Category Archives: cre loaded specific

USPS fix for November 2013 for oscommerce based carts

USPS, in an unannounced move last Friday 8th November, decided to change the way it supplied rates information via its servers to the many ecommerce carts around the global who request realtime USPS quotes. They changed the transfer-encoding to chunked. This is a more efficient way for this data to be transferred, so not really before time.

However it caught out a number of old usps modules which relied on an ever growing number of filters to clean up the rates data xml, because these scripts relied on the old http_client class which didn’t support dechunking this data cleanly.

For those modules that called upon curl this change would have made no difference, eg zencart, whose usps script uses curl primarily and only fallsback to http_client as a last resort.

Free code download I’ve modified the oscommerce usps USPS Rate V4 Intl Rate V2 module to check and use curl. This is written for Loaded Commerce 6.5 but can be modified for other version use.

 

stop double htpasswd authentication for http https login in admin

If you have set up an htpasswd login to your admin (which is a good idea) you may be having to login twice to the htpasswd popup – once for an http and again for an https connection. This is so you’re authenticated in both connections which use different ports.

If you don’t want to have to login twice, here’s how to fix it:

1. The obvious way
If you login to your https admin using a http link, it will ask you to login twice in the htpasswd login popu.

Fix: Make sure your admin link/bookmark url you connect to your admin with starts with https://

2. Redirect all admin logins to https
Use this approach if 1. above doesn’t work.
Add the following to the top of the admin htaccess (not store htaccess file) to direct all admin urls to run under https.

Note – you must have 1) an htpasswd login setup and 2) an SSL certificate stored on your server to use this modification.

Find /admin/.htaccess and add at the top under the first commented line:

SSLOptions +StrictRequire
SSLRequireSSL
SSLRequire %{HTTP_HOST} eq "mywebsite.com"
ErrorDocument 403 https://mywebsite.com/admin

Note – change ‘mywebsite.com’ and also the ‘mywebsite.com/admin’ to your actual store’s domain name and admin (which shouldn’t be ‘admin’ either as this is a security risk.)

products attributes not showing on confirmation email

This bug which causes the product attribute information not to appear on order confirmation emails sent by the Cre Loaded or Loaded Commerce admin has been around forever on Cre Loaded (and now Loaded Commerce 6.5.x) carts.

Replicate as follows:
1. Admin >> Configuration >> Download … set ‘Enable Download’ to false


2. Place order for product with attributes
3. Receive email without mention of product attributes

The fix:
Find the file /checkout_process.php, backup first, then anywhere from line 450 through to 510 (depends on your version) replace with the block as shown

$products_ordered_attributes = '';
  if (isset($order->products[$i]['attributes'])) {
    for ($j=0, $n2=sizeof($order->products[$i]['attributes']); $j<$n2; $j++) {
      $sql_data_array = array('orders_id' => $insert_id,
                              'orders_products_id' => $order_products_id,
                              'products_options' => $order->products[$i]['attributes'][$j]['option'],
                              'products_options_values' => $order->products[$i]['attributes'][$j]['value'],
                              'options_values_price' => $order->products[$i]['attributes'][$j]['price'],
                              'price_prefix' => $order->products[$i]['attributes'][$j]['prefix'],
                              'products_options_id' => $order->products[$i]['attributes'][$j]['option_id'],
                              'products_options_values_id' => $order->products[$i]['attributes'][$j]['value_id']);
      tep_db_perform(TABLE_ORDERS_PRODUCTS_ATTRIBUTES, $sql_data_array);
      if (DOWNLOAD_ENABLED == 'true') {
        $attributes_query = "select pad.products_attributes_maxdays, pad.products_attributes_maxcount , pad.products_attributes_filename
                               from " . TABLE_PRODUCTS_ATTRIBUTES . " pa,
                                    " . TABLE_PRODUCTS_ATTRIBUTES_DOWNLOAD . " pad
                             where pa.products_id = '" . $order->products[$i]['id'] . "'
                               and pa.options_id = '" . $order->products[$i]['attributes'][$j]['option_id'] . "'
                               and pa.options_values_id = '" . $order->products[$i]['attributes'][$j]['value_id'] . "'
                               and pa.products_attributes_id = pad.products_attributes_id";
        $attributes = tep_db_query($attributes_query);
        $attributes_values = tep_db_fetch_array($attributes);
        if ( isset($attributes_values['products_attributes_filename']) && tep_not_null($attributes_values['products_attributes_filename']) ) {
          $sql_data_array = array('orders_id' => $insert_id,
                                  'orders_products_id' => $order_products_id,
                                  'orders_products_filename' => $attributes_values['products_attributes_filename'],
                                  'download_maxdays' => $attributes_values['products_attributes_maxdays'],
                                  'download_count' => $attributes_values['products_attributes_maxcount']);
          tep_db_perform(TABLE_ORDERS_PRODUCTS_DOWNLOAD, $sql_data_array);
        } // download filename loop ends
      }  // download attributes loop ends

