Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

That's It.... I give up


Nor-Cal

Recommended Posts

I've searched and searched all over the support boards, google and hosting tech support.

Nobody seems to know what the problem is so I give up.

 

I have read many posts and 99% of them are unaswered here in the forum.

The orders are not showing in the admin. This creates a huge problem

for those who have attributes on their items. Such as 2checkout.com does

not send the info you need to know when someone orders a certain size, color,

etc. I see tons of questions mainly for those who have the same problem with

paypal, but nothing with 2checkout. My guess is it's the same problem no matter

what payment method you use. It's just not being written to the database.

 

Thank you to those who have helped with the tech support thus far but this

is the last step that I absolutely need and there seems to be no answer.

Link to comment
Share on other sites

I am not sure what the previous conversations have covered but perhaps its an issue of the callback. I know for example that the Suhosin mod that some web hosts have installed, limited the length of the request string. Check phpinfo(); to see if the suhosin mod is installed. If so look for the bytes length of suhosin.get.max_value_length.

 

Some hosts set this to suhosin.get.max_value_length = 512 which is too short for a callback URL length which can be up to 2000 bytes in length.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

I've searched and searched all over the support boards, google and hosting tech support.

Nobody seems to know what the problem is so I give up.

 

I have read many posts and 99% of them are unaswered here in the forum.

The orders are not showing in the admin. This creates a huge problem

for those who have attributes on their items. Such as 2checkout.com does

not send the info you need to know when someone orders a certain size, color,

etc. I see tons of questions mainly for those who have the same problem with

paypal, but nothing with 2checkout. My guess is it's the same problem no matter

what payment method you use. It's just not being written to the database.

 

Thank you to those who have helped with the tech support thus far but this

is the last step that I absolutely need and there seems to be no answer.

 

 

1 - try an alternativ 2checkout payment module

 

and/or use

 

2 - Order lgging before payment processing

 

or

 

3 - Held Orders v1b

 

or

 

4 - More Logical Checkout v1.0

Link to comment
Share on other sites

I've searched and searched all over the support boards, google and hosting tech support.

Nobody seems to know what the problem is so I give up.

 

I have read many posts and 99% of them are unaswered here in the forum.

The orders are not showing in the admin. This creates a huge problem

for those who have attributes on their items. Such as 2checkout.com does

not send the info you need to know when someone orders a certain size, color,

etc. I see tons of questions mainly for those who have the same problem with

paypal, but nothing with 2checkout. My guess is it's the same problem no matter

what payment method you use. It's just not being written to the database.

 

Thank you to those who have helped with the tech support thus far but this

is the last step that I absolutely need and there seems to be no answer.

 

unrelated :/ but I feel your pain. It's so hard to find/get help for osCommerce if there is a problem.

 

I hope that you manage to resolve the problem :/

good luck ^^;

Link to comment
Share on other sites

When you get posts such as this it's easy to understand why a "certain" post receives no answer.

 

You just have to remember this forum members' are all like yourselves, store keepers using osCommerce, they can only give an answer to what they, themselves, have experienced, and if none or few have had the problem or if they, like yourselves have experienced the problem, have not got an answer, but have then gone off, found the answer but then said "sod that forum, it didn't help me - why should I help it?" then the answer won't appear here.

 

In answer to the OPs query, Answers to why orders are not showing in the admin have been posted here multiple times - the questions may not be for 2.3 or 2CO but the answers would be similar

 

osC gets the blame for a lot of peoples shortcomings - If you think that osC is your problem then go and buy into a cart and see how you get on with that...

 

I understand that people that paid between £5-10k for a store and hosting and maintenance have just had the plug pulled on them - no store or host and no money back because this company put itself into voluntary liquidation. At least I know with osC (and non-reseller hosting) that can't happen to me

My store is currently running Phoenix 1.0.3.0

I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 )

I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary

Link to comment
Share on other sites

In general when it is not a widespread issue, where only a few are experiencing the problem, its often the server configuration their websites are on, or a mistake they have made themselves in configuring the site.

 

The first place to check is with your own htaccess files in the root directory and in the includes directories to make sure they are not blocking 3rd party sites from talking to php files.

 

The next step is to check the server configuration your website is on.

 

With the advent of widespread attacks being launched through vulnerable portals like Oscommerce 2.2.x and earlier, many web hosts have installed all sorts of mods to try and fix this problem as much as they can without interferring with the majority of the sites they host.

