keviny Posted November 21, 2006 Posted November 21, 2006 I have a short time to comply with the PCI standards and unfortunately we can not comply with versions of php older then 5.1.0. I looked at your roadmap for osc 3 which I think will play nicely with php5 but its not done yet. I hear Zen Cart will work with php5, what are my options? Is osc 3 close enough for me to fix some code and use it in production? If so where can I download it. ~ Thanks For those that don't know what pci is below is a blurb with a link. *******BLURB******* To maintain compliance with the PCI (Payment Card Industry) Data Security Standard (Visa/CISP, MasterCard/SDP, American Express/DSS, and Discover Card/DISC), and to avoid being vulnerable to hackers and PCI fines you need to renew your Site Certification. Those who do not maintain compliance are subject to PCI fines as described on Visa's website at: www.visa.com/cisp Also if anyone knows more about PCI, please let me know if this is BS from the credit card industry or if it holds water. I do know security is crucial therefor I choose to do it regardless, but I know many sites running osc and other e-commerce apps will not pass these tests.
♥Vger Posted November 22, 2006 Posted November 22, 2006 It's a problem if you store credit card details, and that has little to do with osCommerce. If you do store card details in the database then the database must be on a separate server to the website, used only for that purpose, and you have to undergo a security audit of your site every 12 months. Vger
keviny Posted November 22, 2006 Author Posted November 22, 2006 According to the visa website you are incorrect, or is the visa site? "How CISP compliance works CISP compliance is required of all merchants and service providers that store, process, or transmit Visa cardholder data. " http://usa.visa.com/business/accepting_vis...l?ep=v_sym_cisp I would think the statement would have been 'store, process and transmit' If you are certain can you please send me a link explaining the details as you understand them. Thanks Kevin
keviny Posted November 23, 2006 Author Posted November 23, 2006 Beuler -- Just wanting to get my post up where someone new will see it.
keviny Posted November 28, 2006 Author Posted November 28, 2006 The good news is that it was not hard to get osc to work on php5, for some reason I was under the impression it would not work. Great News. To anyone using an osx box for a test or dev, some tips that may help. 1) register_long_arrays = On (php.ini or .htaccess) so things like $HTTP_GET_VARS will work 2) to get the cookies to work with force cookie on: (assuming you do not have domain names set up properly) 2a) define('HTTP_COOKIE_DOMAIN', ''); should be left blank not set to localhost as I first did 2b) define('HTTP_COOKIE_PATH', '/'); should be set to '/' or '/catalog' however you have it setup ex: setcookie('cookie_test', 'please_accept_for_sessionx', time()+60*60*24*30, '/', 'localhost'); will not work setcookie('cookie_test', 'please_accept_for_sessionx', time()+60*60*24*30, '/', ''); will work I am still waiting to see a response on from 2 posts ago though. I am really curious. Thanks Kevin
rgo Posted January 31, 2007 Posted January 31, 2007 YOU ROCK MY FREACKING WORLD........ I have tried every thing to get osCommerce up and running on an apache server windows platform for testing purposes but every time I tried adding a product to my shopping cart it would say it was empty. I could not log in as a user either but by setting define('HTTP_COOKIE_DOMAIN', ''); and define('HTTP_COOKIE_PATH', '/'); everything worked fine.... thanks for the bit of information..... Rg
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.