So you are using the Paypal Website Payments Pro (WPP) Payment Module found here
http://creloaded.org/extensions/Payment-Modules/Paypal-Website-Payments-Pro-(WPP)-Payment-Module/details.html
but you hate the way it plasters paypal stuff all over.. here is a fix
To remove the paypal image
includes/modules/payment/paypal_wpp.php
line 116 lists the title and the paypal image
$module_str = MODULE_PAYMENT_PAYPAL_WPP_TEXT_TITLE . 'bunchofspaces<img src="' . MODULE_PAYMENT_PAYPAL_EC_MARK_IMG . '" />';
change it to
$module_str = MODULE_PAYMENT_PAYPAL_WPP_TEXT_TITLE;
the title is defined in includes/languages/english/modules/payment/paypal_wpp.php
line 14
define('MODULE_PAYMENT_PAYPAL_WPP_TEXT_TITLE', 'PayPal Credit Card');
Posted in CRE Loaded Tips | No Comments »
We see it all the time.. slow loading CRE Loaded stores.. here are a few pieces of code that should speed up your site BIG TIME!
In your root .htaccess file add this at the bottom (if you get a 500 internal server error, remove it as your host does not support it)
<IfModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file \.(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text\.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image\.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</IfModule>
#cache html and htm files for one day
<FilesMatch ".(html|htm)$">
Header set Cache-Control "max-age=43200"
</FilesMatch>
#cache css, javascript and text files for one week
<FilesMatch ".(js|css|txt)$">
Header set Cache-Control "max-age=604800"
</FilesMatch>
#cache flash and images for one month
<FilesMatch ".(flv|swf|ico|gif|jpg|jpeg|png)$">
Header set Cache-Control "max-age=2592000"
</FilesMatch>
#disable cache for script files
<FilesMatch "\.(pl|php|cgi|spl|scgi|fcgi)$">
Header unset Cache-Control
</FilesMatch>
Posted in CRE Loaded Tips | No Comments »
Zones are simple once one understands the process of setting them up correctly
We will start with setting up a sales tax for our pretend location in Texas
admin – locations/Taxes
tax zones (used for more than just taxes)
if you have something listed here ie TX
then we can just edit it.. or
set up a new one
(insert)
name it Texas
now click the details button
Here is where we set the zone Texas itself
(insert)
From the country drop down, select United States
from the sub drop down, select Texas
(insert)
Now we have just the state of texas set up.. now to make it a tax collected zone
admin – locations/taxes – tax rates
New tax rate (if you don’t already have one set up)
Taxable goods from your class drop down
Zone drop down Texas
insert the rate and description..
Then hit the insert button
Now for this to work on just orders from Texas, you have to make sure all your products are assigned the tax class Taxable goods
The same above method applies if you wanted to just have a shipping and/or payment method for any one state/country/zone (less setting up the tax rate) Just visit
admin – modules – shipping and/or payments
select the module you want to assign to any said Zone.. and select it from the zone drop down
There is a small issue with setting up shipping methods to any one zone.. if you display shipping estimator, this method will not show up as the visitor does not have a zone sessioned until they either login/create an account
Posted in CRE Loaded Tips | No Comments »
It was brought to our attention on Jan 4th, USPS made some changes to their API. We presented a fix to the USPS with insurance module.. Which turns out would not work with CRE Loaded.. CRE Loaded took part of our fix which addressed some of the issues.. Missing, 5 international options.. We have redone the USPS module which should work in all versions on CRE Loaded.
Instructions
VERY IMPORTANT
Log in to admin. Visit – Modules – Shipping – Select United States Postal Service Module and uninstall/remove it it is installed
Unzip our file, USPS-CRE3-7.zip
Upload the includes folder to your current sites store folder (which will include an includes folder)
Revisit admin, Modules- Shipping
Find United States Postal Service.. install it.. edit button- Now check which shipping options you want to offer Your customers. Keep in mind, GXG has 3 methods which should typically all return the same rates. You would not want to offer all three.. nor would you want to offer all the Priority methods.. It depends on your store products. If you only sell stickers that fit into USPS flat rate envelopes, the ENV option would be for you.. If all your products ship in boxes, only select the default methods such as PMI (Priority Mail International)
What’s new in 3.7?