 

One method they use is to change the method of configurations to localize attacks to just the affected webfolder. You find this configuration most in use on shared webhosts. Other ways they have reacted are to install quasi-firewall systems like modsecurity2 and PHP hardening systems like Suhosin.

 

One thing all 3rd party credit card processors depend on is returning a long query back to your server.

 

Some of these new additions to shared host servers restrict the length of that request string, therefore they will break the way these 3rd party credit card systems report back to your oscommerce site to tell the site that the order was susccessful (or not).

 

The result is that your credit card system has the successful payment, but there is no reference to this in your onsite orders in the database because the callback got dropped.

 

So again, its best people check the phpinfo() of the webhosting their site is on, that means if your admin section does not offer a phpinfo feature, you need to create a file called whatever.php and putting this code in it and upload to your website directory.

 

<?php
phpinfo();
?>

 

Navigate to the file and in particular look to see if your webhost has installed the Suhosin mod. Look for:

 

suhosin.get.max_value_length = "512"

 

If the value is less than say 2048 (the default for suhosin is 512) then it will most probably break the callbacks which means a successful order will not be written into the database for most 3rd party payment systems.

 

Many shared webhosts and some others installed Suhosin shortly after the PHP floating point denial of service bug became public knowledge earlier this year. I have found the default setting of 512 to be the cause of a few sites I have had to deal with suddenly having this callback issue.

 

If this is the case, the solution is not an easy one as most webhosts are either resellers of another service, so therefore cannot actually make any real changes to server configurations, or are just going to refuse to change the default settings of the Suhosin configuration just to suit one of their users.

 

If you are lucky, your webhost might allow you to set a localized setting in your htaccess like

php_value suhosin.get.max_value_length 2048

But none of the hosts I have had to deal with on this issue will allow this and the sites had to be moved to a server that did.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

After sending the host to this thread, this is what they said:

 

Well, I have checked and found that the problem is not caused from the server. We suggest you to kindly get in contact with Oscommerce support forum as they will be able to assist you better in this regards.

 

You can check all the server configuration via your control panel >> Account >> Informations >> There you will find an option as PHPInfo.

 

Customer    xxxx
Account Path:    /home145/sub033/xxxxxx-CWRU
Cluster:    c66
Perl Path:    /usr/bin/perl
Ruby Path:    /usr/bin/ruby
Rails Path:    /usr/bin/rails
Python Path:    /usr/bin/python
ImageMagick    /usr/bin/animate
/usr/bin/compare
/usr/bin/composite
/usr/bin/conjure
/usr/bin/convert
/usr/bin/identify
/usr/bin/mogrify
/usr/bin/montage
/usr/bin/stream


System 	Linux node3 2.100.3-1-amd64-grsec #1 SMP Mon Oct 20 22:41:19 CEST 2008 x86_64
Build Date 	Mar 29 2009 15:03:48
Configure Command 	'../configure' '--with-apxs2=/usr/bin/apxs2' '--with-config-file-path=/imports/config/php5-mod_php' '--disable-cli' '--prefix=/usr' '--with-exec-dir=/usr/lib/php5/libexec' '--mandir=/usr/share/man' '--with-pear=/usr/share/php' '--with-layout=GNU' '--enable-maintainer-zts' '--enable-memory-limit' '--disable-debug' '--with-pic' '--with-bz2' '--enable-zip' '--with-openssl' '--with-dom' '--with-iconv' '--with-curl' '--with-mysql' '--without-ldap' '--enable-mbstring' '--with-xml' '--enable-track-vars' '--enable-exif' '--with-jpeg-dir' '--with-zlib' '--with-zlib-dir' '--with-png-dir' '--with-gd' '--with-gettext' '--with-freetype' '--with-freetype-dir=/usr/lib' '--enable-gd-native-ttf' '--enable-gd-jis-conv' '--with-mhash' '--enable-ftp' '--with-pspell' '--with-mysqli' '--with-imap' '--with-imap-ssl' '--with-libxml' '--with-xsl' '--with-mcrypt' '--enable-bcmath' '--with-mime-magic' '--enable-calendar' '--with-pdo-mysql' '--enable-sockets' '--enable-soap' '--with-tidy' '--with-kerberos' '--with-config-file-scan-dir=/etc/php5.d' '--disable-cgi'
Server API 	Apache 2.0 Handler
Virtual Directory Support 	enabled
Configuration File (php.ini) Path 	/imports/config/php5-mod_php
Loaded Configuration File 	/imports/config/php5-mod_php/php.ini
Scan this dir for additional .ini files 	/etc/php5.d
additional .ini files parsed 	/etc/php5.d/browscap.ini, /etc/php5.d/eaccelerator.ini, /etc/php5.d/ioncube_loader.ini, /etc/php5.d/php_shield.ini, /etc/php5.d/source_guardian.ini, /etc/php5.d/zendOptimizer.ini
PHP API 	2xxxxx5
PHP Extension 	2xxxxxx3
Zend Extension 	2xxxxxx9
Debug Build 	no
Thread Safety 	enabled
Zend Memory Manager 	enabled
IPv6 Support 	enabled
Registered PHP Streams 	zip, php, file, data, http, ftp, compress.bzip2, compress.zlib, https, ftps
Registered Stream Socket Transports 	tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
Registered Stream Filters 	string.rot13, string.toupper, string.tolower, string.strip_tags, convert.*, consumed, convert.iconv.*, bzip2.*, zlib.*

