invoice link doesn't work

[p1drobert]

Hi,
I'm using zencart version 1.3.9.h. When customers receive their confirmation emails and they click on the view detailed invoice link it results in a page not found error.
The link appears as something like this

'https://(securename).net/priority1design.com.au/index.php?main_page=account_history_info&order_id=(number)'

Names shown in brackets I've changed for privacy reasons.

what should this link look like? Should it be pointing to the secure folder? Does anyone have any ideas why its not working?

If I wanted to delete this link from the email altogether which files should I alter?

Regards
Robert

[DrByte]

It should automatically read as:
'https://securesite-1.ssllock.net/priority1design.com.au/shopfront/index.php?main_page=account_history_info&order_id=(number)'

It's automatically generated, based on the HTTPS_SERVER and DIR_WS_HTTPS_CATALOG settings in your configure.php file.

What are the defines for HTTP_SERVER, HTTPS_SERVER, DIR_WS_CATALOG, DIR_WS_HTTPS_CATALOG in your /shopfront/includes/configure.php file?

[p1drobert]

Hi Dr. Byte,

Thanks for your response.
The link that comes up in the emails is

https://securesite-1.ssllock.net/
priority1design.com.au/index.php?main_page=account_history_info&order_id=(number)

The /shopfront/ appears to be missing



define('HTTP_SERVER', 'http://www.priority1design.com.au');
define('HTTPS_SERVER', 'https://securesite-1.ssllock.net/priority1design.com.au');

define('DIR_WS_CATALOG', '/shopfront/');
define('DIR_WS_HTTPS_CATALOG', '/shopfront/');

could I add this /shopfront manually to one of the relevant files, and if so which one?
Regards
Robert Accardi

[DrByte]

The original Zen Cart code already adds it, so there are no files to change, unless you've customized the code yourself.

[p1drobert]

Hi DrByte,

Unfortunately the /shopfront isn't being added in the emails being sent. I've customized some files but I didn't make any intentional changes to the entry that creates a link, I don't think.

Can you advise which lines in which files are responsible for this link being sent. If I can't fix it can you advise how I can remove the link altogether?


Regards
Robert

[DrByte]

What addons *have* you added?

The function that prepares those links uses the zen_href_link() function, and passes 'SSL' as the style of link to generate. And, since the default zen_href_link() code distributed with the current version of Zen Cart takes the 'SSL' parameter and properly produces the required link, it leads me to believe your code has been altered.

[p1drobert]

Hi DrByte,

I only made cosmetic changes that affect the look of the main page. Moved the header position and stuff. I don't have enough PHP experience to do anything major.

That zen_href_link() reference appears in a stack of files. Which file is it originally defined in? If you can tell me which file is responsible for sending out emails to clients and where that specific link is added I can just comment it out to disable it.

I've noticed other people mentioning that this invoice link doesn't work, due to the wrong address coming up. I suspect there may be more to it than people just altering the code and effecting it.

The rest of the web site works great. I was using version 1.3.8 for a few years before I started to get hacked a few months back. Moving to 1.3.9 solved the hacking problems. I implemented the same changes that I had done in 1.3.8 to 1.3.9. I don't recall 1.3.8 having a detailed invoice link, and if it did, nobody was complaining about it.

regards
Robert

[DrByte]

I've noticed other people mentioning that this invoice link doesn't work

I must have missed those posts.

[DrByte]

If you can tell me which file is responsible for sending out emails to clients and where that specific link is added I can just comment it out to disable it.

I DO NOT like telling people to "comment out" sections of core code, or to alter core code, for numerous reasons, not the least of which it makes upgrades more difficult. And the majority of times that people ask for that they're really just putting a bandage on a problem that's caused by things added/altered elsewhere which should be fixed so that the rest of the site isn't crippled by mangling the original core code. Plus it complicates things with respect to PCI issues. You are responsible for *all* changes you make to *any* files, regardless of who recommends/suggests them or where you find them.

However, the section of code which you can adjust is around line 933 of /includes/classes/order.php. Change the 'SSL' references to 'NONSSL' in the two places shown here:

Code:

    EMAIL_TEXT_INVOICE_URL . ' ' . zen_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $zf_insert_id, 'NONSSL', false) . "\n\n";
    $html_msg['EMAIL_TEXT_HEADER']     = EMAIL_TEXT_HEADER;
    $html_msg['EMAIL_TEXT_FROM']       = EMAIL_TEXT_FROM;
    $html_msg['INTRO_STORE_NAME']      = STORE_NAME;
    $html_msg['EMAIL_THANKS_FOR_SHOPPING'] = EMAIL_THANKS_FOR_SHOPPING;
    $html_msg['EMAIL_DETAILS_FOLLOW']  = EMAIL_DETAILS_FOLLOW;
    $html_msg['INTRO_ORDER_NUM_TITLE'] = EMAIL_TEXT_ORDER_NUMBER;
    $html_msg['INTRO_ORDER_NUMBER']    = $zf_insert_id;
    $html_msg['INTRO_DATE_TITLE']      = EMAIL_TEXT_DATE_ORDERED;
    $html_msg['INTRO_DATE_ORDERED']    = strftime(DATE_FORMAT_LONG);
    $html_msg['INTRO_URL_TEXT']        = EMAIL_TEXT_INVOICE_URL_CLICK;
    $html_msg['INTRO_URL_VALUE']       = zen_href_link(FILENAME_ACCOUNT_HISTORY_INFO, 'order_id=' . $zf_insert_id, 'NONSSL', false);