Printable View
zc v1.5.8
I'm in the middle of making a payment module and am having issues with getting any sort of information from the Zen Cart system from any of my files from within the "/includes/modules/payment/MYPAYMEMPLUGIN/files in this folder.
Is this normal?
You likely have debug logs in your /logs folder that need to be fixed.
nope I'm on top all of them as and when they show and it is currently empty (which is good to hear) and I'm also on top of server logs also regularly check them also dev tools i bacily live in dev tools.
What exactly is happening? I interpreted your original post to mean "Going to admin > modules > payment" gives a white screen.
What are your symptoms?
The only variables (that's everything from plugin defined in database etc... to session's etc..) I can get to use or view are the one's I set within the folder part of the payment module (I've installed and then cloned: this https://www.zen-cart.com/downloads.php?do=file&id=2388).Quote:
Originally Posted by swguy
I have tried removing my htaccess file thinking it was maybe that but the same,
I've changed the name of the plugin but still the same,
I'm just know downloaded a fresh copy of ZC v1.5.8 and running a compare using beyond-compare and see if that helps,
would you know what maybe hepping as to me it seems like ZC is seeing this folder as a outsider instead of part of the family lol.
Try removing the clone files and see if that fixes it.
Review https://docs.zen-cart.com/dev/code/m...clone_payment/
I've look at that often on the way of making this plugin, but I will say I've seen this: Note: Be sure the filename you choose does not have an underscore (_) in it. but at the same time see core payment plugin's and a few other one's are using _ within the naming so I have also ?Quote:
Originally Posted by swguy
Nope just the same if I replace the API key from hardcoded to using the stored database stored configuration_key name/value the plugin does not load the form due to invalid key of null but as soon as I put back the key hardcoded it works?Quote:
Originally Posted by swguy
one other thing I could maybe try, what would be the best way to clear all session var's then let ZC make what it needs to a fresh?
would it be just session destroy ?
file compare only showed one difference and that was in my htaccess file in: includes/.htaccess
and this was on line #32 it read > <FilesMatch "(?i).*\.(js|css|html?|jpe?g|gif|webp|png|otf|ico|cur|map|eot|svgz?|ttf|woff2?|p hp|xml|xsl)$">
So i changed it to what the fresh copy of ZC had to this: <FilesMatch "(?i).*\.(js|css|html?|jpe?g|gif|webp|png|otf|ico|cur|map|eot|svgz?|ttf|woff2?|x ml|xsl)$"> "removing the php.
know I get 403 Forbidden but if i put back the php I do not get the 403.Code:## @copyright Copyright 2003-2022 Zen Cart Development Team
# @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
# @version $Id: DrByte 2020 Oct 29 Modified in v1.5.8-alpha $
#
# This is used with Apache WebServers
#
# The following blocks direct HTTP requests to all filetypes in this directory recursively, except certain approved exceptions
# It also prevents the ability of any scripts to run. No type of script, be it PHP, PERL or whatever, can normally be executed if ExecCGI is disabled.
# Will also prevent people from seeing what is in the dir. and any sub-directories
#
# For this to work, you must include either 'All' or at least: 'Limit' and 'Indexes' parameters to the AllowOverride configuration in your apache/conf/httpd.conf file.
# Additionally, if you want the added protection offered by the OPTIONS directive below, you'll need to add 'Options' to the AllowOverride list, if 'All' is not specified.
