Jump to content

Fatal error at checkout on a legacy (CC4) store


Recommended Posts

After years of reliability, the store is now failing to function at checkout for one of my customers who wishes to remain on CC4. At checkout, we're getting this error:


Fatal error: Call to undefined function repeatVars() in <snip> /includes/content/gateway.inc.php on line 127

I'm checking with the web host, in case some change may have been made there, but in the meantime I was going through the code. It seems repeatVars() is not a native php function, and I don't find it in CC4 includes/functions.inc.php. Does anyone know where this function is coded? Also, any suggestions as to what is causing the fatal error? Following is the block of code where the offending function appears:

		$transVars = '';

		if(strstr($_POST['gateway'], 'PayPal Website Payments Pro')) {
			$moduleType = 'altCheckout';
			$moduleName = 'PayPal_Pro';
		} else {
			$moduleType = 'gateway';
			$moduleName = $_POST['gateway'];

		$transferPath = 'modules'.CC_DS.$moduleType.CC_DS.$moduleName.CC_DS.'transfer.inc.php';

		if (file_exists($transferPath)) {
		} else {
			die('Required path doesn\'t exist!');

		for($i = 0, $maxi = count($order->orderInv); $i < $maxi; ++$i){
			$orderInv['productId']			= $order->orderInv[$i]['productId'];
			$orderInv['name']				= $order->orderInv[$i]['name'];
			$orderInv['price']				= $order->orderInv[$i]['price'];
			$orderInv['quantity']			= $order->orderInv[$i]['quantity'];
			$orderInv['product_options']	= $order->orderInv[$i]['product_options'];
			$orderInv['productCode']		= $order->orderInv[$i]['productCode'];
			$transVars .= repeatVars();
		$transVars .= fixedVars();

NOTE: I also posted this question at cubecartforums.org http://www.cubecartforums.org/index.php?showtopic=19753&st=0#entry79550

Link to comment
Share on other sites

Just an update on this . . . I have found where this function is initiated in gateway file transfer.inc.php, with help from Robsta to locate it. Assuming now that that file is not being read due to a problem with the gateway itself, or perhaps a new server security setting. Gateway code is actually obfuscated code.

Link to comment
Share on other sites

In the file /includes/content/gateway.inc.php, line 111, $transferPath is assigned a string comprising a $moduleType ('gateway') and a $moduleName (the value for $_POST['gateway']).

We can assume the $moduleName is present (but maybe not correct) because file_exists($transferPath) returns true. You should verify that the value for $transferPath is correct. PHP then requires() that file.

Are you saying that the file transfer.inc.php (the term you used is "Gateway code") is obfuscated? If this file is throwing an error because its contents are not being read in from the require(), PHP will throw a fatal error related to that, before trying to call an undefined function.

And, even if the de-obfuscation algorithm is malfunctioning, a garbage output from de-obfuscation will also cause PHP fatal errors prior to the one you see.

In my experience, after the third-party code checks for licensure, etc, it then creates the functions. See: http://us1.php.net/manual/en/functions.user-defined.php where Example #2 Conditional Functions explain why a function will not exist until the statements are actually processed at run-time.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...