Jump to content

tbirnseth's Content

There have been 273 items by tbirnseth (Search limited from 27-Nov 20)



Sort by                Order  

#343915 How To Make A Field Mandatory In Product Detail Page Tabs

Posted by tbirnseth on 17 November 2021 - 09:37 PM in Hints & Modifications

Make sure that 

for="feature_{$feature_id}

 

Matches the id of your form field.  I.e. if you have an input element named

<input id="feature_123" blahh.../>

Then the for parameter in the label tag must resolve to "feature_123".




#343581 Internal Server 500 Error When Uploading Product Image

Posted by tbirnseth on 03 November 2021 - 05:39 PM in General Questions

Quick Google gives you the answer: https://www.howtofor...s-maxrequestlen




#343558 This Code Below Is Supposed To Show Only Product With Auction=="y" In...

Posted by tbirnseth on 02 November 2021 - 07:55 PM in General Questions

Make sure the SQL shows "AND ?:products.auction='Y'" not "OR ?:products.auction='Y'"




#343557 Internal Server 500 Error When Uploading Product Image

Posted by tbirnseth on 02 November 2021 - 07:53 PM in General Questions

So change it from 128k to 256k




#343556 Get Vendor Plan From Order Using Api

Posted by tbirnseth on 02 November 2021 - 07:48 PM in General Questions

The way things work, the order (as @ecom states)  has a plan-id within the order.  This id is used to reference the "current" plan and from that you can get the commission amount (percent or value).  However, if the "plan" has changed, an older order may reference an inaccurate commission  amount and other details.

 

If one assumes that an order IS the contract between buyer, seller and merchant, then the commission amounts used SHOULD BE within the order.

 

A little history: In early cs-cart 2.0, products were "referenced" from the orders and as prices changed, caused significant confusion about what was bought when and for what amount.  They then started including product data within the order as it existed at the time of order.




#343555 Customer Password Recovery Link

Posted by tbirnseth on 02 November 2021 - 07:41 PM in General Questions

I don't think there's a time limit on the link.  If there is it's probably 14 days.

Yes, all 'ekeys' (the code in the link) are one-time use keys.




#343474 How To Load Page With $("#content").load("content.html");

Posted by tbirnseth on 29 October 2021 - 09:34 PM in General Questions

is 'content.html' in the root of your store?  Suggest you use a URL.  At least "//content.html".

And your debugging should also ensure that 'id="content"' exists on the page.




#343301 Error Message Could Not Be Sent. Mailer Error: Smtp Connect() Failed. Https:/...

Posted by tbirnseth on 23 October 2021 - 08:59 PM in Issues & Troubleshooting

The message indicates that cs-cart could not connect to your SMTP server.  It could be either a network issue or it could be the authentication credentials you are using for your SMTP server.

 

Without greater detail of your SMTP email setup, hard to help beyond the obvious.




#343287 Cs Cart Multi-Vendor Experience - 3 Month Review - The Good, The Bad And The...

Posted by tbirnseth on 22 October 2021 - 10:39 PM in Why CS-Cart

Well the forum join date in your avatar says join date 27 Jul 19.  That's what I was using to get my "2 years".  Sorry about the missunderstanding.

 

Think you'll have to bring that issue up with help-desk or submit to bugtracker.




#343149 Cannot Log Into Admin Panel Due To Ssl Change- Cs-Cart 4.13

Posted by tbirnseth on 15 October 2021 - 08:59 PM in Security

Try manually clearing the cache by removing var/cache and all its sub-directories from your site using a file manager.  It will be recreated on demand.

 

Also ensure that you have changed the 'https' entries in config.local.php




#343138 Security Issues

Posted by tbirnseth on 14 October 2021 - 09:21 PM in General Questions

 

Hi!

 

If you have a Multi Vendor Edition and want to use the automatic revenue sharing between the vendors, then in CS Cart (for European users) only Stripe Connect remains?! Which then has the consequence of not being PCI compliant, right?
 
Best regards
hummer

 

 

As I briefly looked at the stripe code, it appears that it is compliant.  I.e. it tokenizes that actual card number so what's stored is an encrypted form of the card that can't be decoded by anyone other than stripe (trying to put it in simple terms).

