WorldPay Module version 2.0 - Support thread

[philip_clarke]

Get the old 1.3.6 zip and overwrite the file. then disable the module. Should be the fastest fix.

That's the old Zen Cart 1.3.6 zip not worldpay, any other worldpay that would work on 1.3.6 has a big security hole.

[robsnowden]

Thanks Philip - this has sorted me out pro-temp!

I will have a crack at upgrading his site to 1.3.8a tonight when site is quiet and then try mod again.

Many thanks for speedy help.

Rob

[philip_clarke]

One of the fourm administrators has been deleting my posts, the last time my posts were edited I left the entire project for 2 years.


Philip.

[Bigenuf]

One of the fourm administrators has been deleting my posts, the last time my posts were edited I left the entire project for 2 years.


Philip.

Any reasoning for the edit/delete? Was it the Worldpay thread?

[philip_clarke]

It would appear that the administrators objected to me telling the lazy woman that posted here, that she had an "urgent error" (it wasn't urgent, they apparently have been receiving emails about mistakes in their shop for some time, so it was only Urgent whn someone told her she should have sorted it out) which was nothing to do with worldpay, and I told her to find the right thread (I guess the thread was near the top of the forum list because of recent discsussions), then I told her to search for the right thread and go away after she continued posting.

I have very little tolerance for lazy people that expect me to sort out their problems for free, and shirk responsibility, post in the wrong thread and can't be bothered to search. (hence the contrast un my attitude between that woman and the bloke above with ZC 1.3.6 who got a rapid reply)

Two interesting points.

Within the last hour I received an email from RBS today offering me a developer account. I said it is pointless unless they are going to change the system to stop the kind of fraud I demonstrated (as I'd have to rewrite the module). I also told them that base href has nothing to do with PCI DSS after a client has paid, since PCI DSS is also to do with information leakage on "their" website, not information on a zen cart website.

Second thing, if my posts are edited or deleted again. I will withdraw my copyright on all modules. This is not a joke, it is the only option that an open source developer has and that will revert the WorldPay module back to the stage where it has a great big security hole in it and my royal mail modules will then not exist. The modules will also all need to be re-written if ZC version 2.0 gets released.

Philip.

[Bigenuf]

Well trying to look on the bright side, maybe they, RBS, are taking you seriously now. Was that a pig i just saw fly past my window???

[petelutonuk]

Philip, I think you have been very patient, I can feel your frustration and I wish I had your knowledge. Please don't leave us just as Worldpay seem to be taking notice. With your persuasion perhaps they will cooperate and we wont all have to bodge our sites or cancel our Worldpay accounts.

I have a bigger problem right now...found out by chance last Thursday that the company whos products I sell on my website are banning anyone from displaying prices on their websites from October 1st... unless the customers are logged in. OK, I can do this with Zencart but I cannot design a complete working site in 2 weeks around my full time job and I have only just started.

I guess this forum should be used to help sort problems between us, I pray that this big problem will be sorted out A.S.A.P. Peter.

[philip_clarke]

Oh I doubt it, I fully expect RBS not to do anything until someone commits a large scale fraud multiple times over, they'll bury it the first time or two until it becaomes common place and then they'll do something truly bizarre. I know (in great detail from a senior civil servant about an exact ongoing scam) that the banks routinely write off fraud rather than fix the system, as it would cost more to fix apparently, but then they are way over quoted on price all of the time and seem to require 5 times the people to do a one person job.

I've no idea if they've fixed the XSS exploits from the 1st September either, I'll probably pop back next week, at which point they will have been charged several thousand pounds to alter one line of code, just to check. I'm just not really interested any more, after having been ignored for so long, it is almost impossible for me to summon any more desire to work on a gateway that brings no rewards fiscal or otherwise.

Philip.

[philip_clarke]

I have a bigger problem right now...found out by chance last Thursday that the company whos products I sell on my website are banning anyone from displaying prices on their websites from October 1st... unless the customers are logged in.

Shouldn't be that tricky, I'll do some research.

[Electrobumps]

Sorry incorrect post