# Example:
#<Directory "/usr/local/apache/htdocs">
# AllowOverride Limit Options Indexes
#</Directory>
###############################
# deny *everything*
<FilesMatch ".*">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</FilesMatch>
# but now allow just *certain* necessary files:
<FilesMatch "(?i).*\.(js|css|html?|jpe?g|gif|webp|png|otf|ico|cur|map|eot|svgz?|ttf|woff2?|xml|xsl)$">
<IfModule mod_authz_core.c>
Require all granted
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Allow from all
</IfModule>
</FilesMatch>
IndexIgnore */*
<limit POST PUT>
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order Allow,Deny
Deny from all
</IfModule>
</limit>
## NOTE: If you want even greater security to prevent hackers from running scripts in this folder, uncomment the following line (if your hosting company will allow you to use OPTIONS):
# OPTIONS -Indexes -ExecCGI
##################
## Optional caching improvements
## Requires mod_header and mod_deflate to be enabled within Apache
##################
<IfModule mod_headers.c>
Header unset Pragma
FileETag None
Header unset ETag
#Header set Cache-Control "no-transform"
<FilesMatch "(?i).*\.(ico|jpe?g|gif|webp|png|otf|swf|flv|ttf|woff|eot|svg)$">
Header set Cache-control "max-age=864000, public, must-revalidate"
Header unset Last-Modified
</FilesMatch>
<FilesMatch "(?i).*\.(html|htm|xml|txt|xsl)$">
Header set Cache-control "max-age=7200, must-revalidate"
</FilesMatch>
</IfModule>
<IfModule mod_deflate.c>
<FilesMatch "(?i)\.(js|css)$">
SetOutputFilter DEFLATE
</FilesMatch>
</IfModule>
##################
## Optional improvements
## Requires mod_expires to be enabled within Apache
##################
<ifmodule mod_expires.c>
ExpiresActive On
ExpiresDefault A300
ExpiresByType application/x-javascript A3600
ExpiresByType text/css A3600
ExpiresByType image/gif A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A300
ExpiresByType image/x-icon A86400
ExpiresByType image/jpeg A2592000
ExpiresByType image/png A2592000
ExpiresByType image/svg A2592000
</ifmodule>
and if it helps this is my .htaccess root file:
Code:################################################################################ Add custom headers and options
###############################################################################
# Notes:
#
# Examples: Adding IE compatibility / edge flags, language and encoding flags,
# php or suphp directives, configure other Apache modules such as page_speed,
# and enable or disable Apache httpd options.
#
# Do NOT configure anything directly relating to physical or virtual resources
# in this section. These should be addressed later on in this file.
###############################################################################
#Options -Indexes
###############################################################################
# Enable mod_rewrite processing using the rules in this .htaccess file
###############################################################################
# Notes:
#
# <IfModule> should be avoided at all costs. If mod_rewrite is not available
# it is almost always better to return HTTP 500 status. This way we see there
# is an issue as soon as the .htaccess file is uploaded.
#
# For mod_rewrite to work, the Apache server option to allow symbolic links to
# be followed must be enabled. Most providers supporting mod_rewrite will
# already have it enabled for you, but if your rewrite rules are not working
# you can un-comment the first directive below to manually enable the option.
#
# Don't forget, mod_rewrite directives are processed in order until a matching
# RewriteRule with the [L] flag is encountered. So the more specific a rule is
# the closer it should appear to the top of this file.
###############################################################################
#Options +FollowSymLinks
RewriteEngine on
###############################################################################
# Tell mod_rewrite where this file is relative to the server document_root
###############################################################################
# Notes:
#
# This directive should only be enabled if this .htaccess file is not placed
# in the document_root (usually public_html, www, or web) of the (sub)domain.
#
# An easy way to determine the location relative to the server document_root is
# to look at the URL used to access a file in this folder. For example if you
# access a "page" in the same folder as this file by typing in the URL
# "www.mydomain.com/myfolder/index.html" then "myfolder" will be the location
# of this file relative to the server document_root.
#
# Another quick and easy way to determine the correct setting for this is to
# look at the defined value for DIR_WS_CATALOG and DIR_WS_HTTPS_CATALOG in
# Zen Cart's configure.php files. All three values should match.
#
# Don't forget the leading and trailing /. This directive requires both!
###############################################################################
#RewriteBase /shop/
###############################################################################
# Redirect if request was for index.php (no query)
###############################################################################
# Notes:
#
# This is only required if the site generates references to index.php with no
# parameters. This rule will force a 301 redirect to the site root when a
# request is made for "/index.php" with no query terms (?key=value).
###############################################################################
#RewriteCond %{QUERY_STRING} ^$
#RewriteRule ^index\.php$ / [R=301,L]
