Webshop Plus! v.2.0 for WWB7

This forum is dedicated to discussions about shopping carts/ecommerce.
Forum rules
PLEASE READ THE FORUM RULES BEFORE YOU POST:
viewtopic.php?f=12&t=1901
jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Mon Nov 22, 2010 10:10 pm

I understand and I do appreciate all you have done.

Thanks!

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Wed Nov 24, 2010 7:00 am

In the "cart" page.

Double click the HTML box that displays the cart, find the reference lines and add the new code after them.
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Fri Nov 26, 2010 5:59 pm

I'm in the final stages of going Live with my webshop2 cart. If I go through an order on my site I finally click the PayPal button and the next page displays "You cannot pay the seller through un-encrypted buttons".

I see my PayPal profile option to "Block Non-encrypted Website Payment:" is set to "On" which is why I'm getting that message. I do realize that it should work if I set this option to 'Off".

PayPal states:
Using encryption enhances the security of website payments by decreasing the possibility that a 3rd party could manipulate the data in your button code. If you plan on only using encrypted buttons you can block payments from non-encrypted ones.

My question is:
Should I be concerned that the PayPal button is not encrypted and can I change it so it is encrypted?

Thank you. And, I love the cart.. it's awesome!

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Fri Nov 26, 2010 6:21 pm

No, you should not be concerned at all, because the thing is really simple: If the payment is not as it should, you simply don't ship the goods.

There COULD BE a concern if you were selling downloadable products and IF your automatic download script didn't perform the necessary verifications before allowing download.
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Fri Nov 26, 2010 6:43 pm

But, can the customers information (name,address,phone number) be 'stolen' if sent via un-encrypted button?

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Fri Nov 26, 2010 6:55 pm

Eveything can be stolen, but it is HIGHLY improbable because comunication with PayPal is through SSL.
Please also note that:

1. Customer details can NOT be sent through an encrypted button created on PayPal's site.
2. Webshop plus sends the customer details to PayPal to avoid the customer needing to re-type them.
If you use an encrypted button, he will have to type his details again.
3. If you don't mind them doing so, simply modify the HTML box code so that the UN-encrypted button of Webshop Plus will not send them anyway.

PayPal's comments on unencrypted buttons do NOT regard the customer details security, but your own, as all product details are stored on PayPal' server (and thus they can not be altered).
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Fri Nov 26, 2010 7:37 pm

Thanks for the detailed explanation on Security. I just wanted to make sure I setup my part as a merchant correctly.

Regarding the Order Number:
In the Scipt Details of the Admin login, I changed the Order Start Number, but the order when placed still shows the default incremented by 1 which started at 100. After reading the entire thread, I also changed the "thankyou.php" start of page code ($order_start = "100";) to what I want, but that didn't change anything. Still shows the incremental by 1 number from 100
-If I can't make this my own order start number it's not the end of the world.

After the PayPal button is clicked, the PayPal page shows the order summary.
The description shows the company name and order number (which looks good).
Below that shows "item number: 111", where 111 is actually the order number. I realize this is PayPal's terminology, but I figured I would ask if you think this can be changed to show the word "order" instead of 'item'. I don't want to confuse the customer.

I'll try not to ask any more question after this :)
Thanks for all your help!!!!

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Fri Nov 26, 2010 8:15 pm

If the Order nr doesn't change, probably the script can't write the order number to the file that keeps the numbering. This is most probably a permissions issue. Normally the file "order_nr.php" should have permissions set to 644, but you can also try 777.

I don't think that there is a way to change the wording in PayPal.
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Fri Nov 26, 2010 8:58 pm

Permissions already set to 644 with the following checked:

Owner- Read and Write is checked (execute unchecked)
Group- Read is checked (write and execute unchecked)
Public- Read is checked (write and execute unchecked)

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Fri Nov 26, 2010 9:03 pm

It should work. If it doesn't, check with your hosting company. However, try also 777.

It might sound weird, but I have met cases where FTP displayed different permissions than the correct ones. If you have CPanel and File Manager, check it through those.
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re:

Post by jeff11214 » Sat Nov 27, 2010 9:56 pm

I just tested out the code below. Only the first name and last name are passed to PayPal. The other fields like Address, City, State and Zip Code do not get passed to PayPal. Any idea why that is? It would be nice if all info is passed to PayPal.
uniformality wrote:I have modified the Paypal button on the 'thank you' page so thatname and address gets passed to paypal so the customer doesnt have to re-enter it. The new code is

<?php
// display PayPal checkout?

