Ravens PHP Scripts: Forums
 

 

View next topic
View previous topic
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> eCommerce
Author Message
Raven
Site Admin/Owner


Joined: Aug 27, 2002
Posts: 17077

PostPosted: Mon Feb 09, 2009 11:58 pm Reply with quote

draxx wrote:
When is this downloadable? I'm confused by the main page?

I'm not sure what confuses you. The message on the front page explains the intent Smile. Read it again, closely, and if you're still confused then let us know exactly what is causing your confusion.
 
View user's profile Send private message
draxx
Involved
Involved


Joined: Nov 19, 2003
Posts: 282

PostPosted: Tue Feb 10, 2009 1:36 am Reply with quote

Oh i've been comming here for years and usually when you click on that area you are taken to either the forum that supports the new version or Ive seen a demo site that supports the new version .... and its usually always about that version and I tried to click and click and click on something ... anything.... nothing clicked and so this caused me confusion.

Now I wouldent use me as a meter - Ive been comming here now what? 5 years? 6? ugh 7 ? and Im on what? 22 posts? Smile I'm definately not the norm but I am a creature of habit Laughing
 
View user's profile Send private message
Raven
PostPosted: Tue Feb 10, 2009 9:45 am Reply with quote

Sorry for the confusion and thank you for the explanation. Just goes to prove that we really are creatures of habit Wink
 
spasticdonkey
RavenNuke(tm) Development Team


Joined: Dec 02, 2006
Posts: 1692
Location: Texas, USA

PostPosted: Tue Feb 10, 2009 2:32 pm Reply with quote

just thought I would throw this out there... has anyone ever tried a PCI compliance scan on RN? I never have, and I realize many of the security issues in PCI are server/host related, but just curious if PCI compliance is even a possibility and/or is being considered.

Many payment gateways are starting to charge higher rates and/or penalties for non-compliance.
 
View user's profile Send private message Visit poster's website
alien73
Involved
Involved


Joined: Sep 15, 2008
Posts: 352

PostPosted: Tue Feb 10, 2009 2:39 pm Reply with quote

Compliance has nothing to to with RN but how your store your customer info. What module are you using to sell products?
 
View user's profile Send private message Visit poster's website
spasticdonkey
PostPosted: Tue Feb 10, 2009 2:59 pm Reply with quote

Well the commercial sites I work on aren't currently running RN, just basic html. But I'll tell you first hand those PCI scans are intrusive and a pain in the.... donkey; it scans for software headers, finds directories with no indexes, and looks for software it considers to be insecure, and so on.

How you handle the data is only part of the equation, you also have to meet requirements for your server, website, data storage, and even the "terminals" you access info with.

P.S. Raven web hosting has been a blessing, not sure I could have achieved PCI compliance on another host, thanks again Raven Smile
 
jakec
Site Admin


Joined: Feb 06, 2006
Posts: 3048
Location: United Kingdom

PostPosted: Tue Feb 10, 2009 3:32 pm Reply with quote

I was under the impression you would only need a PCI scan if you accept credit cards. Therefore RN on it's own would not need a PCI scan and if the cart you are using uses Paypal, or similar, you are still not handling credit cards yourself and therefore no PCI scan required.

Personally I've never used a cart of any sort, so I could be wrong.
 
View user's profile Send private message
alien73
PostPosted: Tue Feb 10, 2009 3:34 pm Reply with quote

You must for talking about hacker safe now owned by (macafee), alertsite etc... We have a daily scan on our site. What are you using for PCI scans and what merchant account? I been doing this for over 10 years everyday and never heard of rates going up.

Sounds more like the economy is down so the rates are going up.
 
fkelly
Former Moderator in Good Standing


Joined: Aug 30, 2005
Posts: 3312
Location: near Albany NY

PostPosted: Tue Feb 10, 2009 3:49 pm Reply with quote

I've googled Calloway's Cart and gone over to the TGF site and looked at the sample pages for NOSCart which appears to be the latest version. It looks great but I have a question:

suppose what you want to sell requires a user registration form. Say for instance, name, address, phone number, maybe size of the item or one of a number of options for the item and maybe having them click on a legal release statement. Will the software have any capability for building the form through an admin screen, perhaps with built in PHP validation of the form fields after the form is submitted but before it goes off to Paypal?
 