        if( (!empty($order->products[$i]['attributes'])) ){
          $products_ordered_attributes .= "\n\t" . (isset($order->products[$i]['attributes'][$j]['option']) ? $order->products[$i]['attributes'][$j]['option'] : '') . ' ' . (isset($order->products[$i]['attributes'][$j]['value']) ? $order->products[$i]['attributes'][$j]['value'] : '') . ' ' .
          ( (isset($order->products[$i]['attributes'][$j]['price']) && ($order->products[$i]['attributes'][$j]['price'] > 0) ?
           $order->products[$i]['attributes'][$j]['prefix'] . ' ' . $currencies->display_price($order->products[$i]['attributes'][$j]['price'], tep_get_tax_rate($products[$i]['tax_class_id']), 1): ''));
     //number_format($order->products[$i]['attributes'][$j]['price'],2,'.','')

      } // attributes not empty loop
    } // loop through the attributes
  }  // attributes set?

tinymce editor box outlines visible when editing product

If you’re seeing outline boxes appearing in product edit pages of your 6.4.x or earlier cart caused by the tinymce editor, like this:

here’s the fix:

file: admin/editors/tiny_mce.php, around line 57

replace:

$mailscripts = array(FILENAME_NEWSLETTERS, FILENAME_MAIL);
   
    echo "n";

 

with:

$mailscripts = array(FILENAME_NEWSLETTERS, FILENAME_MAIL);

if(substr($textarea, -1, 1) == ','){
     $textarea = substr($textarea,0,-1);
}
   
    echo "n";

 

how to upgrade oscommerce-based scripts from php 5.2.x to php 5.3.x

More and more hosting companies are upgrading their servers to run php 5.3. For most carts, this will mean an error log file full of deprecated error messages – warnings that one day, the functions being used will be removed entirely and the script will break.

If you’re running an older version of your oscommerce-based cart software (eg Cre Loaded 6.4.1, Oscommerce 2.2 etc) you will find that your error log file will fill up with deprecated messages from a number of files still using old calls like ‘ereg’ and ‘ereg_replace.’

You could switch these error messages off if you can control the error_reporting configuration on the server you’re on, but there’s a chance that when php 5.4 is adopted by hosting companies (RC6 of this was released January 2012) many of these deprecated messages now will become broken scripts then.

Updating most of these old calls can be fairly easy – here is a reference table that will help:

ereg() = preg_match()
ereg_replace() = preg_replace()
eregi() = preg_match() with the 'i' modifier
eregi_replace() = preg_replace() with the 'i' modifier
split() = preg_split()
spliti() = preg_split() with the 'i' modifier

As an example – cre loaded 6.4.1a B2B file /includes/functions/general.php :

if (ereg('^[0-9]+$', $value)) {

would become

if (preg_match('/^[0-9]+$/', $value)) {

(note ereg becomes preg_match and the forward slashes (delimiters) are added in)

Other deprecated functions and directives are more involved and may in fact only be configurable by the hosting company if they don’t allow custom php.ini files. There are other examples in the code that can simply be removed to upgrade to php 5.3.x and will stop the deprecated message.

A popular old check in Cre Loaded is a 6.2 version check – this from /admin/includes/runtime/orders/RC_orders_boxesbottom.php:

if (defined('MODULE_ADDONS_RECOVERCARTS_STATUS') && MODULE_ADDONS_RECOVERCARTS_STATUS == 'True') {
  if (defined('PROJECT_VERSION') && ereg('6.2', PROJECT_VERSION)) {
    $rci = tep_admin_files_boxes(FILENAME_RECOVER_ABANDONED_CARTS, BOX_RECOVER_ABANDONED_CARTS, 'SSL','tdate=' . $tdate, '0');
  } else {
    $rci = tep_admin_files_boxes(FILENAME_RECOVER_ABANDONED_CARTS, BOX_RECOVER_ABANDONED_CARTS, 'SSL','tdate=' . $tdate, '2');
  }
}

In this case the ‘upgrade’ would be to remove the old version check (bypassing the need for the deprecated ereg check.)

Third-party modules may cause grief when your hosting company upgrades to php 5.3.
At the time of writing this, Magneticone’s modules that use Zend Optimizer for decoding will break as Zend hasn’t provided a backward compatible version of the ZO for scripts using php 5.2.x. Magneticone’s advice in this situation is to use the ioncube versions of the scripts only (as they haven’t upgraded their modules to use the standalone ZO php 5.3 version either.) Nuisance.

If you’re unsure about these changes, contact me for a quote to help you upgrade from php 5.2 to php 5.3