This program makes use of the Zend Scripting Language Engine:
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies
   with eAccelerator v0.9.5.3, Copyright (c) 2004-2006 eAccelerator, by eAccelerator
   with the ionCube PHP Loader v3.1.33, Copyright (c) 2002-2007, by ionCube Ltd., and
   with Zend Optimizer v3.3.3, Copyright (c) 1998-2007, by Zend Technologies

PHP Core
Directive	Local Value	Master Value
allow_call_time_pass_reference	On	On
allow_url_fopen	On	On
allow_url_include	Off	Off
always_populate_raw_post_data	Off	Off
arg_separator.input	&	&
arg_separator.output	&	&
asp_tags	Off	Off
auto_append_file	no value	no value
auto_globals_jit	On	On
auto_prepend_file	no value	no value
browscap	browscap-data.ini	browscap-data.ini
default_charset	no value	no value
default_mimetype	text/html	text/html
define_syslog_variables	Off	Off
disable_classes	no value	no value
disable_functions	no value	no value
display_errors	On	On
display_startup_errors	Off	Off
doc_root	no value	no value
docref_ext	no value	no value
docref_root	no value	no value
enable_dl	Off	Off
error_append_string	no value	no value
error_log	no value	no value
error_prepend_string	no value	no value
error_reporting	6135	6135
expose_php	Off	Off
extension_dir	/usr/lib/php5/ext/	/usr/lib/php5/ext/
file_uploads	On	On
highlight.bg	#FFFFFF	#FFFFFF
highlight.comment	#FF8000	#FF8000
highlight.default	#0000BB	#0000BB
highlight.html	#000000	#000000
highlight.keyword	#007700	#007700
highlight.string	#DD0000	#DD0000
html_errors	On	On
ignore_repeated_errors	Off	Off
ignore_repeated_source	Off	Off
ignore_user_abort	Off	Off
implicit_flush	Off	Off
include_path	.:/usr/share/php5/	.:/usr/share/php5/
log_errors	Off	Off
log_errors_max_len	1024	1024
magic_quotes_gpc	On	On
magic_quotes_runtime	Off	Off
magic_quotes_sybase	Off	Off
mail.force_extra_parameters	no value	no value
max_execution_time	40	40
max_input_nesting_level	64	64
max_input_time	-1	-1
memory_limit	32M	32M
open_basedir	no value	no value
output_buffering	no value	no value
output_handler	no value	no value
post_max_size	8M	8M
precision	12	12
realpath_cache_size	16K	16K
realpath_cache_ttl	120	120
register_argc_argv	Off	Off
register_globals	Off	Off
register_long_arrays	On	On
report_memleaks	On	On
report_zend_debug	On	On
safe_mode	On	On
safe_mode_exec_dir	/usr/bin/	/usr/bin/
safe_mode_gid	On	On
safe_mode_include_dir	/usr/lib/php5/	/usr/lib/php5/
sendmail_from	no value	no value
sendmail_path		
serialize_precision	100	100
short_open_tag	On	On
SMTP	localhost	localhost
smtp_port	25	25
sql.safe_mode	Off	Off
track_errors	Off	Off
unserialize_callback_func	no value	no value
upload_max_filesize	10M	10M
upload_tmp_dir	/shared/upload_tmp	/shared/upload_tmp
user_dir	no value	no value
variables_order	EGPCS	EGPCS
xmlrpc_error_number	0	0
xmlrpc_errors	Off	Off
y2k_compliance	On	On
zend.ze1_compatibility_mode	Off	Off


 

and a ton of other info I don't understand. So it's not the host... something in the script then?