 

This question would best be answered by the cs-cart development team or the helpdesk.




#343096 Replace Item Name To Pruduct Id In Paypal Payment (Cs-Cart 4.13)

Posted by tbirnseth on 12 October 2021 - 09:19 PM in Configuration

it requires changes in the cs-cart paypal addon.  Not sure what your reference is to cpanel.




#343095 Security Issues

Posted by tbirnseth on 12 October 2021 - 09:18 PM in General Questions

You can be PCI compliant using payment methods that either process cards at their site and/or utilize iFrame or other technologies whereby the card data from a payment form is tokenized before it gets transmitted to your site.  Removing card data AFTER a payment is processed does NOT make you PCI compliant.  Capturing things like expiry data and last-4 of card number does NOT jeopardize your compliance but  ANY storage (even in memory) on your server of the card data (encrypted or not) makes you non-compliant in cs-cart since there is no reasonable way to decrypt encoded data and re-store it with a new encryption key.  The same encrypt/decrypt functionality is used for all encryption, not just cards..

 

My suggestion is to only use payment methods that conform to the criteria above (no transfer/storage of card data).

 

Of course, you can ignore it. But if you get a complaint, it can cost you thousands of dollars to become compliant and to undergo ongoing testing and validation.  Best to simply not handle the cards and thereby not have PCI become an issue.




#343083 Ask Seller A Question

Posted by tbirnseth on 11 October 2021 - 08:43 PM in General Questions

Submit a bug in bugtracker giving details of how to reproduce the problem.  Then wait...




#343082 Replace Item Name To Pruduct Id In Paypal Payment (Cs-Cart 4.13)

Posted by tbirnseth on 11 October 2021 - 08:41 PM in Configuration

It would require a customization to append the product_code to the product description (or to replace it).  Providing an example of what you have and what you want would be helpful.




#343081 Restrict Access To Main Administration Only - Not Vendor Admin

Posted by tbirnseth on 11 October 2021 - 08:39 PM in General Questions

It would require customization of the addon




#343080 Cs Cart Multi-Vendor Experience - 3 Month Review - The Good, The Bad And The...

Posted by tbirnseth on 11 October 2021 - 08:37 PM in Why CS-Cart

Why require shipping address for all orders but not billing address?

Because for the most part it's not needed.  You can add it by adjusting the litecheckout "layout" in design/layouts adding the fields you want.

 

 

Why to include non paid orders in the download list?

Assuming you are referring to "export orders".  You should be able to select specific status to download.  All order statuses is the default.

 

 

Why include a download button for products on non-paid orders?

Are you referring to EDP orders (electronic goods)?  Or are you referring to something in the admin?  Many merchants do their CC billing "offline" and hence need unpaid orders in a download to drive other applications or to drop-ship orders.  Any merchant worth their salt will not charge a customer until an order ships.  But most here charge at time of order.

 

 

Why the notification e-mail send to vendors is the same for users?

You can edit/modify the email that is sent to vendors in the email editor.

 

I'm surprised that after 2+ years using the product you haven't discovered these option on your own or by reading the documentation.




#343018 Security Issues

Posted by tbirnseth on 07 October 2021 - 09:03 PM in General Questions

Thank you, harmsmitsdev!

 

To the second question:

 

- Found that $config['crypt_key'] in config.local.php. What is the name of the safety technology behind this? Is it a certain type of encryption?

 

- Do you know how it is with "Stripe" as payment processor? Sure, the credit card number is transferred to the Stripe API - but is it also stored in the CS Cart database (even if it's only for seconds, because all status have "Remove CC info" enabled)?

 

Looking forward to your answer.

 

It uses Blowfish for encryption.

 

Using any payment method that does not use iFrames, 3D Secure or redirect to a secure card site for entry of card information is NOT PCI Compliant.  If you ever get a breach or one of your customers complains to Visa (et al) that their card was compromised from being used on your site you are up for a very expensive and long process of redemption.




#342982 Cs Cart Multi-Vendor Experience - 3 Month Review - The Good, The Bad And The...

