Jump to content

 

rrrolfs

Member Since 17 Dec 2011
Offline Last Active Mar 13 2013 04:40 AM
-----

Topics I've Started

Need Quote for modification on Multi-Vendor version

19 August 2012 - 02:56 AM

We need a quote to do the following with CS-Cart Multi-Vendor version 2.2.4.
Description: We need the ability to change the theme of the website based on the product that we are selling. We need this feature to brand the site in such as fashion that we can increase our conversions when selling product. It would be like having a store within a store. The design will have the following properties:

1.On the “Edit Category” page at the top of the page where there are tabs labeled “General, Blocks, View Products, Delete Category” we would like to add a tab labeled “Skin Selector”. This skin selector feature will have the following properties:
a.Only administrators to the site will have the ability to change the skin.
b.The skin selector tab will look like the skin selector page under the “Design” menu of the site.
c.The categories will automatically default to the stores template that is selected under the design section of the admin area.
d.When you change the skin in the category skin selector page it will change the skin template for that selected category. All other categories will default the stores selected template.
e.If you click on a product under a category it will use the categories selected template. This needs to work even for products that are assigned to multiple categories.

2.We would like the change to function using CS-Cart’s hooks as an add-on. All changes to core files must be documented.

Why does the the cart always send a packing slip with all RMA statuses?

07 March 2012 - 04:29 PM

Why does the the cart always send a packing slip with all RMA statuses? This does not make sense! The system should only send a packing slip for Approved RMA's. All other RMA statuses such as Requested, Denied, and Completed do not justify a packing slip due to the fact that the customer will not be shipping the product back with these statuses. The only status that the customer is authorized to ship product on is "approved".

Does anyone have a fix for this. I would call this a bug!

Is there a place I can change this in the code?

I am currently running Multi-Vendor 2.2.4 version of CS-Cart.

Looking for someone to develop a two-factor login scheme for vendors and admins

06 March 2012 - 05:15 PM

I would like to know what it would cost to create a addon module that would improve security for the admin and vendor control panels in the cart. This addon should have the following features:

1. Create an IP allow list. This IP allow list will hold IP address information that will show admin/vendor user name and thier assoiciated IP's that they have logged in with.

2. Create a two-factor login system for the vendor and admin areas. It will work this way:

The admin or vendor logs into the cart using their username and password just like they do now. The two-factor login script that you will create will check that to see if the user has logged before. If they have logged in before it will check to see what IP addresses they have logged in from. If the IP address is on the list it will allow them to access the control panel without any further authentication needed.

If they have not logged in before from an IP address in the allow list the scipt will do the following:
a. bring up another login field that says that the following: "You are accessing the admin system from an unknown IP address. We have e-mailed you a pin code. Please enter the pin code to access the control panel." The two-factor authenitcation script will e-mail the user names e-mail address on file a randomly generated pin code from our stores e-mail address. It should also have the ability for the user to have the system send another pin code if they did not recieve the first one. The user can then input the pin code into the site and click login. If the pin code is correct the system will grant access to the admin area and add the IP address to the IP allow list. If it is in-correct the system will deny access using the features in the "Access Restrictions Addon" This will block their IP if they attempt to login using the wrong code more than so many times.

The randomly generated code should have the following features:
1. It should only be used once.
2. It should consist of special characters, Numbers and letters.
3. It should only be good for 2-hours after the e-mail was sent with the code. After 2-hours the system should delete the pin code from the system.

The IP allow list table should contain both the username, IP address, pin code used, along with the date logged in for the as fields. It should have the following features:
1. The IP addresses should be removed from the table automatically after 30-days. This will force the system update the IP address in the table as users log in. After 30-days the user will have to authenticate their IP address again.
2. The Pin Code field is used to ensure that no pin code is used twice at the same time for two differnet IP addresses. The random pin code generator will have to generate a pin code that is not in use in this table.

This addon should be created for Multi-Version Vendor 2.2.4. It should also be created as an addon to make upgrading in the future easier.

This is only for Vendor and Admin users. This should not affect the customers!

Two-factor authentication for admin.php and vendor.php logins

03 March 2012 - 05:01 PM

Does anyone have any ideas for implementing two-factor authentication on the admin and vendor logins for CS-Cart? I have found this for a solution: http://www.duosecurity.com/docs/duoweb . It is free for up to 10 users. I would like to make the vendor and admin logins for CS-Cart more secure. I have already changed the admin.php name to something different.

Site Optimization Problems

18 February 2012 - 09:31 PM

I am running Multi-Vendor version 2.2.4 and noticed that the cart seems sluggish and slow. I installed siteoptimizer and that seem to improve my load speeds on most pages. I am still noticing that some pages are still sluggish. I think that the shipping calculator is making these pages sluggish!

Here are my problems:
1. I am still have a really slow load time when the customer click on "view cart". I think this is related to the shipping estimator script. The load time on this page improves when I disable the shipping calculator on this page. Does anyone know how to fix this?

2. The shipping estimator itself is really slow when calculating realtime shipping rates. I know that there is a documented problem about this. I tried to fix the problem using the solution that was posted on the forum. This did not work in my case. Does anyone know how to fix this?

3. I was looking at the local.config.php file and noticed the following parameters:

// Tweaks
$config['tweaks'] = array (
'js_compression' => false, // enables compession to reduce size of javascript files
'check_templates' => true, // disables templates checking to improve template engine speed
'inline_compilation' => true, // compiles nested templates in one file
'anti_csrf' => false, // protect forms from CSRF attacks
'disable_block_cache' => false, // used to disable block cache
'join_css' => false, // is used to unite css files into one file
'allow_php_in_templates' => false, // Allow to use {php} tags in templates


What do these parameters do? Do you recommend changing them?


4. I also noticed that you can change the backend cache parameter in the local.config.php file. Since I have a dedicated server I can change this parameter to what ever I want and make it work. Here is the parameter that I am talking about:

// Cache backend
// Available backends: file, sqlite, mysql, shmem
// To use sqlite cache the "sqlite3" PHP module should be installed
// To use shmem cache the "shmop" PHP module should be installed
$config['cache_backend'] = 'file';


Does anyone have any recommendations on what to change this parameter to? I know that CS-Cart says to change it for better optimization. I just want to know if sqlite3 is better than mysql or shmop?