Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19
  1. #11
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default 1062: Duplicate entry 'xxxxxx' for key

    Symptom: intermittent errors in logs, specifically for the db_cache or sessions tables, matching the following patterns:

    PHP Fatal error: 1062: Duplicate entry 'zc_xxxxxx' for key 1 :: insert into db_cache set cache_entry_name = 'zc_xxxxxx' ...

    PHP Fatal error: 1062: Duplicate entry 'xxxxxx' for key 'PRIMARY' :: insert into sessions ...

    NOTE: THIS IS NOT for any general "1062 Duplicate entry" error. This is SPECIFIC to the db_cache and sessions tables. If you've got a "1062 Duplicate entry" message for another table, that is a SEPARATE ISSUE, which you will need to fix separately!


    FIX: Apply the code changes shown in BOTH of these posts:
    https://github.com/zencart/zencart/pull/244/files
    and
    https://github.com/zencart/zencart/pull/245/files

    (On that site, the text in red is stuff that was removed. Text in green is stuff that was added/changed.
    Basically, remove all the lines that are shown as starting with a "-", and replace/add all lines that are shown as starting with a "+". The red and green are just clarifying guides.)



    This also affects older versions. The above fixes are included in v1.6.0
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  2. #12
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default PHP Fatal error using "PayPal Standard" module

    Symptom:
    Getting error message:
    PHP Fatal error: Function name must be a string in /includes/modules/payment/paypal/paypal_functions.php on line 919


    Fix:
    1. THE RECOMMENDED FIX IS to use PayPal Express Checkout ... because it is a much better experience for the customer, and is a more reliable technology. (PayPal Standard can sometimes be blocked by various factors, thus resulting in orders not recorded in your store even though they've been paid for. Express Checkout doesn't have the technical limitations that Standard has, so is a MUCH better choice.)

    2. Or, if you are strongly opposed to using the recommended more reliable method, then you can make the following change in PHP:
    Edit /includes/modules/paypal/paypal_functions.php ... line 919
    Change $ipn_logging( to ipn_logging( (just removing the $).
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #13
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Credit Card "Type" not being recorded for authorize.net AIM orders in v1.5.4

    Symptom: Payments made using Authorize.net AIM don't record the "card type" (ie: visa, mastercard, etc) in the order details as shown in your Admin console.

    This issue affects only v1.5.4.

    FIX:
    Change this: /includes/modules/payment/authorizenet_aim.php line 291:
    Code:
    $processButton = array('ccFields'=>array('cc_number'=>'authorizenet_aim_cc_number', 'cc_owner'=>'authorizenet_aim_cc_owner', 'cc_cvv'=>'authorizenet_aim_cc_cvv', 'cc_expires'=>array('name'=>'concatExpiresFields', 'args'=>"['authorizenet_aim_cc_expires_month','authorizenet_aim_cc_expires_year']"), 'cc_expires_month'=>'authorizenet_aim_cc_expires_month', 'cc_expires_year'=>'authorizenet_aim_cc_expires_year'), 'extraFields'=>array(zen_session_name()=>zen_session_id()));

    To this:


    Code:
    $processButton = array('ccFields'=>array('cc_number'=>'authorizenet_aim_cc_number', 'cc_owner'=>'authorizenet_aim_cc_owner', 'cc_cvv'=>'authorizenet_aim_cc_cvv', 'cc_expires'=>array('name'=>'concatExpiresFields', 'args'=>"['authorizenet_aim_cc_expires_month','authorizenet_aim_cc_expires_year']"), 'cc_expires_month'=>'authorizenet_aim_cc_expires_month', 'cc_expires_year'=>'authorizenet_aim_cc_expires_year'), 'extraFields'=>array(zen_session_name()=>zen_session_id(), 'cc_type' => $this->cc_card_type));
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  4. #14
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default unable to use PayPal to process orders from the geographic region you selected

    Someone sent me logs from an instance where this error came up:
    We are sorry for the inconvenience; however, at the present time we are unable to use PayPal to process orders from the geographic region you selected as your PayPal address. Please continue using normal checkout and select from the available payment methods to complete your order.
    In the past most of the research to determine its cause was geared around customer address info. But in this case something else stood out, and the following fix worked for them.

    I've not had a chance to do extensive testing with all possible configurations, but I'm offering this for others to try out and share feedback:

    /includes/modules/payment/paypalwpp.php
    Line 1755 (as of v1.5.4)
    Change this:
    Code:
    $order->info['total'] = urldecode($response['AMT']);
    to the following, which basically just adds some conditional checks in front of the existing logic on that line:
    Code:
    if ($order->info['total'] < 0.01 && urldecode($response['AMT']) > 0) $order->info['total'] = urldecode($response['AMT']);
    Discussion on this can be continued at: https://www.zen-cart.com/showthread.php?217225
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  5. #15
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    9,623
    Plugin Contributions
    123

    Default Admin Products Price Manager using store-side tax definition

    Symptom:
    When DISPLAY_PRICE_WITH_TAX is false but DISPLAY_PRICE_WITH_TAX_ADMIN is true, product prices do not include tax in the products price manager.

    Resolution:

    Change line 948 of /admin/products_price_manager.php from

    Code:
      if (DISPLAY_PRICE_WITH_TAX == 'true') {
    to

    Code:
      if (DISPLAY_PRICE_WITH_TAX_ADMIN == 'true') {
    Discussion on this may be continued at https://www.zen-cart.com/showthread....tax-definition
    Last edited by swguy; 27 Jul 2015 at 06:03 PM.
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
    Do you benefit from Zen Cart? Then please support the project.