*Admin has full control over all International shipping options
*Provided our webtools developer USPS ID.. You no longer need to create one.
*If you want to create one, the url has been updated to https://secure.shippingapis.com/registration/
*Shortened the defines displayed for international options (so all available options can be included in the database limit of 255 characters)
GXG=Global Express Guaranteed
PMI=Priority Mail International
EXI=Express Mail International
FR=Flat Rate
Env=Envelope
BoxSM= Small Box BoxMD= Medium Box BoxLG= Large Box
*Changed all international arrays to use the same naming system
*Added comments to line 339. This is where you would replace fullemailaddresshere with your real email address.. this is very handy to debug issues on rates.. Also a nice tool to see when someone requests a shipping quote from the site
Posted in Addon Modules | No Comments »
UPDATE!!!!! Do not patch or upgrade.. 6.4.1 has some blocker issues which are being addressed at this very hour!!!!!!
The motherload of bug fixes has finally been released as CRE Loaded 6.4.1
Many can be quoted as saying this is the best build ever!
New Features:
- Admin log in as customer. With this you can login with the cutomers email and your admin password to see their account as they see it and place orders on their behalf with full checkout process and success module support
- Paypal Website Payment Standard (it’s baaaack) is now installed, pre-enabled and ready to go in every fresh installation
- Paypal Express Checkout pre-installed and ready to enable
- Paypal Payflow Pro via CRE Secure
- Paypal Website Payment Pro via CRE Secure
- CRE Secure module preinstalled - pre enabled, see it in action. Now connects to: Authorize.net, Chase Orbital, Payflow Pro and Website Payment Pro gateways. USAePay, Skipjack and EProcessing Network direct availability in Jan.
- Admin Password hardening to satisfy PCI PA-DSS requirements 8.5.10 and 8
Enhancements and Repairs
- Google Base is reintroduced after repairs
- Algozone EZ Template Installer is reintroduced
- Template Framework backward compatibility with older attribute logic introduced
- Upgraders now allow for refreshing of new customer, order data from live site without redoing entire upgrade
- Buysafe Module now bonds all orders by default more trust, more orders, more revenue share
- Multi Vendor Shipping code overhauled and stabilized
- One page Checkout shipping display repaired
- Several other bugs fixed see change log
Posted in Patches | No Comments »
We have known about a security exploit for some time where one could bypass the admin login and view order histories in OS commerce as well as all the forks.. But today it has been brought to our attention, (by creloaded forum member dsauthority) a bigger issue with the PHPSELF exploit. A malicious user could send out emails to your customers.. again bypassing the admin login
We would show you this in action, but would only expose it to the greater public.. All versions of CRE Loaded pre 6.4.0a are exploitable.
You can find the patch here
CRE Loaded Security fix
or apply it manually
modify your application_top.php files in admin\includes and storepath\includes
For 6.15 and 6.2 sites, find line:
$PHP_SELF = (isset($HTTP_SERVER_VARS['PHP_SELF']) ?
$HTTP_SERVER_VARS['PHP_SELF'] : $HTTP_SERVER_VARS['SCRIPT_NAME']);
Replace with:
$PHP_SELF = $HTTP_SERVER_VARS['SCRIPT_NAME'];
6.3+ users same above files but replace
$PHP_SELF = (isset($_SERVER['PHP_SELF']) ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME']);
Replace with:
$PHP_SELF = $_SERVER['SCRIPT_NAME'];
Amazing what one line of code can change!
If this is something you are not comfortable with plugging, we do offer a patch service.. One hour minimum is required so we can easily address other issues
cre loaded patch service
Posted in Security | No Comments »