View user's profile Send private message Visit poster's website
spasticdonkey
PostPosted: Tue Feb 10, 2009 3:58 pm Reply with quote

jakec wrote:
I was under the impression you would only need a PCI scan if you accept credit cards. Therefore RN on it's own would not need a PCI scan and if the cart you are using uses Paypal, or similar, you are still not handling credit cards yourself and therefore no PCI scan required.

Personally I've never used a cart of any sort, so I could be wrong.


yes, you are correct. If you use a service such as paypal then you wont need to worry about pci, at least not at this point in time...

alien73 wrote:
You must for talking about hacker safe now owned by (macafee), alertsite etc... We have a daily scan on our site. What are you using for PCI scans and what merchant account? I been doing this for over 10 years everyday and never heard of rates going up.

Sounds more like the economy is down so the rates are going up.

well payment gateways are authorize.net and/or rt-ware, I think one may have bought the other, can't remember. I think the penalty for non pci compliance was in the neighborhood of $19.99mo. USD for a small business in our revenue range.

and yes it was scanalert now mcafeesecure, and I'm pretty sure the criteria for meeting hacker-safe is harder than pci compliance, so if your meeting those standards, PCI should be no problem Smile

and rates always seem to go up, do they need a reason, lol ?
 
alien73
PostPosted: Tue Feb 10, 2009 4:18 pm Reply with quote

fkelly,

Not sure what your talking about.. We use a reg form or you can checkout without it.

spasticdonkey,

Sorry still never heard of what your talking about. Basically your saying if they find a security hole they charge you more????? Shouldn't they just drop a site altogether that is unsafe then require the site to be complicate before even having an account?
 
spasticdonkey
PostPosted: Tue Feb 10, 2009 4:31 pm Reply with quote

Well it's usually nit-picky things, and 9 times out of 10 they are just misreading software headers and think old versions of something is running. I certainly wouldnt want to be "dropped altogether" everytime that happens. While keeping up with PCI can be a pain, website security is obviously an ongoing effort, and just because your site is as secure as possible today, doesn't mean it will be next week... So in a way I understand the ongoing maintenance and hassles required.

What our gateway requires is that you have an approved pci scanning vendor, and that you prove compliance every 3 months, or get charged the additional fee. Don't be surprised if most other payment gateways outside of paypal have similar policies within the next year or so.
 
Raven
PostPosted: Tue Feb 10, 2009 6:02 pm Reply with quote

spasticdonkey wrote:
Well the commercial sites I work on aren't currently running RN, just basic html. But I'll tell you first hand those PCI scans are intrusive and a pain in the.... donkey; it scans for software headers, finds directories with no indexes, and looks for software it considers to be insecure, and so on.

How you handle the data is only part of the equation, you also have to meet requirements for your server, website, data storage, and even the "terminals" you access info with.

P.S. Raven web hosting has been a blessing, not sure I could have achieved PCI compliance on another host, thanks again Raven Smile

Cheers It's only because we manage most everything with our servers that we have been able to work out the issues that the PCI scans have raised. Newer releases of software are not always better and I can remember in at least one instance we had to say "no" to the PCI guys because the software upgrade broke so much software on the server. It seems we compromised on a version that just fixed the issue that gave them a knot in their undies Wink
 
fkelly
PostPosted: Tue Feb 10, 2009 8:02 pm Reply with quote

Quote:

Not sure what your talking about.. We use a reg form or you can checkout without it.


