Excellent!!!:clap: Along these same lines, I am going to include a full list of Super Order files to help facilitate the uninstall process..Quote:
Originally Posted by nagelkruid
Printable View
Excellent!!!:clap: Along these same lines, I am going to include a full list of Super Order files to help facilitate the uninstall process..Quote:
Originally Posted by nagelkruid
Got a problem with Super orders (rev 47)and Firefox.
The 'Payment, Purchase Order and Refund on the main Superorders webpage do not work in FF3.5.5
They work perfectly in IE8, so I know its not Superorders, but if anyone can offer some advice its appreciated.
this is what ive done so far
1. Allowed all popups in FF
2. Enabled Javascript
Anything else that I should try??
Thanks in advance
You'll need to provide more details than this.. "do not work in FF3.5.5" gives no indication as to what the issue is..Quote:
Originally Posted by paddy100
Sorry for that:
When I hover over the image of the buttons I can see the code that it executes in the bottom Left corner, just like IE, but when I press the buttons nothing happens.
In IE7, and 8 the new window appears and more info is input......however in FF I see the code that begins
but no popup or new window ever appears.Code:javascript:popupWindow('http://localhost/zencart/admin/super_payments.php?.......etc
IE is fine for me at the min, but I am in the process of moving to Ubuntu, this is one of the things I need fixed, so 'er indoors' can keep working.:P LOL
To be honest this isn't a problem I've ever seen reported, and IMO it seems more indicative of a browser client issue versus a Super Orders issue.. You might want to check your browser settings to see if you have disabled javascript or if you have some sort of pop-up killer enabled.. Outside of that, you might want to try reinstalling Super Orders (though quite honestly if this is an issue of a browser setting that will likely not fix the issue..) Wish I could be of more help.. Hopefully someone else will chime in..
Quote:
Originally Posted by paddy100
Does this mod only affect the back office?
Yes .Quote:
Originally Posted by Asdesign
Okay to continue on in my adventure of compiling a fully patched version of Super Orders, I have run into a challenge, and I was hoping that I could get a hand..
While I personally do not think that the "Edit Status History" feature is a particularly useful feature of Super Orders, (I think it creates an audit/accountability issue to allow the editing of order notes/comments) it's here and I suppose that folks are using it, but it is not working as it should. This particular problem also goes back to 2006, and has not been fully resolved/addressed even in the latest version of Super Orders. It is my understanding that this particular issue is another one of the security flaws within Super Orders that Phillip has been so good to point out to the community..
Apparently the issue is this:
The following posts which helped me fix the issue in the super_order.php and super_batch_status.php files.Quote:
The problem you experienced with the tags being displayed improperly in status update comments is due to the comments not being properly scrubbed before inserting them into the DB.
http://www.zen-cart.com/forum/showpo...&postcount=220
http://www.zen-cart.com/forum/showpo...&postcount=621
(So that it's clear to anyone reading this, the fix I applied was based largely on the 1st post, the second post includes an incorrect fix, but gave me a clue where a second change needed to be made..)
I made the following change around line 125 in super_orders.php:
I made the following change around line 69 in super_batch_status.php:Code://$comments = zen_db_scrub_in($_POST['comments']); // replaced line
$comments = zen_db_scrub_in($_POST['comments'], true);
So now I'm down to how to fix the stripping issue in the super_edit.php file.. I've tried variations of the fixes I found in the two previous referenced posts to no avail.. Since I don't know PHP, I am GUESSING right now how to fix the super_edit.php file (logical guesses.. but WRONG guesses:laugh:), and I was hoping that someone here would take pity and give me a hand..Code://$notify_comments = $_POST['notify_comments']; // replaced line
$notify_comments = zen_db_scrub_in($_POST['notify_comments'], true);
The "Edit Status History" feature injects HTML line breaks and ASCII line breaks into the database, and these line breaks are displayed when the customer views their order history from "Status History & Comments". For example:
I am fairly certain that it's this section of the super_edit.php code that needs to be corrected - around line 433:Quote:
New test.. I want to see if the HTML line breaks are added to the comments.\r\n\r\nIf this works, when I edit the comments, the line breaks end up with these weird characters after them..\r\n\r\nDon\'t understand why this code is broken..
