Shopping Cart Software

[sachinparmar]

Dear Howard,

I hope all is well.

I am having an issue putting the PayPal standard information live on two of my sites, http://www.lavishlifestyle.com & http://www.voice-of-the-messenger.co.uk/home.php.

When I put the username in it says permission is not granted, I took out the following code, saved it and it worked.
I need this sorted ASAP, I look forward to your response.

-------------------
<?php

// +--
// | This processor integration references an external
// | URL for processing. All external processing gateways
// | work in the same manner. An order information array
// | is made available globally under the the global name
// | 'ecom.order_summary'.
// |
// | This must set a global variable named 'ecom.olpform'
// | which contains the form information to be posted to
// | the external gateway URL.
// |
// | Anything printed within this code will be printed
// | above the form instructions on the payment information
// | page.
// +--

// +--
// | THERE IS NO NEED TO EDIT THE CODE BELOW THIS POINT TO
// | ACTIVATE THIS INTEGRATION. ONLY EDIT THIS CODE TO MODIFY
// | HOW THIS INTEGRATION WORKS. BE SURE YOU KNOW WHAT YOU'RE
// | DOING!
// +--

// +--
// | Get a few global variables.
// +--

$app = $this->globals('khxc.app');
$eol = $this->globals('khxc.eol');
$order = $this->globals('ecom.order_summary');
$manageeutax = $this->globals('khxc_settings.' . $app . '.manageeutax');
$gatewayhomeregion = array();
$gatewaycountry = $this->globals('khxc_settings.' . $app . '.gatehomecountry');
$gatewayhomereg = $this->globals('khxc_settings.' . $app . '.gatehomeregion');

// +--
// | Printable form instructions.
// +--

$instructions = "After verifying your order information and clicking the 'Continue' button, you will be directed to PayPal's secure site to enter your payment information. Once your payment information is entered and verified, you will be directed back to this web site for your order confirmation.";

// +--
// | Create our relay URLs.
// +--

$url_relay = $this->globals('khxc.url_ssl') . '/relay/' . $app . '.php';
$url_good = $url_relay . '?payment_status=Completed&item_number=' . $order['order']['id'];
$url_bad = $url_relay . '?payment_status=Cancel&item_number=' . $order['order']['id'];

// +--
// | Set up the olpform array.
// +--

$olpform = array('url' => 'https://www.paypal.com/cgi-bin/webscr',
'button' => 'Continue',
'fields' => array());

// +--
// | Create the HIDDEN fields for the form.
// +--

$olpform['fields']['HIDDEN'][] = array('name' => 'business',
'value' => $order['gateway']['userid']);

$olpform['fields']['HIDDEN'][] = array('name' => 'bn',
'value' => 'KRYPTRONIC-ClickCartPro-' . $this->version);

$olpform['fields']['HIDDEN'][] = array('name' => 'undefined_quantity',
'value' => '0');

$olpform['fields']['HIDDEN'][] = array('name' => 'item_name',
'value' => 'Online Order');
$currency = $this->globals('khxc_session.show_currency');
if (empty($currency)) {
$currency = $this->globals('khxc_settings.' . $app . '.basecurrency');
}
$olpform['fields']['HIDDEN'][] = array('name' => 'currency_code',
'value' => $currency);

$olpform['fields']['HIDDEN'][] = array('name' => 'item_number',
'value' => $order['order']['id']);

$olpform['fields']['HIDDEN'][] = array('name' => 'custom',
'value' => $this->globals('khxc_session.sid'));

$olpform['fields']['HIDDEN'][] = array('name' => 'first_name',
'value' => $order['order']['fname']);

$olpform['fields']['HIDDEN'][] = array('name' => 'last_name',
'value' => $order['order']['lname']);

$olpform['fields']['HIDDEN'][] = array('name' => 'address1',
'value' => $order['order']['addone']);

$olpform['fields']['HIDDEN'][] = array('name' => 'address2',
'value' => $order['order']['addtwo']);

$olpform['fields']['HIDDEN'][] = array('name' => 'city',
'value' => $order['order']['city']);

$olpform['fields']['HIDDEN'][] = array('name' => 'state',
'value' => $order['order']['stateabbus']);

$country = $order['order']['country'];

if (!empty($gatewaycountry)) {

$gatewayhomereg = str_replace(', ',',',$gatewayhomereg);
$gatewayhomeregion = $this->make_list($gatewayhomereg);

// +--
// | If this country is in the home region change the country
// | to the gateway
// +--
foreach ($gatewayhomeregion as $index => $regcountry) {

if (($regcountry == $order['order']['country'])) {
// +--
// | Return gateway country.
// +--
$country = $gatewaycountry;