Sorry Alien, I wasn't clear. I assume that in your system there is an admin screen to define items to be sold. You would put some descriptive text, a price or prices, and perhaps an image of that item. Now, suppose what you were trying to sell was say, registration for an event. Suppose that event had options within it (say bike rides of 25, 50 and 100 miles for example). Suppose you had to collect non-standard "registration" data such as license plate numbers. Do the admin screens provide a facility for doing this and how is validation of the data upon submission handled. On a more general level does it have some type of form builder so that options for any item to be sold can be collected and passed on to the next stage in the purchase process.
 
alien73
PostPosted: Tue Feb 10, 2009 8:39 pm Reply with quote

It has the full store front, digital downloads feature and you can also do basic events. For example make a category called events and list products as events. It has a full fledged attributes feature on the back end so you can add any number of options to a product. The only thing it needs is extra text fields so customers can add things like licence plate numbers etc... It has a comments box for any comments to be attached to an order so really all I would need to do is add another box controllable from admin on/off for example.
 
selectric
Regular
Regular


Joined: Aug 06, 2008
Posts: 65

PostPosted: Thu Feb 12, 2009 7:00 pm Reply with quote

Hi everyone! I am very happy to hear that a eCommerce for Raven Nuke is being made! I definately need this, and hope for tight security!

I read on the frontpage that there are some security fixes for the new raven nuke. Are these fixes only for the new raven nuke, or is there something I need? I am running Ravennuke 2.20.01.

Thanks for your time.
 
View user's profile Send private message
alien73
PostPosted: Thu Feb 12, 2009 7:24 pm Reply with quote

It's for the new so I would upgrade ASAP to stay up to date with security.
 
alien73
PostPosted: Thu Feb 12, 2009 7:30 pm Reply with quote

I can say it will have most the major ones including Paypal WPP. speedtype
 
Dawg
RavenNuke(tm) Development Team


Joined: Nov 07, 2003
Posts: 910

PostPosted: Thu Feb 12, 2009 8:31 pm Reply with quote

Alien,
Will this new "Goody" have the ability to controll "NSNGroups"?

Dawg
 
View user's profile Send private message
fkelly
PostPosted: Thu Feb 12, 2009 9:26 pm Reply with quote

Just to address selectric's post a few back ... at this point I would recommend waiting for the announcement of RN 2.30.01 and then upgrading to that. RN2.30 was a big step up from 2.20 but 2.30.01 will incorporate additional security fixes as well as a few functional improvements.

You will be able to read the changelogs and decide for yourself.
 
alien73
PostPosted: Thu Feb 12, 2009 11:33 pm Reply with quote

Dawg,

Well see what everyone on the team decides and everyone else input.

I would imagine though that each group can have a different price structure or maybe only see certain products.
 
Dawg
PostPosted: Fri Feb 13, 2009 5:14 am Reply with quote

Alien,
I was going the other way with it....Subscriptions to belong to a "Group". So if they purchase X they belong to Group Y.

Thank you for your time on this prooject.

Dave
 
Guardian2003
Site Admin


Joined: Aug 28, 2003
Posts: 6792
Location: Ha Noi, Viet Nam

PostPosted: Fri Feb 13, 2009 5:55 am Reply with quote

Dawg wrote:
Alien,
I was going the other way with it....Subscriptions to belong to a "Group". So if they purchase X they belong to Group Y.

Thats really a subscription based required and shouldn't have anything to do with eCommerce except that you might be able to 'sell' subscriptions to through the Shop.
If that it likely to happen then I can stop the many weeks of work I have already put into something for that.
 
View user's profile Send private message Send e-mail
alien73
PostPosted: Fri Feb 13, 2009 7:04 am Reply with quote

I'm sure this feature will be added down the road at some point. No plans yet though.
 
nuken
RavenNuke(tm) Development Team


Joined: Mar 11, 2007
Posts: 2024
Location: North Carolina

PostPosted: Wed Jul 22, 2009 1:10 pm Reply with quote

Just wondering how the RavenNuke Merchant was coming. Haven't heard anything lately.

_________________
Only registered users can see links on this board! Get registered or login! 
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:       
Post new topic   Reply to topic    Ravens PHP Scripts And Web Hosting Forum Index -> eCommerce

View next topic
View previous topic
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Powered by phpBB © 2001-2007 phpBB Group
All times are GMT - 6 Hours
 
Forums ©