Live Support phpOnline

[drillsar]

Im having a problem with STS with this, the image works under http not https for some reason

[TracyS]

LOL - Silly me! I needed to make sure to also 777 the files inside the folder - OY! Got it working now!!

 

My only question is - how does another customer service rep know that a chat request has been answered? We found if we have two people logged in to answer requests, and a request comes in, both people can answer it :blink: Shouldn't it show somehow that is has been answered?

 

Ok - found the installation file so now I know that is where those tables came from and that at least that section is correctly connecting to the database. I tried setting file permissions to the entire live_support folder to 777 but still doesn't seem to want to let me keep any changes. Just figured I'd post what I've tried so it may be easier to narrow down what I've missed - LOL :blush:

[TracyS]

Sounds like an issue with your osC configuration settings rather than STS. I have this running with STS and I have no issues on http or https.

 

Im having a problem with STS with this, the image works under http not https for some reason

[TracyS]

I have this file: catalog/includes/boxes/live_support.php

<?php
/*
 phpOnline Infobox, v 1.0 21-APR-2005 by Dayana Networks Ltd.

 Compatible with phpOnline v 1.5 and above

 Copyright 2005 Dayana Networks Ltd.

 osCommerce
 http://www.oscommerce.com/

 Copyright (c) 2000,2005 osCommerce

 Released under the GNU General Public License

*/


//////////// Configuration ///////////////
// Please change these variables

// Full URL to phpOnline Main directory (without trailing slash)

$phpOnline_base_url = "https://www.mountainmeadowherbs.com/live_support";



// Type of Status Indicator: 
//    1 -> Dynamic (Flash Based)     
//    2 -> Statis (image based)
// Note that image based indicator has added on phpOnline 1.5.1

$phponline_status_indicator_type = 2;


//////////////////////////////////////////


?>

<script language="javascript"><!--
function phpOnlinePopupWindow() {
var url = "<?php echo $phpOnline_base_url.'/client.php';?>";
 window.open(url,'popupWindow','toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=no,resizable=no,copyhistory=no,width=550,height=400,screenX=150,screenY=150,top=150,left=150')
}
//--></script>
</head>

<!-- phpOnline Info Box //-->
<tr><td>

<?php 
/* don't need heading
$phponline_info_box = array(); 
$phponline_info_box[] = array('align' => 'left', 
                             'text'  => BOX_HEADING_PHPONLINE 
                            ); 
new infoBoxHeading($phponline_info_box, false, false); 
*/



$phponline_info_box = array(); 
if($phponline_status_indicator_type==1)
{

$phpOnlineFlashIndicator  = '<OBJECT classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000" codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" HEIGHT="60" WIDTH="120" id="status" ALIGN="" border="0">';
$phpOnlineFlashIndicator .= '<param name="base" value="'.$phpOnline_base_url.'/"><PARAM NAME=movie VALUE="'.$phpOnline_base_url.'/status.swf"><PARAM NAME=menu VALUE=false><PARAM NAME=quality VALUE=High> <PARAM NAME=bgcolor VALUE=#ffffff><param name="salign" value="TL"><param name="scale" value="NoBorder">';
$phpOnlineFlashIndicator .= '<EMBED base="'.$phpOnline_base_url.'/" src="'.$phpOnline_base_url.'/status.swf" menu=false quality=High bgcolor=#ffffff  NAME="status" ALIGN="" TYPE="application/x-shockwave-flash" PLUGINSPAGE="https://www.macromedia.com/go/getflashplayer" salign="TL" width="120" height="60" scale="NoBorder"></EMBED></OBJECT>';

$phponline_info_box[] = array('align' => 'center', 
       	                      'text'  => $phpOnlineFlashIndicator
                                    );

}
if($phponline_status_indicator_type==2)
{
$phponline_info_box[] = array('align' => 'center', 
                                     'text'  => '<a href="javascript:phpOnlinePopupWindow()">' . tep_image($phpOnline_base_url.'/statusimage.php' , BOX_INFORMATION_PHPONLINE ).  '</a><br>'
                                    );
}


new infoBox($phponline_info_box);

?>
</td></tr>
<!-- card_eof //-->

 

and then in my catalog/includes/modules/sts_inc/sts_user_code.php I have this line:

//BEGIN Live Support Chat
$sts->start_capture();
require(DIR_WS_BOXES.'live_support.php');
$sts->stop_capture('LiveSupport');
//END Live Support Chat

 

And on my template, wherever I want the chat to appear, I use $LiveSupport to call it.

 

hope that helps.

 

Hi,

I was woundering if there is a solution for the people who use STS and this contribution?

One user allready found one, but didn't shared his solution. He mentioned to put the javascript code in an external file.

Anyone an idea on how to do this?