###############################################################################
# Add any custom 301 redirects
###############################################################################
# Notes:
#
# In general these should be few and far between. If you use a RewriteRule
# be sure to add the L flag to let Apache mod_rewrite know to stop processing
# and skip any RewriteRules defined later in the .htaccess file.
###############################################################################
###############################################################################
# Redirect if request was for index.php (with or without query)
###############################################################################
# Notes:
#
# This is a performance optimization. If the request is for index.php simply
# pass the request on and do not process any other mod_rewrite directives in
# this file.
#
# Basically this avoids the overhead of checking if index.php is a real file
# or directory (used in subsequent mod_rewrite rules) before sending the
# request to index.php.
###############################################################################
RewriteRule ^index\.php$ - [L]
###############################################################################
# Start Ultimate (SEO) URLs
###############################################################################
# Notes:
#
# You should not make any changes in this section unless you really understand
# how it will impact your web site. Mistakes can break things.
###############################################################################
# Handles the new URL formats
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-p-([0-9]+)(.*)$ index\.php?main_page=product_info&products_id=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pi-([0-9]+)(.*)$ index\.php?main_page=popup_image&pID=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pr-([0-9]+)(.*)$ index\.php?main_page=product_reviews&products_id=$4&cPath=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)/(.*)-pri-([0-9]+)(.*)$ index\.php?main_page=product_reviews_info&products_id=$4&cPath=$2&%{QUERY_STRING} [L]
# Original (unchanged) URL formats
RewriteRule ^(.*)-p-([0-9]+)(.*)$ index\.php?main_page=product_info&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-m-([0-9]+)(.*)$ index\.php?main_page=index&manufacturers_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pi-([0-9]+)(.*)$ index\.php?main_page=popup_image&pID=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pr-([0-9]+)(.*)$ index\.php?main_page=product_reviews&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-pri-([0-9]+)(.*)$ index\.php?main_page=product_reviews_info&products_id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-ezp-([0-9]+)(.*)$ index\.php?main_page=page&id=$2&%{QUERY_STRING} [L]
RewriteRule ^(.*)-c-([0-9_]+)(.*)$ index\.php?main_page=index&cPath=$2&%{QUERY_STRING} [L]
# Rewrite all other requests (if the file / directory does not exist)
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index\.php?main_page=$1&%{QUERY_STRING} [L]
<IfModule mod_headers.c>
<FilesMatch "\.(ico|ttf|ttc|otf|eot|woff|woff2|css|js|html|php)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
<IfModule mod_headers.c>
<FilesMatch "\.(ico|ttf|ttc|otf|eot|woff|woff2|css|js|html|php)$">
Header set Access-Control-Allow-Origin "*"
</FilesMatch>
</IfModule>
###############################################################################
# Add any other directives relating to the handling of physical files
###############################################################################
# Notes:
#
# If processing makes it this far, the request was for a real file or folder.
# Example: Adding further processing related to browser caching or security.
###############################################################################
<IfModule mod_deflate.c>
# Compress HTML, CSS, JavaScript, Text, XML and fonts
AddOutputFilterByType DEFLATE application/javascript
AddOutputFilterByType DEFLATE application/rss+xml
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject
AddOutputFilterByType DEFLATE application/x-font
AddOutputFilterByType DEFLATE application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf
AddOutputFilterByType DEFLATE application/x-font-truetype
AddOutputFilterByType DEFLATE application/x-font-ttf
AddOutputFilterByType DEFLATE application/x-javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/xml
