Jump to content

rrrolfs's Content

There have been 15 items by rrrolfs (Search limited from 30-Mar 19)


Sort by                Order  

#143145 Need Quote for modification on Multi-Vendor version

Posted by rrrolfs on 19 August 2012 - 02:56 AM in Third-Party Services

We need a quote to do the following with CS-Cart Multi-Vendor version 2.2.4.
Description: We need the ability to change the theme of the website based on the product that we are selling. We need this feature to brand the site in such as fashion that we can increase our conversions when selling product. It would be like having a store within a store. The design will have the following properties:

1.On the “Edit Category” page at the top of the page where there are tabs labeled “General, Blocks, View Products, Delete Category” we would like to add a tab labeled “Skin Selector”. This skin selector feature will have the following properties:
a.Only administrators to the site will have the ability to change the skin.
b.The skin selector tab will look like the skin selector page under the “Design” menu of the site.
c.The categories will automatically default to the stores template that is selected under the design section of the admin area.
d.When you change the skin in the category skin selector page it will change the skin template for that selected category. All other categories will default the stores selected template.
e.If you click on a product under a category it will use the categories selected template. This needs to work even for products that are assigned to multiple categories.

2.We would like the change to function using CS-Cart’s hooks as an add-on. All changes to core files must be documented.



#133112 Remove shipping from main store

Posted by rrrolfs on 14 March 2012 - 03:47 PM in Multi-Vendor Edition

I had the same problem. One solution to this problem is to create a vendor for all of your main store items. This vendor would have the same address as your main store for shipping calculation purposes. I then moved all of the main store items to the new vendor account that I created. You can then disable the shipping method for these items. I main store account will have no items under it. All of my products are under a vendor account. This fixes the shipping issues.



#132748 Why does the the cart always send a packing slip with all RMA statuses?

Posted by rrrolfs on 07 March 2012 - 04:29 PM in General Questions

Why does the the cart always send a packing slip with all RMA statuses? This does not make sense! The system should only send a packing slip for Approved RMA's. All other RMA statuses such as Requested, Denied, and Completed do not justify a packing slip due to the fact that the customer will not be shipping the product back with these statuses. The only status that the customer is authorized to ship product on is "approved".

Does anyone have a fix for this. I would call this a bug!

Is there a place I can change this in the code?

I am currently running Multi-Vendor 2.2.4 version of CS-Cart.



#132708 Looking for someone to develop a two-factor login scheme for vendors and admins

Posted by rrrolfs on 06 March 2012 - 08:52 PM in Third-Party Services

That is correct. I am not trying to block all users. I only want an extra authentication step to be put in place for admin users that have not authenticated from a known computer. So if the admin logs into the site. The system will check to see if they have logged in before from thier location. If not, the system will require additional authentication such as an E-mail. If they have logged in before from a location the system will allow them to log in without any more authentication.



#132689 Looking for someone to develop a two-factor login scheme for vendors and admins

Posted by rrrolfs on 06 March 2012 - 05:15 PM in Third-Party Services

I would like to know what it would cost to create a addon module that would improve security for the admin and vendor control panels in the cart. This addon should have the following features:

1. Create an IP allow list. This IP allow list will hold IP address information that will show admin/vendor user name and thier assoiciated IP's that they have logged in with.

2. Create a two-factor login system for the vendor and admin areas. It will work this way:

The admin or vendor logs into the cart using their username and password just like they do now. The two-factor login script that you will create will check that to see if the user has logged before. If they have logged in before it will check to see what IP addresses they have logged in from. If the IP address is on the list it will allow them to access the control panel without any further authentication needed.

If they have not logged in before from an IP address in the allow list the scipt will do the following:
a. bring up another login field that says that the following: "You are accessing the admin system from an unknown IP address. We have e-mailed you a pin code. Please enter the pin code to access the control panel." The two-factor authenitcation script will e-mail the user names e-mail address on file a randomly generated pin code from our stores e-mail address. It should also have the ability for the user to have the system send another pin code if they did not recieve the first one. The user can then input the pin code into the site and click login. If the pin code is correct the system will grant access to the admin area and add the IP address to the IP allow list. If it is in-correct the system will deny access using the features in the "Access Restrictions Addon" This will block their IP if they attempt to login using the wrong code more than so many times.