 

thanx

[jfkafka]

anybody in here? Scott?

 

Ran a virus scan and it mentioned an eval 64 "threat", namely,

Possible Infection: /public_html/live_support/rcq.php (Known automated hack <=> eval(base64_decode ) on line: 345

 

which refers to:

$CRP = "ZnVuY3Rpb24gR2V0TGljZW5zZSgpIHsgZ2xvYmFsICRDT05GOyBnbG9iYWwgJERCSG9zdDsgZ2xvYmFsICREQlVzZXJuYW1lOyBnbG9iYWwgJERCUGFzc3dvcmQ7IGdsb2JhbCAkREJEYXRhYmFzZTsgJElTTiA9ICcnOyAkSVNOUEIgPSAwOyAkVExUaW1lID0gZGF0ZSgiVSIpOyBpZihzdHJsZW4oJENPTkZbJ2NvbmZfTGljZW5zZSddKT09NjQpIHsgJENPTkZbJ2NvbmZfTGljZW5zZVQnXSA9ICRDT05GWydjb25mX0xpY2Vuc2VUJ10qMTsgaWYoJENPTkZbJ2NvbmZfTGljZW5zZVYnXT09MSAmJiAkQ09ORlsnY29uZl9MaWNlbnNlVCddPigkVExUaW1lLSgyNCozNjAwKSkgJiYgJENPTkZbJ2NvbmZfTGljZW5zZVQnXSA8ICgkVExUaW1lKyg2MCkpICkgeyBsaXN0KCRJU04sJElTTlBCKSA9IGV4cGxvZGUoIjoiLGJhc2U2NF9kZWNvZGUoc3RycmV2KCRDT05GWydjb25mX0xpY2Vuc2VEJ10pKSk7ICRJU04gPSBiYXNlNjRfZGVjb2RlKHN0cnJldigkSVNOKSk7IAkkSVNOUEIgPSBiYXNlNjRfZGVjb2RlKHN0cnJldigkSVNOUEIpKTsgfSBlbHNlIHsJaWYoZmlsZV9leGlzdHMoJ2xpY2Vuc2UudHh0JykpIAl7CSRMQ1JGID0gaW1wbG9kZSgiIixmaWxlKCdsaWNlbnNlLnR4dCcpKTsJJExDUkYgPSBzdHJfcmVwbGFjZShhcnJheSgiXG4iLCJcciIsIlxzIiwiICIpLGFycmF5KCcnLCcnLCcnLCcnKSwkTENSRik7ICRMQ1JGID0gc3RyX3JlcGxhY2UoYXJyYXkoJy0tLS0tUEhQT05MSU5FLUxJQ0VOU0UtU1RBUlQtLS0tLScsJy0tLS0tUEhQT05MSU5FLUxJQ0VOU0UtRU5ELS0tLS0nKSxhcnJheSgnWycsJ10nKSwkTENSRik7DQpwcmVnX21hdGNoKCIvLipcWyguKilcXS4qLyIsICRMQ1JGLCAkTENSRl9tYXRjaGVzKTsgJExDUkYgPSAkTENSRl9tYXRjaGVzWzFdO2ZvcigkaT0wOyRpPDU7JGkrKyl7JExDUkYgPSBiYXNlNjRfZGVjb2RlKCRMQ1JGKTt9JExDUkYgPSBzdHJyZXYoJExDUkYpO2ZvcigkaT0wOyRpPDU7JGkrKyl7JExDUkYgPSBiYXNlNjRfZGVjb2RlKCRMQ1JGKTt9JExDUiA9ICRMQ1JGO31lbHNleyRMQ1IgPSBpbXBsb2RlKCIiLGZpbGUoImh0dHA6Ly9waHBvbmxpbmUuZGF5YW5haG9zdC5jb20vbGljZW5zZS5waHA/bGM9Ii4kQ09ORlsnY29uZl9MaWNlbnNlJ10pKTsgfSRMQ1JBID0gZXhwbG9kZSgiOjoiLCRMQ1IpOyANCmlmKGNvdW50KCRMQ1JBKT09OSl7aWYoJExDUkFbMV09PTEpeyRJU04gPSAkTENSQVszXTsgJElTTlBCID0gJExDUkFbMl07fX0gJENPTkZfTGljZW5zZUQgPSBzdHJyZXYoYmFzZTY0X2VuY29kZShzdHJyZXYoYmFzZTY0X2VuY29kZSgkSVNOKSkuIjoiLnN0cnJldihiYXNlNjRfZW5jb2RlKCRJU05QQikpKSk7IA0KJGRiaD1teXNxbF9jb25uZWN0KCREQkhvc3QsICREQlVzZXJuYW1lLCAkREJQYXNzd29yZCx0cnVlKSBvciBkaWUgKCdyZXM9MCcpO215c3FsX3NlbGVjdF9kYigkREJEYXRhYmFzZSwkZGJoKTtteXNxbF9xdWVyeSgiREVMRVRFIGZyb20gYnZhcnMgd2hlcmUgYm5hbWU9XCJjb25mX0xpY2Vuc2VEXCIgT1IgYm5hbWU9XCJjb25mX0xpY2Vuc2VUXCIgT1IgYm5hbWU9XCJjb25mX0xpY2Vuc2VWXCIgIiwkZGJoKTtteXNxbF9xdWVyeSgiSU5TRVJUIElOVE8gYnZhcnMgVkFMVUVTKFwiY29uZl9MaWNlbnNlRFwiLFwiJENPTkZfTGljZW5zZURcIikgIiwkZGJoKTsgbXlzcWxfcXVlcnkoIklOU0VSVCBJTlRPIGJ2YXJzIFZBTFVFUyhcImNvbmZfTGljZW5zZVRcIixcIiRUTFRpbWVcIikgIiwkZGJoKTsgbXlzcWxfcXVlcnkoIklOU0VSVCBJTlRPIGJ2YXJzIFZBTFVFUyhcImNvbmZfTGljZW5zZVZcIixcIjFcIikgIiwkZGJoKTsgbXlzcWxfY2xvc2UoJGRiaCk7IH0gfSByZXR1cm4oYXJyYXkoJElTTiwkSVNOUEIpKTsgfSBmdW5jdGlvbiBJc0xpY2Vuc2VkKCkgeyBsaXN0KCRJU04sJElTTlBCKSA9IEdldExpY2Vuc2UoKTsgaWYoJElTTlBCPjApIHJldHVybiB0cnVlOyBlbHNlIHJldHVybiBmYWxzZTsgfQ==";