I am plum out of guesses (logical and otherwise) as to what I need to change..Code:$this_status = $_POST['status_' . $this_history_id];
$this_comments = zen_db_scrub_in($_POST['comments_' . $this_history_id]);
$this_delete = $_POST['delete_' . $this_history_id];
$change_exists = false;
Now all that said, is this even a USEFUL feature.. because the EASIEST fix is to hide the "Edit Status History" link..:laugh::laugh:
And the story continues..:laugh:
I've run across several posts talking about combining Edit Orders with Super Orders.. I read the Edit Orders readme and it seems that this merging was a little simpler than previous posts had led me to believe.. (If anyone else has attempted this merge and disagrees, please let me know if I am incorrect)
According to the readme the following edits for orders.php are required:
I just applied a variation of these edits to the super_orders.php file as follows:Quote:
2. Make the following changes to admin/orders.php:
Find: (In 1.3.8a on line 854)
$contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
Replace With:
$contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_details.gif', IMAGE_DETAILS) . '</a> <a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
Find: (In 1.3.8a on line 898)
$contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
Replace With:
$contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDER_EDIT, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a>');
Near line(s) 300-321 (my super-orders.php file is heavily modded so the line numbers are approximate locations
Near line(s) 1420-1435 (my super-orders.php file is heavily modded so the line numbers are approximate locationsCode://BOF Add Order Edit button to order detail page
echo '<a href="' . zen_href_link(FILENAME_ORDER_EDIT, 'oID=' . $oID) . '">' . zen_image_button('button_edit.gif', ICON_ORDER_EDIT) . '</a> ';
//EOF Add Order Edit button to order detail page
echo '<a href="' . zen_href_link(FILENAME_SUPER_DATA_SHEET, 'oID=' . $oID) . '" target="_blank">' . zen_image_button('btn_print.gif', ICON_ORDER_PRINT) . '</a> ';
The are a couple of issues I've found with using Edit Orders.Code:// EOF Add Edit Order button to order order list page
// $contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_SUPER_DATA_SHEET, 'oID=' . $oInfo->orders_id) . '" target="_blank">' . zen_image_button('btn_print.gif', ICON_ORDER_PRINT) . '</a> <a href="' . zen_href_link(FILENAME_SUPER_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
$contents[] = array('align' => 'center', 'text' => '<a href="' . zen_href_link(FILENAME_ORDER_EDIT, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=edit', 'NONSSL') . '">' . zen_image_button('button_edit.gif', IMAGE_EDIT) . '</a> <a href="' . zen_href_link(FILENAME_SUPER_DATA_SHEET, 'oID=' . $oInfo->orders_id) . '" target="_blank">' . zen_image_button('btn_print.gif', ICON_ORDER_PRINT) . '</a> <a href="' . zen_href_link(FILENAME_SUPER_ORDERS, zen_get_all_get_params(array('oID', 'action')) . 'oID=' . $oInfo->orders_id . '&action=delete', 'NONSSL') . '">' . zen_image_button('button_delete.gif', IMAGE_DELETE) . '</a>');
// BOF Add Edit Order button to order order list page
The notifications are not working the way they do on the orders.php page...
For the record to fix Super Orders to work like orders.php check out this thread: http://www.zen-cart.com/forum/showpo...postcount=1147Quote:
In the original "Customers" > "Order", we have two checkboxes, one that says "Notify Customer" and one that says "Append Comments". If neither of the boxes are ticked, then the order history still updates with whatever in the textarea.
The original
- "Notify Customer" means send the customer the change in status email,
- "Append Comments" means add the comments in the textarea to the "change in status email".
In Edit Order, it only sends the customer notification e-mail when BOTH notify and append checkboxes are checked..
The other issue is that the "Back" button on the edit_orders.php page only takes you back to the the Super Orders order list page (super_orders.php). It should take you back to the detail page of the order you were editing.. It's minor and I can live with it..
Gonna keep messing around and try to figure out how to correct this, but for now the major edits to join these two apps seems to work.. Thought I'd share.. Contemplating including this as an optional edit for Super Orders.. (if I can get the back button to work correctly) I'm also contemplating an optional edit for merging Admin Comments with Super Orders as well..
First of all thanks for a much needed addin-on. Even though I am not a real programmer, I was able to install it. I did find one quirk in the sql statement.
In the first two statements, the command said, insert into and the first field was just " ". This threw an error, do I changed it to NULL, and it worked fine.
Also, I have 1.38a and the authorize.net does not have the if statement referred to in the read.me file for storing cc numbers.
Any suggestions on where to put that if?
Thanks again.