Link to comment
Share on other sites

I've searched and searched all over the support boards, google and hosting tech support.

Nobody seems to know what the problem is so I give up.

 

I have read many posts and 99% of them are unaswered here in the forum.

The orders are not showing in the admin. This creates a huge problem

for those who have attributes on their items. Such as 2checkout.com does

not send the info you need to know when someone orders a certain size, color,

etc. I see tons of questions mainly for those who have the same problem with

paypal, but nothing with 2checkout. My guess is it's the same problem no matter

what payment method you use. It's just not being written to the database.

 

Thank you to those who have helped with the tech support thus far but this

is the last step that I absolutely need and there seems to be no answer.

 

Orders might not be showing for the following reasons I can think of:

 

1. Your payment module isn't working correctly, try another maybe

2. Something is wrong with your checkout_process.php file (which could be related to step 1).

 

Are you getting payments for your orders, and they simply are not being recorded into the database?

Is your shop sending emails with the correct order info to your customers?

What payment module are you using, maybe reinstall it?

 

If you place an order, you get sent to 2checkout to complete payment?

Then is 2checkout directing the customer back to your site? If not, and your payment module isn't recording the order before leaving to 2checkout, then how will your shop be able to record it if 2checkout is sending this information back to your site?

 

Let me know, I can try to help you out. If you can send me a link to the 2checkout module you are using, and I can take a look at the code. I'm not too familiar with 2checkout, but I can give it shot.

 

There is also a certified version for 2Checkout:

 

http://addons.oscommerce.com/category?search=2checkout

 

 

 

Maybe you need: http://addons.oscommerce.com/info/871

Link to comment
Share on other sites

and a ton of other info I don't understand. So it's not the host... something in the script then?

 

>>>>>and a ton of other info I don't understand<<<<

 

In order to properly bug track your issue you have to trace it out from the source rather than the stab in the dark approach which sometimes works, but can be more of a headache in the long run.

 

So your third party CC service is sending your site back a long string, and in that string is a code which decodes to information that is parsed into your database to be stored as a successful order.

 

So the first port of call is to look at what the server will allow as a callback. In this case, the first thing you need to eliminate is whether or not there are restrictions on the size of the information a 3rd party site can send to your site...

 

So in that ton of other info, scroll down and have a look for the following:

 

hrh54o.jpg

 

If that is not there, then we can safely move on to the next part which is your htaccess, in particular whats in the includes/.htaccess if anything at all.

 

From there we need to look at other 3rd party plugins which control inputs etc etc. For instance there are some addons that try to ban base64 encoded information because many viruses are distributed in that encoding, yet some of the callbacks from some providers are also using base64, so there is a chance an addon could also be the problem.

 

But its best to start from the beginning and work your way through. That begins with the server configuration. When you are sure there is no mention of Suhosin, then its on to the next bit.

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

no mention of subhosin

.htacess from includes

 

# $Id$
#
# This is used with Apache WebServers
# The following blocks direct HTTP requests in this directory recursively
#
# For this to work, you must include the parameter 'Limit' to the AllowOverride configuration
#
# Example:
#
#<Directory "/usr/local/apache/htdocs">
#  AllowOverride Limit
#
# 'All' with also work. (This configuration is in your apache/conf/httpd.conf file)
#
# This does not affect PHP include/require functions
#
# Example: http://server/catalog/includes/application_top.php will not work

<Files *.php>
Order Deny,Allow
Deny from all
</Files>

 

wondering if the address: 
http://server/catalog/includes/application_top.php
because the path to the store is different
http://server/store/includes/application_top.php

 

I have no other contributions installed. It's basicly straight out

of the box from the download with the themeroller used to change

the look.

 

The 2checkout module I was informed to install was from 2checkout support

directly which was this one: http://www.oscommerce.com/community/contributions,5343

Link to comment
Share on other sites

Actually I just had a reread of your first post. It seems i have gotten your query mixed up with a couple of others I have been working through via email. Assuming it was the same problem, sorry about that. What you are saying is that because you use a 3rd party processor, the added details from attributes are not being sent through or through and back to your site with the order? But the order itself is coming through ok back to your server and registering in the database ok? Have I got that right so far?

- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Link to comment
Share on other sites

If i read your question right.. let me explain again what's happening.

 

If I set my payment module to checks or money orders, run a test sale, picking a item with attributes such as different sizes and color, the order goes through

and does post to the admin/customers/order giving the details item name, size and color

 

If I run it through the 2checkout, given the test credit card number and everything set to demo, it does not show any order was even made in the admin/customers/order or anywhere else for that matter.

 

The correct emails are being sent from 2checkout and osC

Link to comment
Share on other sites

no mention of subhosin

.htacess from includes

 

# $Id$
#
# This is used with Apache WebServers
# The following blocks direct HTTP requests in this directory recursively
#
# For this to work, you must include the parameter 'Limit' to the AllowOverride configuration
#
# Example:
#
#<Directory "/usr/local/apache/htdocs">
#  AllowOverride Limit
#
# 'All' with also work. (This configuration is in your apache/conf/httpd.conf file)
#
# This does not affect PHP include/require functions
#
# Example: http://server/catalog/includes/application_top.php will not work

<Files *.php>
Order Deny,Allow
Deny from all
</Files>

 

 

 

Is this .htaccess in catalog/includes or catalog/admin/includes?

 

If it is in catalog/includes remove it as it is not suppose to be there

 

 

You're using 2.3 I believe, is there a reason why you haven't installed the 2checkout that comes with 2.3?

My store is currently running Phoenix 1.0.3.0

I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 )

I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary

Link to comment
Share on other sites

Is this .htaccess in catalog/includes or catalog/admin/includes?

 

If it is in catalog/includes remove it as it is not suppose to be there

 

You're using 2.3 I believe, is there a reason why you haven't installed the 2checkout that comes with 2.3?

 

 

I'm sorry I made a mistake - there is that .htaccess file in catalog/includes you could try disabling it to see if it makes a difference but I would certainly try the built in 2checkout first

 

If it does work on disablement then this post might help to solve your problem

My store is currently running Phoenix 1.0.3.0

I'm currently working on 1.0.7.2 and hope to get it live before 1.0.8.0 arrives (maybe 🙄 )

I used to have a list of add-ons here but I've found that with the ones that supporters of Phoenix get any other add-ons are not really neccessary

Link to comment
Share on other sites

The one that came with the download 2.3.1 never worked in the first place and according

to the support at 2checkout, he sent me the addon for the 2co that I'm using. They have

running, working osC on their computers. He mentioned he had problems with the original

2co module.

Link to comment
Share on other sites

I did a completely fresh install into another directory. Set up the info

needed to run a test using 2checkout. It runs though the entire process

perfectly but still no order information under customer/order nor does it

show anything under order history for my account I signed up for to purchase

an item.

 

There has got to be a reason for this. It's not the host according

to my above post about the database info posted.

 

I tried removing the .htaccess files and made the changes that were

mention. Still the same problem. Unless, test orders don't show and

only real orders do. If this is the case... that would be crazy, taking

the chance that someone would order something and having to contact them

to find out exactly what they ordered.

 

Any other ideas?

Link to comment
Share on other sites

I did a completely fresh install into another directory. Set up the info

needed to run a test using 2checkout. It runs though the entire process

perfectly but still no order information under customer/order nor does it

show anything under order history for my account I signed up for to purchase

an item.

 

There has got to be a reason for this. It's not the host according

to my above post about the database info posted.

 

I tried removing the .htaccess files and made the changes that were

mention. Still the same problem. Unless, test orders don't show and

only real orders do. If this is the case... that would be crazy, taking

the chance that someone would order something and having to contact them

to find out exactly what they ordered.

 

Any other ideas?

 

 

see my post higher up and you will see 4 different solutions to choose from and try.

Link to comment
Share on other sites

Thanks toyicebear... i'll check that tomorrow morning. Keeping my fingers crossed.

 

toyicebear....

 

Well those contributions didn't work either.

I sent another support ticket to the webhost asking to

see if anything was even being written to the database.

 

Haven't heard back from them yet. I'm almost betting

it has something to do with the host. What else could it be.

 

 

If you think of anything else that might cause this, please feel free

to make suggestions.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...