eval(base64_decode($CRP));

 

which when decoded is rendered:

function GetLicense() {

global $CONF; global $DBHost; global $DBUsername; global $DBPassword; global $DBDatabase;

$ISN = ''; $ISNPB = 0; $TLTime = date("U");

 

if(strlen($CONF['conf_License'])==64) {

$CONF['conf_LicenseT'] = $CONF['conf_LicenseT']*1;

 

if($CONF['conf_LicenseV']==1 && $CONF['conf_LicenseT']>($TLTime-(24*3600))

&& $CONF['conf_LicenseT'] < ($TLTime+(60)) ) {

list($ISN,$ISNPB) = explode(":",base64_decode(strrev($CONF['conf_LicenseD'])));

$ISN = base64_decode(strrev($ISN));

$ISNPB = base64_decode(strrev($ISNPB));

} else {

if(file_exists('license.txt')) {

$LCRF = implode("",file('license.txt'));

$LCRF = str_replace(array("\n","\r","\s"," "),array('','','',''),$LCRF);

$LCRF = str_replace(array('-----PHPONLINE-LICENSE-START-----','-----PHPONLINE-LICENSE-END-----'),array('[',']'),$LCRF);

preg_match("/.*\[(.*)\].*/", $LCRF, $LCRF_matches);

$LCRF = $LCRF_matches[1];for($i=0;$i<5;$i++){$LCRF = base64_decode($LCRF);}$LCRF = strrev($LCRF);

for($i=0;$i<5;$i++){$LCRF = base64_decode($LCRF);}$LCR = $LCRF;

}else{

$LCR = implode("",file("http://phponline.dayanahost.com/license.php?lc=".$CONF['conf_License'])); }$LCRA = explode("::",$LCR);

if(count($LCRA)==9){

if($LCRA[1]==1){

$ISN = $LCRA[3];

$ISNPB = $LCRA[2];}} $CONF_LicenseD = strrev(base64_encode(strrev(base64_encode($ISN)).":".strrev(base64_encode($ISNPB))));

$dbh=mysql_connect($DBHost, $DBUsername, $DBPassword,true) or die ('res=0');

mysql_select_db($DBDatabase,$dbh);

mysql_query("DELETE from bvars where bname=\"conf_LicenseD\" OR bname=\"conf_LicenseT\" OR bname=\"conf_LicenseV\" ",$dbh);

mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseD\",\"$CONF_LicenseD\") ",$dbh);

mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseT\",\"$TLTime\") ",$dbh);

mysql_query("INSERT INTO bvars VALUES(\"conf_LicenseV\",\"1\") ",$dbh); mysql_close($dbh); } }

return(array($ISN,$ISNPB)); }

function IsLicensed() {

list($ISN,$ISNPB) = GetLicense();

if($ISNPB>0) return true; else return false; }

 

It looks like it may belong, but rather than assume,

 

anyone know if it's bogus?

and why it is scrambled to begin with?

Why not just write the function straight out?

 

Thanks for any enlightenment,

jk