} // End of if statement.
} // End of foreach statement.
}

$olpform['fields']['HIDDEN'][] = array('name' => 'country',
'value' => $country);

$olpform['fields']['HIDDEN'][] = array('name' => 'zip',
'value' => $order['order']['postalcode']);

$olpform['fields']['HIDDEN'][] = array('name' => 'email',
'value' => $order['order']['email']);

$olpform['fields']['HIDDEN'][] = array('name' => 'notify_url',
'value' => $url_relay);

// +--
// | Define totals fields based on whether we have a recurring
// | order amount or not.
// +--

if ($order['order']['recurtotal'] > 0) {

$olpform['fields']['HIDDEN'][] = array('name' => 'cmd',
'value' => '_xclick-subscriptions');
if ($manageeutax == 'excleutax') {
$recutotal = $order['order']['recurtotal'] + $order['order']['recurtotaleutax'];
} else if ($manageeutax == 'incleutax') {
$recutotal = $order['order']['recurtotal'] + $order['order']['recurtotaleutaxrefund'];
} else {
$recutotal = $order['order']['recurtotal'];
}

$recutotal = $this->include_namespace($this->globals('khxc.app'),'getprice',$recutotal);
$recutotal = preg_replace('/[^0-9\.]/','',$recutotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'a3',
'value' => $recutotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'p3',
'value' => '1');

$olpform['fields']['HIDDEN'][] = array('name' => 't3',
'value' => 'M');

$olpform['fields']['HIDDEN'][] = array('name' => 'src',
'value' => '1');

$olpform['fields']['HIDDEN'][] = array('name' => 'no_note',
'value' => '1');

$olpform['fields']['HIDDEN'][] = array('name' => 'return',
'value' => $url_good);

$olpform['fields']['HIDDEN'][] = array('name' => 'cancel_return',
'value' => $url_bad);

if ($order['order']['ordertotal'] > 0) {
$ordertotal = $this->include_namespace($this->globals('khxc.app'),'getprice',$order['order']['ordertotal']);
$ordertotal = preg_replace('/[^0-9\.]/','',$ordertotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'a1',
'value' => $ordertotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'p1',
'value' => '1');

$olpform['fields']['HIDDEN'][] = array('name' => 't1',
'value' => 'D');

} // End of if statement.

} else {

$olpform['fields']['HIDDEN'][] = array('name' => 'cmd',
'value' => '_ext-enter');

$ordertotal = $this->include_namespace($this->globals('khxc.app'),'getprice',$order['order']['ordertotal']);
$ordertotal = preg_replace('/[^0-9\.]/','',$ordertotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'amount',
'value' => $ordertotal);

$olpform['fields']['HIDDEN'][] = array('name' => 'redirect_cmd',
'value' => '_xclick');

$olpform['fields']['HIDDEN'][] = array('name' => 'return',
'value' => $url_relay);

$olpform['fields']['HIDDEN'][] = array('name' => 'cancel_return',
'value' => $url_bad);

} // End of if statement.

// +--
// | Create the DISPLAY fields for the form.
// +--

$olpform['fields']['DISPLAY'][] = array('type' => 'PAYFORMCONTINUE',
'params' => array('name' => 'ecom_continue',
'required' => 1,
'display' => 'Payment Information',
'desc' => $instructions,
'option' => 'Enter Payment Information'));

// +--
// | Globalize the $olpform array and return.
// +--

$this->globals('ecom.olpform',$olpform);

?>
-------------------------

[GreenbarnWeb]

Hi,
It sounds like you have a problem with the ModSecurity on your web server see this post for more information:
viewtopic.php?f=7&t=93

[Dave]

You'll want to remove the user and password in the original post ASAP. The whole world now has access to your CCP admin area. Best be changing the password ASAP also.

[sachinparmar]

Dear Dave/Howard,

Thanks for getting back to me, I will contact my web server company for both sites.

I have looked at the post viewtopic.php?f=7&t=93 but as I am not familiar with web hosting should I get mod security installed on my servers?

I looked at the link in that post and it does not exist any more so I found this link: http://sourceforge.net/apps/mediawiki/m ... ity_2.0.3F please confirm this is correct.

I await your response.

Sachin Parmar

[GreenbarnWeb]

Dear Sachin,
Yes that is a link to the correct documentation.

[sachinparmar]

Dear Howard,

I have just spoken to my server guys and they said ModSecurity is already installed on the server, how can I instruct them on the issue your software is having on they server.

Please advise.
Sachin Parmar