  6. #16
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Free Shipping Not Reset Properly after removing non-free-shipping product from basket

    SYMPTOM:
    If a customer has a cart with a free shipping item included after previously getting to the checkout_payment screen with an item that is to be shipped, the cost of shipping is not reset to 0.00 when returning to checkout with only free shipping (no cost shipping) other than store pickup.

    Affects v1.5.3 and v1.5.4.


    SOLUTION:
    In includes/modules/pages/checkout_shipping/header_php.php
    Code:
    // if the order contains only virtual products, forward the customer to the billing page as
    // a shipping address is not needed
    if ($order->content_type == 'virtual') {
      $_SESSION['shipping'] = array();
      $_SESSION['shipping']['id'] = 'free_free';
      $_SESSION['shipping']['title'] = 'free_free';
      $_SESSION['shipping']['cost'] = 0;
      $_SESSION['sendto'] = false;
      zen_redirect(zen_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
    }
    Discussed at: https://www.zen-cart.com/showthread....64#post1269364
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #17
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Timezone error on admin login page

    On servers where PHP is not configured with any timezone at all, you might get an error saying "it's not safe to use the default timezone".

    The fix involves 2 parts:

    1. Set a timezone in /includes/extra_configures/set_time_zone.php (This part is not a bug.)

    2. Then apply this simple bugfix so the error doesn't appear on the admin login page:
    Edit /admin/login.php
    Find line 16:
    Code:
    require ('includes/application_top.php');
    and move it up above line 9 (or at least above line 13 where strtotime() is being called).

    Discussed at [Done v1.5.5] Admin timezone error on login page
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  8. #18
    Join Date
    Sep 2003
    Location
    Ohio
    Posts
    69,402
    Plugin Contributions
    6

    Default Ajax.php security patch for v154

    THIS IS A DUPLICATE OF THE POST MADE BY DRBYTE ON Nov 26, 2015

    While it's never pleasant to report about security problems, a few patches which should be applied

    1. Problem with /ajax.php in v1.5.4 only - Severity: High
    In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
    The patch is simple: replace the /ajax.php file with the one attached below.

    QUICK PATCH TO APPLY: /ajax.php --> click here: Attachment 15828


    Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

    2. XSS problem for unsanitized comment field - Severity: Medium
    In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
    XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
    The fix for this is a simple one-line patch to /includes/modules/pages/checkout_confirmation/header_php.php, as shown in this code diff: XSS fix
    Thanks to Trustwave Security for alerting us to this issue.
    The attached checkout_confirmation header_php.php is for v1.3.9-thru-v1.5.4 only. Older versions should be patched manually using the code diff in the link above.
    Patched file: /includes/modules/pages/checkout_confirmation/header_php.php --> click here: Attachment 15825


    3. Failed customer login puts password back in input box - Severity: Low
    When attempting a login with an invalid password, the resulting response contains that invalid password.
    The fix for this is a simple edit to the /includes/functions/html_output.php file, as shown in this code diff: XSS fix
    For v1.5.4 one can apply the attached html_output.php file to /includes/functions/html_output.php ... or if you've customized that file via plugins, use the above code-diff link to find the one line to change.
    Patched file: /includes/functions/html_output.php --> click here: Attachment 15826



    .
    Last edited by Ajeh; 22 Jan 2016 at 12:51 AM.
    Linda McGrath
    If you have to think ... you haven't been zenned ...

    Did YOU buy the Zen Cart Team a cup of coffee and a donut today? Just click here to support the Zen Cart Team!!

    Are you using the latest? Perhaps you've a problem that's fixed in the latest version: [Upgrade today: v1.5.5]
    Officially PayPal-Certified! Just click here

    Try our Zen Cart Recommended Services - Hosting, Payment and more ...
    Signup for our Announcements Forums to stay up to date on important changes and updates!

  9. #19
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Known Bugs (and fixes) with v1.5.4

    THIS MAY OR MAY NOT AFFECT various v1.5.0 implementations. We're posting it here "in case". Implementing this fix is safe either way.

    Symptom: Admin Login "broken" in v1.5.0 - v1.5.5a with Google Chrome error: "Aw, snap"



    Google Chrome 54.0.2840.59 is now forcefully disallowing the use of javascript function declarations of 'animate'. This interferes with the "spinner" that appears during admin login since v1.5.0


    The fix is simple:
    1. Open /admin/login.php in a code-safe text editor, such as Sublime Text:
    2. Find and replace "animate(" with "waiting_spinner(". There will be 3 occurrences.
    3. Save
    That's it. Login should now work again.


    For a visual example of the changes, see: https://github.com/zencart/zencart/pull/1321/files
    (exact position and line numbers may differ between Zen Cart versions)


    Ref: https://www.zen-cart.com/showthread....log-into-admin
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 
Page 2 of 2 FirstFirst 12

Similar Threads

  1. v153 Known Bugs (and fixes) with v1.5.3
    By swguy in forum Upgrading to 1.5.x
    Replies: 9
    Last Post: 18 Oct 2016, 06:17 PM
  2. v151 Known Bugs (and fixes) with v1.5.1
    By DrByte in forum Upgrading to 1.5.x
    Replies: 4
    Last Post: 18 Oct 2016, 06:17 PM
  3. v150 Known Bugs (and fixes) with v1.5.0
    By DrByte in forum Upgrading to 1.5.x
    Replies: 5
    Last Post: 18 Oct 2016, 06:17 PM
  4. v153 Known Bugs (and fixes) with v1.5.3
    By swguy in forum Bug Reports
    Replies: 1
    Last Post: 7 Jul 2014, 05:57 PM
  5. Known Bugs (and fixes) with v1.3.8 / v1.3.8a
    By DrByte in forum Upgrading from 1.3.x to 1.3.9
    Replies: 41
    Last Post: 17 Feb 2010, 01:05 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR