osc2nuke 2.3

Posted: Mon Oct 11, 2010 11:49 am

I'm going to anounce here that osc2nuke is going to intergrate the new oscommerce 2.3 into Ravennuke(tm).

oscommerce anounce:

OSCOM v2.3 Pre-Release Notes

We stated earlier that the next osCommerce Online Merchant releases would be v2.2 and v3.0 and that we wouldn’t be publishing any more alpha, beta, or release candidate labelled versions. The next v2.2 release was declared as “v2.2final” to finalize the versioning cycle it went through, from “Milestone 1” to “Release Candidate 2a”.

To better distinguish the final v2.2 release from its earlier versions, the version number will jump to and be released as v2.3.

The upgrade guide to v2.3 (from “v2.2 Release Candidate 2a”) will be split into the following sections:

* Bugfixes
* PHP 5.3 Compatibility Changes
* New Features

This makes it easier for store owners and developers to apply the bugfixes to their existing installations, and to choose which new core features they’d like to apply.

Some of the new features include:

* Tokenize forms to customer sessions
* Automatic Administration Tool logins through Basic HTTP Authentication (htpasswd)
* New currencies can be added through a pre-populated list of common currencies
* Modular Action Recorder implementation to limit and log certain functions, such as:
o Administration Tool login attempts
o Tell A Friend e-mails
o Contact Us e-mails
* Security Directory Permissions for the Administration Tool shows which directories are writable
* Version Checker for the Administration Tool to check for new versions
* Store Logo for the Administration Tool to easily upload a new store logo
* Modular Social Bookmarks implementation to share products on social sites, such as:
o Digg
o Facebook and Facebook Like
o Google Buzz
o Twitter and Twitter Button
* Export Server Information for the Administration Tool to help with bug reports
* Allow guest orders through PayPal Express Checkout
* Modular Header Tags implementation for:
o Google Analytics and E-Commerce Tracking
o OpenSearch
o Categories (SEO)
o Manufacturers (SEO)
o Products (SEO)
* HTML layout separated and moved to new template_top.php and template_bottom.php files
* Password hashing algorithm changed to Portable PHP hashing for customer and administrator passwords

i will do my best to let it fit perfectly this time.
i will alsotry to solve the captcha/session issue what prevented ravennuke users to use osc2nuke.

Posted: Mon Oct 11, 2010 12:40 pm

Glad to hear the good news. Thank you wHiTeHaT.

Posted: Mon Oct 11, 2010 3:45 pm

You are all welcome....(just not on osc2nuke.com for now ) ROTFL

i just embedded 2.3 to rn.
As oscommerce sessions not called yet "true"RN , the captcha remains intact.
Was good to find out when it breaks...maby i should use a bridge to the nuke users/oscommerce customers instead of totaly merge user authentication.

New Member Joined: Nov 13, 2006 Posts: 2

good news~~very thanks
Wave

Posted: Fri Oct 15, 2010 3:23 pm

It seems harder then i tought to get the RN Captcha working.
Once oscommerce's session is intregrated to RN, the captcha breaks.
The image shows fine, except i think the session isnt registered anymore or rewritten by oscommerce's session handler.

if i keep the functions alive but quote out the code to be executed, the captcha works fine and i'm able to login.

Here is the captcha killer code from oscommerce(sessions.php):

Code:




<?php


/*


  $Id$





  osCommerce, Open Source E-Commerce Solutions


  http://www.oscommerce.com





  Copyright (c) 2008 osCommerce





  Released under the GNU General Public License


*/





  if ( (PHP_VERSION >= 4.3) && ((bool)ini_get('register_globals') == false) ) {


    @ini_set('session.bug_compat_42', 1);


    @ini_set('session.bug_compat_warn', 0);


  }





  if (STORE_SESSIONS == 'mysql') {


    if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {


      $SESS_LIFE = 1440;


    }





    function _sess_open($save_path, $session_name) {


      return true;


    }





    function _sess_close() {


      return true;


    }





    function _sess_read($key) {


      $value_query = tep_db_query("select value from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "' and expiry > '" . time() . "'");


      $value = tep_db_fetch_array($value_query);





      if (isset($value['value'])) {


        return $value['value'];


      }





      return '';


    }





    function _sess_write($key, $val) {


      global $SESS_LIFE;





      $expiry = time() + $SESS_LIFE;


      $value = $val;





      $check_query = tep_db_query("select count(*) as total from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");


      $check = tep_db_fetch_array($check_query);





      if ($check['total'] > 0) {


        return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input($expiry) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");


      } else {


        return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input($expiry) . "', '" . tep_db_input($value) . "')");


      }


    }





    function _sess_destroy($key) {


      return tep_db_query("delete from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");


    }





    function _sess_gc($maxlifetime) {


      tep_db_query("delete from " . TABLE_SESSIONS . " where expiry < '" . time() . "'");





      return true;


    }





    session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');


  }





  function tep_session_start() {


    global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;





    $sane_session_id = true;





    if (isset($HTTP_GET_VARS[tep_session_name()])) {


      if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) {


        unset($HTTP_GET_VARS[tep_session_name()]);





        $sane_session_id = false;


      }


    } elseif (isset($HTTP_POST_VARS[tep_session_name()])) {


      if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) {


        unset($HTTP_POST_VARS[tep_session_name()]);





        $sane_session_id = false;


      }


    } elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {


      if (preg_match('/^[a-zA-Z0-9]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {


        $session_data = session_get_cookie_params();





        setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);





        $sane_session_id = false;


      }


    }





    if ($sane_session_id == false) {


      tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));


    }





    return session_start();


  }





  function tep_session_register($variable) {


    global $session_started;





    if ($session_started == true) {


      if (PHP_VERSION < 4.3) {


        return session_register($variable);


      } else {


        if (isset($GLOBALS[$variable])) {


          $_SESSION[$variable] =& $GLOBALS[$variable];


        } else {


          $_SESSION[$variable] = null;


        }


      }


    }





    return false;


  }





  function tep_session_is_registered($variable) {


    if (PHP_VERSION < 4.3) {


      return session_is_registered($variable);


    } else {


      return isset($_SESSION) && array_key_exists($variable, $_SESSION);


    }


  }





  function tep_session_unregister($variable) {


    if (PHP_VERSION < 4.3) {


      return session_unregister($variable);


    } else {


      unset($_SESSION[$variable]);


    }


  }





  function tep_session_id($sessid = '') {


    if (!empty($sessid)) {


      return session_id($sessid);


    } else {


      return session_id();


    }


  }





  function tep_session_name($name = '') {


    if (!empty($name)) {


      return session_name($name);


    } else {


      return session_name();


    }


  }





  function tep_session_close() {


    if (PHP_VERSION >= '4.0.4') {


      return session_write_close();


    } elseif (function_exists('session_close')) {


      return session_close();


    }


  }





  function tep_session_destroy() {


    return session_destroy();


  }





  function tep_session_save_path($path = '') {


    if (!empty($path)) {


      return session_save_path($path);


    } else {


      return session_save_path();


    }


  }





  function tep_session_recreate() {


    if (PHP_VERSION >= 4.1) {


      $session_backup = $_SESSION;





      unset($_COOKIE[tep_session_name()]);





      tep_session_destroy();





      if (STORE_SESSIONS == 'mysql') {


        session_set_save_handler('_sess_open', '_sess_close', '_sess_read', '_sess_write', '_sess_destroy', '_sess_gc');


      }





      tep_session_start();





      $_SESSION = $session_backup;


      unset($session_backup);


    }


  }


?>

If there's anyone here that knows the reason and can help out witht his , i would be more then happy.

Posted: Fri Oct 15, 2010 7:00 pm

What happens if the mysql sessions are used?

Posted: Sat Oct 16, 2010 5:09 am

i dont get what you mean six...

oscommerce works as follows in this case:

a visitor comes to the site,he add products to the cart,stored in the session and a cookie is setted with the session.
Then if the user decide to register or login,the session will be identified and stored into mysql database.

Posted: Sat Oct 16, 2010 1:10 pm

Problem for captcha is solved.
It is a little dirty....
in includes/gfx_check.php quote out:

Code:




require_once(NUKE_INCLUDE_DIR.'class.php-captcha.php');

like:

Code:




 //require_once(NUKE_INCLUDE_DIR.'class.php-captcha.php');

in custom_mainfile.php add:

Code:




// include RN captcha class  


  require_once(NUKE_INCLUDE_DIR.'class.php-captcha.php');

right below:

Code:




// include shopping cart class


  require(DIR_WS_CLASSES . 'shopping_cart.php');

so it look like:

Code:




// include shopping cart class


  require(DIR_WS_CLASSES . 'shopping_cart.php');





// include RN captcha class  


  require_once(NUKE_INCLUDE_DIR.'class.php-captcha.php');

lol it took me over a year to find that out Embarassed

Posted: Sat Oct 16, 2010 6:32 pm

Nice work!

Posted: Sun Oct 17, 2010 11:26 am

Let us know when and where this can be downloaded from. I have a RN test site that I could give it a workout on.

Posted: Sun Oct 17, 2010 12:09 pm

It isnt ready yet,oscommerce 2.3 has a new headertag system and i need to see how i can let it run with RN.It also has the so wanted PayPal Express Checkout so you not need to register to the cart.That is something i need to investigate aswel.
I also consider to let the shop run optional standalone (for ssl security) and embedded.

Unfortunaly i dont have a server anymore to host osc2nuke.

Posted: Sun Oct 17, 2010 2:06 pm

HeaderTag system intregrated ,again a little dirty.

I would like to have a feedback abouth the dirty methodes i have to use to get oscommerce to work in RN.

CAPTCHA:
As somepost above explain i had to change gfx_check.php.
I only needed to quote out 1 line to get the captcha to work with oscommerce.
a change to:
gfx_check.php
---------changes------------

Code:




//require_once(NUKE_INCLUDE_DIR.'class.php-captcha.php');

DYNAMIC HEADER TAGS
A change to:
header.php
---------changes------------
in function head() , add a new global called $oscTemplate, and change the call to nukeSEOdh.php like

Code:




   if ($name == 'catalog'){


   echo '<title>'.$oscTemplate->getTitle() .'</title>';


   }else{


   include_once INCLUDE_PATH . 'includes/nukeSEO/nukeSEOdh.php';


   }

A change to:
nukeNAV.php
---------changes------------
i changed:

Code:




if(defined('MODULE_FILE') and is_admin($admin)) {

to:

Code:




if(defined('MODULE_FILE') and is_admin($admin) and $name !== 'catalog') {

It seems i dont have to change anything else from the RN distro except the above mentioned.

Is that acceptable?

Posted: Sat Jan 01, 2011 10:22 am

BUMP!!

Posted: Mon Mar 28, 2011 2:53 pm

CSRF check failed issue's

Solved by moving the:

Code:




require_once INCLUDE_PATH . 'includes/csrf-magic.php';

AFTER:

Code:




require_once INCLUDE_PATH . 'includes/ipban.php';

(around line 175)

So it looks like this:

Code:




require_once INCLUDE_PATH . 'includes/ipban.php';


require_once INCLUDE_PATH . 'includes/csrf-magic.php';


if (file_exists(INCLUDE_PATH . 'includes/custom_files/custom_mainfile.php')) {


   include_once INCLUDE_PATH . 'includes/custom_files/custom_mainfile.php';


}

Posted: Mon Mar 28, 2011 4:12 pm

Are you doing csrf checks in custom_mainfile.php?

Posted: Tue Mar 29, 2011 5:15 am

osc2nuke 2.3 beta available for download?

Posted: Tue Mar 29, 2011 10:07 am

Palbin wrote:

Are you doing csrf checks in custom_mainfile.php?

No i changed it in mainfile.php
(so far i readed it should be in top anyway.)

eblis wrote:

osc2nuke 2.3 beta available for download?

No it isnt ,infact i forgot that the last to post/fixes where abouth oscommerce alpha 5
Except for the header changes al other fixes apply aswel to alpha 5.

Posted: Sun May 29, 2011 4:35 am

Is this available at all ?
Is there any working e-commerce available at all for ravennuke that anyone knows of

Thanks Mark

Posted: Mon May 30, 2011 8:37 am

osc2nuke3 can be found here:
[ Only registered users can see links on this board! Get registered or login! ]

Posted: Sun Jun 05, 2011 5:44 pm

[quote="nuken"]osc2nuke3 can be found here:
[ Only registered users can see links on this board! Get registered or login! ]

Loaded this without making any of the above changes.
Things I have found which may have been or may need to be addressed: I will gladly apply changes to test out.

If I logged out of the admin on the RN side, can't log back in...

Cannot create a new user on either side. This error (HTTP 403 Forbidden) means that Internet Explorer was able to connect to the website, but it does not have permission to view the webpage.

worldflags have lower cap names (us.png) but program looks for (US.png)

A bridge like nuken created for phpbb3 is needed or tie the new registration for both together.

Posted: Sun Jun 05, 2011 10:03 pm

I got most of this working by just making the csrf change mentioned above. Was able to create new users on both sides. However, cannot log off as user. Admin logoff and logon work fine. Categories does not collapse.

Posted: Wed Jun 08, 2011 8:20 pm

nuken,

I like that version of osc2nuke. Is it the same one WhitHat is developing? I notice there is a large number of php errors in the error log. How critical is it to address all of these errors? I have noticed problems with adding products with same product name but have different model numbers. I think this is the problem with running off a system generated product id instead of the product number. With these kinds of problems I do not see it ready for production. I will be glad to do testing of changes for the project.

Posted: Thu Jun 09, 2011 12:44 pm

I have finally been able to add items with multiple model numbers. However, when you make a selection based on the varients, the model number does not show. Orders from vendors are often based on the model number which is usually a base plus size and/or color etc. I have not tested through the checkout yet, but it would be best if the appropriate model number printed on the invoice.

Posted: Sun Jun 12, 2011 9:49 pm

I found the php errors were caused by using the varient, without using a varient, to add the model number because the initial "Data" entry form did not allow for entering the "Model Number", "Quanity", "Weight".

On a single item you can enter the amount and status but must then do an edit to add the other fields.

Images - you can load all the images for all the varients using different model numbers, but only one can be displayed.

Categorie display does not collapse.

Posted: Mon Aug 01, 2011 11:19 am

wHiTeHaT wrote:

Unfortunaly i dont have a server anymore to host osc2nuke.

Not? Do you need it? 4 free?

^^

Best Regards

Peter