AddOutputFilterByType DEFLATE font/opentype
AddOutputFilterByType DEFLATE font/otf
AddOutputFilterByType DEFLATE font/ttf
AddOutputFilterByType DEFLATE image/svg+xml
AddOutputFilterByType DEFLATE image/x-icon
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/xml
# Remove browser bugs (only needed for really old browsers)
BrowserMatch ^Mozilla/4 gzip-only-text/html
BrowserMatch ^Mozilla/4\.0[678] no-gzip
BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
Header append Vary User-Agent
</IfModule>
<ifModule mod_gzip.c>
mod_gzip_on Yes
mod_gzip_dechunk Yes
mod_gzip_item_include file .(html?|txt|css|js|php|pl)$
mod_gzip_item_include handler ^cgi-script$
mod_gzip_item_include mime ^text/.*
mod_gzip_item_include mime ^application/x-javascript.*
mod_gzip_item_exclude mime ^image/.*
mod_gzip_item_exclude rspheader ^Content-Encoding:.*gzip.*
</ifModule>
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
# ######################################################################
# # MEDIA TYPES AND CHARACTER ENCODINGS #
# ######################################################################
# ----------------------------------------------------------------------
# | Media types |
# ----------------------------------------------------------------------
# Serve resources with the proper media types (f.k.a. MIME types).
#
# https://www.iana.org/assignments/media-types/media-types.xhtml
# https://httpd.apache.org/docs/current/mod/mod_mime.html#addtype
# ----------------------------------------------------------------------
# | Reducing MIME type security risks |
# ----------------------------------------------------------------------
# Prevent some browsers from MIME-sniffing the response.
#
# This reduces exposure to drive-by download attacks and cross-origin
# data leaks, and should be left uncommented, especially if the server
# is serving user-uploaded content or content that could potentially be
# treated as executable by the browser.
#
# http://www.slideshare.net/hasegawayosuke/owasp-hasegawa
# http://blogs.msdn.com/b/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
# https://msdn.microsoft.com/en-us/library/ie/gg622941.aspx
# https://mimesniff.spec.whatwg.org/
<IfModule mod_headers.c>
Header set X-Content-Type-Options "nosniff"
</IfModule>
# ----------------------------------------------------------------------
# | ETags |
# ----------------------------------------------------------------------
# Remove `ETags` as resources are sent with far-future expires headers.
#
# https://developer.yahoo.com/performance/rules.html#etags
# https://tools.ietf.org/html/rfc7232#section-2.3
# `FileETag None` doesn't work in all cases.
<IfModule mod_headers.c>
Header unset ETag
</IfModule>
FileETag None
# ----------------------------------------------------------------------
# | Expires headers |
# ----------------------------------------------------------------------
# Serve resources with far-future expires headers.
#
# (!) If you don't control versioning with filename-based
# cache busting, you should consider lowering the cache times
# to something like one week.
#
# https://httpd.apache.org/docs/current/mod/mod_expires.html
<IfModule mod_expires.c>
ExpiresActive on
ExpiresDefault "access plus 1 month"
# CSS
ExpiresByType text/css "access plus 1 hour"
# Data interchange
ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"
# Favicon (cannot be renamed!) and cursor images
ExpiresByType image/vnd.microsoft.icon "access plus 1 year"
ExpiresByType image/x-icon "access plus 1 year"
# HTML
ExpiresByType text/html "access plus 0 seconds"
# JavaScript
ExpiresByType application/javascript "access plus 1 hour"
ExpiresByType application/x-javascript "access plus 1 hour"
ExpiresByType text/javascript "access plus 1 hour"
# Manifest files
ExpiresByType application/manifest+json "access plus 1 year"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Media files
ExpiresByType audio/ogg "access plus 1 month"
ExpiresByType image/bmp "access plus 1 month"
ExpiresByType image/gif "access plus 1 month"
ExpiresByType image/jpeg "access plus 1 month"
ExpiresByType image/png "access plus 1 month"
ExpiresByType image/svg+xml "access plus 1 month"
ExpiresByType image/webp "access plus 1 month"
ExpiresByType video/mp4 "access plus 1 month"
ExpiresByType video/ogg "access plus 1 month"
ExpiresByType video/webm "access plus 1 month"
# Web fonts
# Embedded OpenType (EOT)
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType font/eot "access plus 1 month"
# OpenType
ExpiresByType font/opentype "access plus 1 month"
# TrueType
ExpiresByType application/x-font-ttf "access plus 1 month"
# Web Open Font Format (WOFF) 1.0
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType font/woff "access plus 1 month"
# Web Open Font Format (WOFF) 2.0
ExpiresByType application/font-woff2 "access plus 1 month"
# Other
ExpiresByType text/x-cross-domain-policy "access plus 1 week"
</IfModule>
When I need to clear the session variables for a Zen Cart site, I use the browser's "Developer Tools" (normally F12 on Windows), and then view the site's cookies and delete the associated zenid one.Quote:
Originally Posted by OJ_SIMON
I did this and it is still not working.I'm totally lost to what's going on.Quote:
Originally Posted by lat9
I think I'm getting somewhere now I have been able to find a error and this is it:
Code:Error: Failed opening required 'includes/templates/template_default/templates/tpl_zc_install_suggested_default.php' (include_path='.:/usr/share/php') in /home/1180590.cloudwaysapps.com/xxxxxxxx/public_html/includes/application_top.php:127 Stack trace: #0 /home/1180590.cloudwaysapps.com/xxxxxxxx/public_html/includes/modules/payment/stripepaymentgateway/create_payment_intent.php(8): require() #1 {main}