The randomly generated code should have the following features:
1. It should only be used once.
2. It should consist of special characters, Numbers and letters.
3. It should only be good for 2-hours after the e-mail was sent with the code. After 2-hours the system should delete the pin code from the system.

The IP allow list table should contain both the username, IP address, pin code used, along with the date logged in for the as fields. It should have the following features:
1. The IP addresses should be removed from the table automatically after 30-days. This will force the system update the IP address in the table as users log in. After 30-days the user will have to authenticate their IP address again.
2. The Pin Code field is used to ensure that no pin code is used twice at the same time for two differnet IP addresses. The random pin code generator will have to generate a pin code that is not in use in this table.

This addon should be created for Multi-Version Vendor 2.2.4. It should also be created as an addon to make upgrading in the future easier.

This is only for Vendor and Admin users. This should not affect the customers!



#132493 Two-factor authentication for admin.php and vendor.php logins

Posted by rrrolfs on 03 March 2012 - 05:01 PM in Security

Does anyone have any ideas for implementing two-factor authentication on the admin and vendor logins for CS-Cart? I have found this for a solution: http://www.duosecurity.com/docs/duoweb . It is free for up to 10 users. I would like to make the vendor and admin logins for CS-Cart more secure. I have already changed the admin.php name to something different.



#132272 Bitcart

Posted by rrrolfs on 28 February 2012 - 05:55 PM in Off-Topic/General Chat

I have tried Bit-Cart. There are alot of bugs in thier code. Also they do not support their product! I moved to CS-Cart due to Bit-Carts in ability to support thier product. There source code is also closed source. You cannot even fix the bugs in thier code yourself. In most cases they want you to pay them to fix the code.



#131698 Site Optimization Problems

Posted by rrrolfs on 21 February 2012 - 06:38 AM in Configuration

Here is what CS-Cart's support staff had to say about the local.config.php parameters:

Description of the settings:
1. js_compression - if this directive is enabled, the whole CS-Cart Javascript code is packed and stored in the var/cache directory of your CS-Cart installation.
2. check_templates - if this directive is enabled, the templater will check templates for syntax errors.
3. inline_compilation - if the following setting is enabled, a parser looks for template {include} tags and joins them in one file which is stored in the var/compiled directory of your CS-Cart installation.
4. anti_csrf - if this setting is enabled, Cross-site request forgery attacks can be prevented. To learn more about them, please check the following article:

http://en.wikipedia....request_forgery

5. disable_block_cache - if this setting is enabled, block content will not be cached, this may affect the site performance.
6. join_css - if the following setting is enabled, all CS-Cart CSS files will be joined and stored in the var/cache directory of your CS-Cart installation.
7. allow_php_in_templates - if this setting is enabled, PHP directives can be processed in template files, this may also affect the site preformance.

CS-Cart's recommended settings:
// Tweaks
$config['tweaks'] = array (
'js_compression' => true, // enables compession to reduce size of javascript files
'check_templates' => true, // disables templates checking to improve template engine speed
'inline_compilation' => true, // compiles nested templates in one file
'anti_csrf' => false, // protect forms from CSRF attacks
'disable_block_cache' => false, // used to disable block cache
'join_css' => true, // is used to unite css files into one file
'allow_php_in_templates' => false, // Allow to use {php} tags in templates



#131567 Site Optimization Problems

Posted by rrrolfs on 18 February 2012 - 09:31 PM in Configuration

I am running Multi-Vendor version 2.2.4 and noticed that the cart seems sluggish and slow. I installed siteoptimizer and that seem to improve my load speeds on most pages. I am still noticing that some pages are still sluggish. I think that the shipping calculator is making these pages sluggish!