Posted by tbirnseth on 06 October 2021 - 07:54 PM in Why CS-Cart

They are not being competitive to add-on developers. They just don't want a customer to have to buy 100 add-ons before their store is up and running. Its just not very customer friendly.

 

Also, a very large portion of the add-ons in this market has serious flaws. AlexBranding has had numerous SQL injection vulnerabilities in their add-ons, and some are just plain out badly programmed (300 database queries for product lables? cmon). All of this causes bad optics for CsCart, and loads their helpdesk even more. Also, they will have to bill the customer for the support since its not their add-ons that are breaking, which is just something they do not want.

 

Also, raising your prices 50% seems like a stretch. Maximum fee is 20% for the marketplace.

Don't think you have the context of what cs-cart was like 10 years ago as it relates to addon developer relationships.

 

So penalize or address the issues with developers who are providing junk.  I'm sure AlexBranding is still selling products via the Marketplace.

 

I can't use  my banking so everything requires more labor and time to process.  It breaks the systems I've setup to run my business for years without adding any value to me or to my customers.




#342961 Cs Cart Multi-Vendor Experience - 3 Month Review - The Good, The Bad And The...

Posted by tbirnseth on 05 October 2021 - 08:43 PM in Why CS-Cart

I don't think I've ever regretted a choice as much as I do now.

 

What are your top-5 issues?  Ar they theme/UI/UX issues?  Or functionality of the system?




#342960 What Happened To Just Cs-Cart?

Posted by tbirnseth on 05 October 2021 - 08:39 PM in General Questions

Also how current are you when you still show (offer?) CS-Cart basic and ultimate???

CS-Cart                USD 345     Multi-Vendor              USD 1250    Multi-Vendor PLUS           USD 3100 (2775)
CS-Cart Ultimate  USD 775     CS-Cart + YOUPI      USD 545      Multi-Vendor Ultimate       USD 7500 (6000)

 

Funny, never heard anyone complain that a reseller was selling products at a lower rate than the provider before....  A smart buyer would purchase a few licenses at the lower price while they could if they foresaw the future need for those licenses.




#342915 Storefront-Specific Administrators

Posted by tbirnseth on 04 October 2021 - 09:38 PM in General Questions

I'm a newbie, but isn't it a matter of admin panel => customers/vendors administrators and making sure the user you are adding is assigned to the specific store? I also use admin panel => customers/user groups and assign that to relevant tab when adding the new user.

 

Maybe it is different with ultimate (as I just have plus).

Yes




#342914 Cs Cart Multi-Vendor Experience - 3 Month Review - The Good, The Bad And The...

Posted by tbirnseth on 04 October 2021 - 09:37 PM in Why CS-Cart

Our addons utilize our own license/upgrade server (implemented nearly a decade before CSC came out with a solution).  Licenses are checked regularly and updates (by default) occur automatically.  We don't encode our addons..

 

When a request is made for a refund, we simply send the customer a checklist for complete removal and destruction and ask them to attest that they have done so.

 

CSC is encouraging encryption of addons purchased through the marketplace.  They consider it a service to the developers.  We choose not to sell directly through the marketplace. 

1) we'd have to raise our prices about 50% to do so,

2) volume of addon purchases for cs-cart is very low in relation to other platforms.

3) CSC used to see addon developers as partners and didn't replicate functionality in the standard product.  They stopped that several years ago so CSC is actually in competition with addon developers. 

 

The environment is less than friendly now days.




#342911 Learn Me Good, Please!

Posted by tbirnseth on 04 October 2021 - 09:12 PM in Developers' Corner

The api is an interface into the application from an external source.

Hooks are used to extend the functionality of cs-cart and many times that functionality is visible via the api (though not always).

cURL is just one method of connecting between sites.  Suggest you use the HTTP class instead since it will use the appropriate connection method based on your server environment.




#342910 Order Status Date

Posted by tbirnseth on 04 October 2021 - 09:09 PM in General Questions

Status history is part of our EZ Admin Helper addon.  It is optional functionality.  Docs are at https://ez-ms.com/docs/ez_maint.pdf