$form = '
<form target="PayPal" action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="cmd" value="_ext-enter">
<input type="hidden" name="redirect_cmd" value="_xclick">
<input type="hidden" name="business" value="'.$paypal_email.'">
<input type="hidden" name="item_name" value="'.$dbts_title.' Order '.$orderid.'">
<input type="hidden" name="item_number" value="'.$orderid.'">
<input type="hidden" name="amount" value="'.number_format($_SESSION['nettotal'], 2).'">
<input type="hidden" name="currency_code" value="'.$currency.'">
<input type="hidden" name="shipping" value="'.$_SESSION['shipping1'].'">
<input type="hidden" name="handling" value="'.$_SESSION['handling'].'">
<input type="hidden" name="return" value="'.$paypal_thankyoupage.'">
<input type="hidden" name="cancel_return" value="'.$paypal_cancelpage.'">
<input type="hidden" name="undefined_quantity" value="0">
<input type="hidden" name="receiver_email" value="'.$paypal_email.'">
<input type="hidden" name="no_shipping" value="'.$require_address.'">
<input type="hidden" name="no_note" value="'.$allow_message.'">
<input type="hidden" name="first_name" value="'.$_SESSION['firstname'].'">
<input type="hidden" name="last_name" value="'.$_SESSION['lastname'].'">
<input type="hidden" name="address1" value="'.$_SESSION['address'].'">
<input type="hidden" name="address2" value="'.$_SESSION['address2'].'">
<input type="hidden" name="city" value="'.$_SESSION['city'].'">
<input type="hidden" name="state" value="'.$_SESSION['state'].'">
<input type="hidden" name="zip" value="'.$_SESSION['zip'].'">
<input type="image" name="submit" src="http://images.paypal.com/images/x-click-but6.gif" alt="Make payments with PayPal, it\'s fast, free, and secure!">
</form>
';
echo $form;

?>

I found it better not to pass the email address as Paypal assumes your customer has a paypal account and doesn't dispay the name and address data but here it is incase anyone needs it

<input type="hidden" name="email" value="'.$_SESSION['email'].'">

Regards
Paul

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by Navaldesign » Sat Nov 27, 2010 11:34 pm

It should work (works fine for me).

Have a look at https://www.paypal.com/cgi-bin/webscr?c ... te_outside
www.dbtechnosystems.com

jeff11214
 
 
Posts: 83
Joined: Sat Oct 28, 2006 4:22 pm

Re: Modified version of the WB6 Webshop!! Webshop_plus

Post by jeff11214 » Sun Nov 28, 2010 2:30 pm

It does work for me. I'm having an issue with 1 of my PC's where the cart.php doesn't show in IE8 and when using FF the address wasn't getting passed on. I placed an order from a different PC and eveything is working like it should.

Any idea when you will be posting the update for the Advanced buttons?

Thanks George!

User avatar
wacmaster
 
 
Posts: 13
Joined: Fri Jan 15, 2010 11:49 pm
Location: USA
Contact:

Re: Modified version of the WB Webshop!! Webshop_plus

Post by wacmaster » Thu Dec 23, 2010 5:30 pm

I just tried the demo.
I placed one item in the cart for 29.95
The cart said i had a cart worth 43.94 ...lol

I must have done something wrong.

Image
KEEP ON WEBBUILDING Image
Rod

my blog - Gimp Rocks

User avatar
Navaldesign
 
 
Posts: 1169
Joined: Sat Mar 01, 2008 8:08 pm
Location: Italy
Contact:

Re: Modified version of the WB Webshop!! Webshop_plus

Post by Navaldesign » Thu Dec 23, 2010 11:40 pm

@ wacmaster: if you click on the View Cart, you will see:

Sub Total, €: 29.95
Taxes, €: 5.99
Discount, €: 0.00
Net Total, €: 35.94
Shipping, €: 8.00
Grand Total, €: 43.94

Which explains the amount.

Please note that the cart content appearing like this, is an extra that I have built in the demo but it is NOT included in the script you can download.
www.dbtechnosystems.com

Post Reply

Who is online

Users browsing this forum: No registered users and 1 guest