Here are my problems:
1. I am still have a really slow load time when the customer click on "view cart". I think this is related to the shipping estimator script. The load time on this page improves when I disable the shipping calculator on this page. Does anyone know how to fix this?

2. The shipping estimator itself is really slow when calculating realtime shipping rates. I know that there is a documented problem about this. I tried to fix the problem using the solution that was posted on the forum. This did not work in my case. Does anyone know how to fix this?

3. I was looking at the local.config.php file and noticed the following parameters:

// Tweaks
$config['tweaks'] = array (
'js_compression' => false, // enables compession to reduce size of javascript files
'check_templates' => true, // disables templates checking to improve template engine speed
'inline_compilation' => true, // compiles nested templates in one file
'anti_csrf' => false, // protect forms from CSRF attacks
'disable_block_cache' => false, // used to disable block cache
'join_css' => false, // is used to unite css files into one file
'allow_php_in_templates' => false, // Allow to use {php} tags in templates


What do these parameters do? Do you recommend changing them?


4. I also noticed that you can change the backend cache parameter in the local.config.php file. Since I have a dedicated server I can change this parameter to what ever I want and make it work. Here is the parameter that I am talking about:

// Cache backend
// Available backends: file, sqlite, mysql, shmem
// To use sqlite cache the "sqlite3" PHP module should be installed
// To use shmem cache the "shmop" PHP module should be installed
$config['cache_backend'] = 'file';


Does anyone have any recommendations on what to change this parameter to? I know that CS-Cart says to change it for better optimization. I just want to know if sqlite3 is better than mysql or shmop?




#131503 ADDON: UPS Shipment Tracking

Posted by rrrolfs on 17 February 2012 - 09:31 PM in Third-Party Add-ons

Is this module compatable with Multi-Vendor 2.2.4?



#131431 How to change where E-mails are sent from

Posted by rrrolfs on 16 February 2012 - 09:18 PM in Multi-Vendor Edition

I am running CS-Cart Multi-Vendor addition 2.2.4. I have been testing the cart and noticed that when you complete the order that it sends a e-mail from my vendor's e-mail address to the customer. Where can I change it so that the E-mails are sent from my primary admin E-mail?



#131264 How do I edit E-mails

Posted by rrrolfs on 14 February 2012 - 11:28 PM in Store Design & Templates

I need to know how to edit E-mails in CS-Cart. I would like to know how to add database fields such as tracking information and Customers information into the body of the E-mail. Is there a easy way to do this?

I need to create an E-mail that would be more personal like this:
Dear "Customer's Name",

Your order has shipped via UPS Ground. Your tracking number is "Tracking Number".

Thanks for your business,
"Business Name"



#128239 I cannot get the Admin Users Groups to work!

Posted by rrrolfs on 21 December 2011 - 10:29 PM in Issues & Troubleshooting

No, I need to be able to create multiple admin groups. Each group will have its own permission settings. I can create an administrator. I just cannot specify what admin group they should belong too. Look at the PDF file that I have attached you will see the screen shots that show the problem.



#128228 I cannot get the Admin Users Groups to work!

Posted by rrrolfs on 21 December 2011 - 07:17 PM in Issues & Troubleshooting

There does not seem to be a place with-in the cart to change the user groups for administrators in the cart. I click on the user in the admin area of the cart but there is no tab to change the user group. I tried following the instructions found in the knowledge base of CS-Cart.com but that didn't work. I have posted pdf attachment with screenshots of what I am looking at. Can anyone tell me what I am doing wrong? It looks like this feature is not working in the current version of CS-Cart.
Attached File  CS-Cart User Group Problem.pdf   233.6KB   206 downloads



#127959 File Permissions Question

Posted by rrrolfs on 17 December 2011 - 01:30 AM in Security

In the installation notes it states that the file permissions for the following files and folders need to be set up a certain way:
> chmod 666 config.local.php
> chmod -R 777 images
> chmod -R 777 skins
> chmod -R 777 var

Can we change this to something more secure? This leaves a security hole open. A hacker could upload their own scripts and cause all kinds of problems. What are other users using for file permissions?