cURL ... curl --version curl 7.57.0 (x86_64-redhat-linux-gnu) libcurl/7.57.0 NSS/3.28.4 zlib/1.2.7 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.8.0 nghttp2/1.21.1 Release-Date: 2017-11-29 In the transaction logs its a cURL timeout cURL Error (28): Connection timed out after 15000 milliseconds The UPS module started working fine once we updated cURL and we have also disable TLS1.0 and 1.1 Any hardcoding on the Authorize.net module??
  13. Hello Bsmither, I tried a few other random numbers but somehow 23 seemed invoke that coupon. We disabled that coupon for now. Not sure if there are others. Any nibbles on what you found or to fix?
  14. A good customer called this morning and pointed an issue on the website. So, by default the store calculates Tax before checkout. This customer tried to put in a negative $$ value of the tax in the coupon code box. Say $23 in the coupon section. This brought him a discount from an existing coupon from 2 yrs back (which was still active) and gave him a big discount. The displayed coupon is a Alphanumeric coupon and not sure how entering 23 into the coupon code invoked that coupon?? How do we fix this? Not sure if just entering a random numeric number by the customer brings out previous coupons or even current ones. Thanks.
  15. Thanks BSmither. I will take a look at it. I have purchased a few of the shipping modules in the past and its probably one of them.
  16. We have the Free Shipping extension configured and in the process, we removed HI and AK from United States Zones. Now on the flip side, a customer from HI is not able to get shipping rates as HI missing from the list of states in the drop-down. Any pointers in fixing this without impacting free shipping.
  17. Absolutely. I also went ahead and updated to the latest OpenSSL version too. We all assumed that updating php takes care of cURL but obviously not the case. In fact we had to download the cURL libraries independently of Plesk. The normal Yum stuff didnt work.
  18. Thanks. The server is PCI-DSS compliant with only TLS1.2 permitted by the webserver as well as A+ result from SSLlabs test. The cURL libraries are not part of Plesk and hence it wasnt on the radar whenever the server is automatically updated.
  19. We went ahead and did a cURL library update to the latest version 7.57 and its fixed now. Everything is back up and running. Thanks.
  20. jka

    6.1.13

    BSmither, Just the user.class? not the cubecart.class?
  21. jka

    6.1.13

    BSmither et-all. We are on 6.1.12, however would like to address the security issue with database class php. Can we just copy that file alone from 6.1.13 and patch it into 6.1.12?
  22. We have our own Plesk VPS server for Production and a separate one for QA. I have added enough info for Noodleman to t-shoot the module. It appears that UPS were moving away from their legacy tools since 2017 and they decided to pull the plug Jan 1. As of now they are throttling their legacy API calls and the reason for the intermittency. https://www.ups.com/us/en/help-center/technology-support/data-security.page
  23. We just went ahead and made only TLSv1.2 as the only available TLS on the server. This way all transactions from the server will be 100% TLS 1.2. However the issue still remains. Hopefully Noodleman will have the fix tomorrow.
  24. You were spot on, it seems that module does not use the Request.class. There is still nothing in the log after the change.
×
×
  • Create New...