Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by jka

  1. We had to mark the product unavailable due to delays in getting in-bound raw materials or parts. This customer seems to have added this product to the cart 10 days or earlier. Often time, customers go and add products to the cart and check shipping costs etc. Now after we marked it unavailable, he placed the order today by just checking out from his 10+ days old cart. 

    Anything we can do to clear cache or something like that to purge pending items in carts with items from previous days? that will be purchased?

    Also, while typing this, I kinda want to now check on price increases. Say, if we had to increase pricing on some products today and someone has been poking around last week and adding stuff to his cart, do it mean that he will be able to order from the previous pricing?


  2. Hello,

    We had "unchecked" Not available for Purchase for a couple of our products last week. Today we were surprised to find one of the orders was placed for a product not available for purchase. This customer probably had the shopping cart and the product loaded for the last 10 days before we made it un-available. 

    How do we prevent this type of sale when the customer is able to obviously bypass and order. A rare scenario but still the system should have caught it. Does this sound familiar to anyone else?


  3. Hello BSmither,

    We are saving everytime to test. The PCRE library from PHP Info is 10.32. So it also seems to be the latest. 

    If we can see the code thats making the call, we can try to add some debug see why the connection is closed after the server says Hello.

  4. Folks,

    I have seen others had this issue or similar. We are trying to use SMTP With SSL or SMTP with TLS. All the fields are populated properly and 465 is used for SSL and 587 is used for TLS. However this is what happens ... Can someone point to this code in CC? Store is 6.1.12 and php version is 7.2.30. 

    Error message for SSL... from maillog ..

    postfix/smtpd[24655]: connect from localhost.localdomain[::1]
    postfix/smtpd[24655]: lost connection after CONNECT from localhost.localdomain[::1]
    postfix/smtpd[24655]: disconnect from localhost.localdomain[::1]


    Error message for TLS .. from maillog

    postfix/smtpd[24747]: connect from localhost.localdomain[::1]
    postfix/smtpd[24747]: lost connection after STARTTLS from localhost.localdomain[::1]
    postfix/smtpd[24747]: disconnect from localhost.localdomain[::1]

    From the Pop-Up window on Cubecart ...

    SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
    SMTP Error: Could not connect to SMTP host.
    SMTP ERROR: QUIT command failed: 
    SMTP connect() failed. https://github.com/PHPMailer/PHPMailer/wiki/Troubleshooting

    FYI, Sending mail as PHP() Mail Function works properly.

  5. The existing PayFlow Link extension does not work. We will be willing to pay for the development or enhancement of the existing extension or a new one. 

    The Payflow link extension should support "Transparent ReDirect".

    1. Info: https://www.paypalobjects.com/webstatic/en_US/developer/docs/pdf/paypal_transparent_redirect.pdf

    2. Examples flow of hosted flow logic

  6. Thanks BSmither, 

    Yes, we want it to be the same behavior as a successful transaction . Will add this line of code and check what shakes out. The "To Review" is really a Credit Card status for the merchant. To the user/purchaser the order has been received. If the merchant goes to the Fraud Detection Suite and sees that its a questionable transaction, then the merchant can always cancel the order.

    The problem is more to do with the user still sitting on the credit card input page.

  7. I had posted to an existing thread last week. Today I submitted an order in the system on behalf of my customer. the result received from Authorize.net is 4|1|253

    bSmither had given us a fix for 1.3 version and then Al had updated to 1.4 with fixes. Since then, the behavior is not as expected. Please see screenshot attached. It shows order received but still still on the credit card form page. 

    How can we mimic the same behavior as 1|1|1 for 4|1|253 

    Screen Shot 2018-04-09 at 1.22.29 PM.png

  8. We have updated to 1.1.4 for the last couple of months. The status from AIM with "4 1 253" works fine now with the custom message from Authorize.net. 

    However here is the issue, unlike when the status is "1" where its gets redirected to a Order Complete page, in this case of "4", it displays the message properly etc adds to pending order. However it still sits on the credit card form page. Customers that get a "4" (Fraud Detection Suite) from Authorize, get the order received in pending status on the screen with the CC form below. They end up entering the card info again and sometimes we get 2-3 authorizations. 

    How can change the behavior of "4" similar to "1" and take them away from the CC input screen.

    On 11/21/2017 at 6:26 AM, Al Brookbanks said:

    Thanks so much. I removed some comments and published it in 1.1.4. 


  9. The AIM method stopped working since this past weekend. When we contacted Authorize.net they say its probably related to disabling TLS 1.0 and 1.1. We had this issues with UPS module and have the latest cURL ... curl --version
    curl 7.57.0 (x86_64-redhat-linux-gnu) libcurl/7.57.0 NSS/3.28.4 zlib/1.2.7 libpsl/0.7.0 (+libicu/50.1.2) libssh2/1.8.0 nghttp2/1.21.1
    Release-Date: 2017-11-29

    In the transaction logs its a cURL timeout 

    cURL Error (28): Connection timed out after 15000 milliseconds


    The UPS module started working fine once we updated cURL and we have also disable TLS1.0 and 1.1


    Any hardcoding on the Authorize.net module??

  10. A good customer called this morning and pointed an issue on the website. So, by default the store calculates Tax before checkout. This customer tried to put in a negative $$ value of the tax in the coupon code box. Say $23 in the coupon section. This brought him a discount from an existing coupon from 2 yrs back (which was still active) and gave him a big discount. The displayed coupon is a Alphanumeric coupon and not sure how entering 23 into the coupon code invoked that coupon??

    How do we fix this? Not sure if just entering a random numeric number by the customer brings out previous coupons or even current ones. 


  11. We have the Free Shipping extension configured and in the process, we removed HI and AK from United States Zones. Now on the flip side, a customer from HI is not able to get shipping rates as HI missing from the list of states in the drop-down. Any pointers in fixing this without impacting free shipping.

  12. Absolutely. I also went ahead and updated to the latest OpenSSL version too. We all assumed that updating php takes care of cURL but obviously not the case. In fact we had to download the cURL libraries independently of Plesk. The normal Yum stuff didnt work.

  13. Thanks. The server is PCI-DSS compliant with only TLS1.2 permitted by the webserver as well as A+ result from SSLlabs test. The cURL libraries are not part of Plesk and hence it wasnt on the radar whenever the server is automatically updated. 

  14. BSmither et-all.

    We are on 6.1.12, however would like to address the security issue with database class php. Can we just copy that file alone from 6.1.13 and patch it into 6.1.12?


  15. We just went ahead and made only TLSv1.2 as the only available TLS on the server. This way all transactions from the server will be 100% TLS 1.2. However the issue still remains. Hopefully Noodleman will have the fix tomorrow. 

  • Create New...