Page 2 of 2 FirstFirst 12
Results 11 to 16 of 16
  1. #11
    Join Date
    Feb 2004
    Location
    Georgia, USA
    Posts
    1,948
    Plugin Contributions
    0

    Default Re: Apsona CSV data exporter [support thread]

    Quote Originally Posted by apsona View Post
    BlessIsaacola - I'd like to address the security concern and the reasons for the choices we made with ShopAdmin. I will provide some brief technical details here, but please feel free to follow up.

    • ShopAdmin has to download the user interface software layer (JavaScript and CSS files) into the user's browser. This is obviously necessary, otherwise we can't paint the browser's screen.
    • It can't download that software directly from the ShopAdmin server, because it will run head-on into the Same-Origin-Policy issue that Ajax programmers have to deal with. So it will have to provide a pass-through so that the software is downloaded from the ShopAdmin server via the Zen Cart application.
    • PHP provides two ways of implementing such a pass-through: either allow_url_fopen or curl. But curl, to my mind, is the less desirable choice because it spawns a new child process on the server, with two undesirable results:
      1. It will require the child-process-spawning capability, and there are lots of attack vectors that open up if you include that capability. This is in fact the usual trick that Windows viruses use to get in to a victim computer.
      2. It increases the load on the server, because spawning another process is a high-overhead operation (the same reason why FastCGI is preferable to CGI).

      In contrast, allow_url_fopen has neither of these drawbacks, since it is implemented directly within the PHP virtual machine. It also offers fine-grain control to the web server setup.

    The ShopAdmin code is written to take care that we do not download anything else through the server, and more importantly, it does not write anything to the server's file system (other than updating the database, according to the user's instructions). As you well know, when it comes to security, we have to be paranoid. And when someone is trusting their business and their livelihood with a piece of software, that software had better be totally reliable, or it will soon be a forgotten memory.


    Hope this helps.
    Apsona
    http://apsona.com
    Very well stated and written. I wasn't saying anything bad about Apsona. I don't have any issues with Apsona and actually wished we can use it on site. It's a business decision for us nothing against Apsona.

    There are way too many documented cases online of how hackers have used turning allow_url_fopen on as means of carrying out attacks. While Apsona product will cause no harm, leaving the door open to others by turning on allow_url_open is not something we are comfortable with it. Purely business decision nothing against your product.

    Although both Curl and allow_url_fopen presents security risks, allow_url_open has a long documented cases online of abuse than curl.

  2. #12
    Join Date
    Jun 2007
    Posts
    32
    Plugin Contributions
    0

    Default Re: Apsona CSV data exporter [support thread]

    I have used this addon, it's nice and easy to use.
    But there is a big problem with me, when I export the customers, I could not export the total account, I don't know why, I have tried this on 2 of my sites, and local, unfortunately, I get the same problem.

    And I found a wired thing, the customers from USA,Canada,Spain, would not be missed, and from others such as UK, Russian...could not be exported,

    In fact, at the web admin, I have 807 customers, but I could only export 459 of it.

    I don't why, please help.

    By the way, my store is 1.3.8a

  3. #13
    Join Date
    Jun 2007
    Posts
    32
    Plugin Contributions
    0

    Default Re: Apsona CSV data exporter [support thread]

    and I have checked the customers at web admin,
    such as the customers no. 800-807, there are 4 missed no. such as 801,802,805,806. and the rest could be exported.

  4. #14
    Join Date
    Jun 2007
    Posts
    32
    Plugin Contributions
    0

    Default Re: Apsona CSV data exporter [support thread]

    And more, when I export the orders.csv, every order would be duplicated, I have 411 orders, but the csv would export 822 orders, everyone would have a copy.

    In fact, this is easy to fixed by del the copy orders, after the right order list, there would be a copy of them.

  5. #15
    Join Date
    Jun 2007
    Posts
    32
    Plugin Contributions
    0

    Default Re: Apsona CSV data exporter [support thread]

    I think I have found where the problem is.

    At the as apsona_functions.php about line 90 z.zone_id = o.entry_zone_id, if the customers have not selected the zone that the system provide, it would not be exported. Such as UK, Russian,which system do not have the deafult zoom. and the model have not accept the typing zoom. And also if the customers have not filled the zoom section, it would aslo be missed.

    The full code is:
    PHP Code:
    WHERE c.customers_default_address_id o.address_book_id and o.entry_country_id t.countries_id and ci.customers_info_id c.customers_id and
            
    z.zone_id o.entry_zone_id  and
            (
    ci.customers_info_date_account_created >= ' . $dateSince . ' or ci.customers_info_date_account_last_modified >= ' . $dateSince . ')'; 
    But I don't know how to fix it.

    Please help

  6. #16
    Join Date
    Jan 2010
    Posts
    189
    Plugin Contributions
    1

    Default Re: Apsona CSV data exporter [support thread]

    goagal - As you point out in your code, the Apsona CSV data exporter relies on hard-coded SQL queries, and therefore falls short in the ways you describe. I would suggest that you use Apsona ShopAdmin instead. With ShopAdmin, you can export filtered sections of your data without these difficulties.

    Hope this helps.

    Apsona
    http://apsona.com

 

 
Page 2 of 2 FirstFirst 12

Similar Threads

  1. JK Order Exporter - Support Thread
    By eVelt in forum All Other Contributions/Addons
    Replies: 4
    Last Post: 26 Sep 2015, 07:06 AM
  2. eBay Turbo Lister 2.0 Exporter Support Thread
    By numinix in forum All Other Contributions/Addons
    Replies: 215
    Last Post: 8 Feb 2014, 06:03 AM
  3. Products/Categories URLs Exporter Support Thread
    By joshuayang in forum All Other Contributions/Addons
    Replies: 2
    Last Post: 28 Mar 2010, 05:33 PM
  4. Amazon Exporter Support Thread
    By numinix in forum All Other Contributions/Addons
    Replies: 14
    Last Post: 10 Feb 2010, 12:41 AM
  5. eBid Exporter - Support Thread
    By numinix in forum All Other Contributions/Addons
    Replies: 11
    Last Post: 1 Dec 2007, 10:34 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg