Category Archives: functions

tips on how to change, improve how osCommerce-based cart functions

how to add a linked image to an infobox

You want to advertise a new product or special shipping offer with an image in one of the side columns of your store. And you would like to make it a clickable link to another page. Here’s how:

1. First prepare the image. Consider the width of the column it is going to be inserted into. If the image is wider than the column, it’ll push out into the mainpage area. Upload the image to the folder /images.
2. Open up the example.php infobox file. In Cre Loaded you can find this in /templates/default/boxes. The code looks like this:



  
   'left',
                               'text'  => '' . BOX_HEADING_EXAMPLE . '');
  // Change BOX_HEADING_EXAMPLE to a name of your choice. Use the same in Infobox Admin to configure the infobox title.
  new $infobox_template_heading($info_box_contents, '', ((isset($column_location) && $column_location !='') ? $column_location : '') ); 
  $info_box_contents = array();
  // add your infobox content to the text variable below  
  $info_box_contents[] = array('align' => 'center',
                               'text'  => '' . tep_image(DIR_WS_IMAGES . 'Book-4_mockup.jpg', 'my image', SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '');
  new $infobox_template($info_box_contents, true, true, ((isset($column_location) && $column_location !='') ? $column_location : '') );
  if (TEMPLATE_INCLUDE_FOOTER =='true'){
    $info_box_contents = array();
    $info_box_contents[] = array('align' => 'left',
                                 'text'  => tep_draw_separator('pixel_trans.gif', '100%', '1')
                                );
    new $infobox_template_footer($info_box_contents, ((isset($column_location) && $column_location !='') ? $column_location : '') );
  } 
  ?>
  

3. Edit the content line. Find in the code the comment // add your infobox content to the text variable below and below this edit the ‘text’ as shown in the following example, replacing the image link, name and title with your details:

$info_box_contents[] = array('align' => 'left',
'text'  => '' . tep_image(DIR_WS_IMAGES . 'name_of_my_image.jpg', 'my image title', SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT) . '');

4. Save the example.php file and add the infobox to the template in the usual way.

how to rename your admin folder

One recommended security step to take with any oscommerce-based e-commerce store is to rename the admin folder so it is harder for the uninvited to drop in.

Steps to take:

  • Choose new name
    Or don’t and use a randomiser like the PCTools Password Generator to make a new admin folder name of 8 or more characters for you. Use a mix of letters, cases, numbers and some symbols (avoid \ | / ‘ and ” however.) Copy it to the Clipboard so you can paste it in the next steps.
  • Although a 'hard-to-guess' admin name is good, 24-characters seems excessive.
  • Make the change
    Access your Store through your control panel or an (s)ftp connection, click the Rename button (or use right click ‘rename’) and paste in the new name.
    Refresh the display (or close and reopen the (s)ftp connection) to see the change take effect.
  • Update your ‘admin’/includes/configure.php file
    You may have to change the permission settings to be able to make the following change – ’666′ or ‘Read/Write all groups’ is usually enough.
    Check the file for entries with /admin/ in the paths. Use Find and Replace to change all of these /admin/ entries to /new name/.
    Save the file and change permissions back to ’444′ or ‘Read only all groups.’
  • Update any ‘admin’ bookmarks
    If you have the old admin panel bookmark in your browser(s) now’s the time to update these to reflect the new ‘admin’ folder name.
  • Don’t include references to the new ‘admin’ folder in the robots.txt file
    The /catalog/robots.txt file is a popular reference for would-be hackers to see which parts of your store you don’t want the bots to visit. Avoid mentioning the new ‘admin’ folder in this file. There are other ways of diverting bots attention away from areas of your store you may want to keep better hidden than others.

There’s more here about securing your admin – and although these steps do not guarantee 100% certain defence against the determined hacker, they will raise the bar out of the reach of ‘script kiddies’ and others who are looking for easy targets. 7JP9H7JXBRDZ

cre loaded – enctype=”multipart/form-data” and payment modules, sagepay form

Cre Loaded version 6.4.1 still widley uses enctype=”multipart/form-data” for form submission. This would be ok if the forms being submitted involved file uploads or large files, but when payment module forms get zapped with this ‘decoding’ routine, they tend to break. A case in point – the Sagepay Form module.

The code responsible is in templates/content (or /templates/your template/content) and the file is checkout_confirmation.tpl.php (around line 277 in the CE version) :

if (ACCOUNT_CONDITIONS_REQUIRED == 'false' ) {
echo tep_draw_form('checkout_confirmation', $form_action_url, 'post','enctype="multipart/form-data"');
} else {
echo tep_draw_form('checkout_confirmation', $form_action_url, 'post','onsubmit="return checkCheckBox(this)" enctype="multipart/form-data"');
}

and replace with this :

if ((ACCOUNT_CONDITIONS_REQUIRED == 'false' ) && ($_SESSION['payment'] == 'sage_pay_form')) {
            echo tep_draw_form('checkout_confirmation', $form_action_url, 'post');
          } elseif ((ACCOUNT_CONDITIONS_REQUIRED == 'true' ) && ($_SESSION['payment'] == 'sage_pay_form')) {
            echo tep_draw_form('checkout_confirmation', $form_action_url, 'post','onsubmit="return checkCheckBox(this)"');
          } elseif (ACCOUNT_CONDITIONS_REQUIRED == 'false') {
            echo tep_draw_form('checkout_confirmation', $form_action_url, 'post','enctype="multipart/form-data"');
          } else {
            echo tep_draw_form('checkout_confirmation', $form_action_url, 'post','onsubmit="return checkCheckBox(this)" enctype="multipart/form-data"');
          }

add currency dropdown to menu bar

If you run an e-commerce website that accepts multiple currencies, then customers will appreciate being able to change currencies quickly.

currency dropdown added to cre63_ats template

This modification adds a currency dropdown to a menu bar (part of the cre63_ats template for Cre Loaded), however it will work for all osCommerce-based carts with minor tweaks.

            
    currencies);
                   $currencies_array = array();
                   while (list($key, $value) = each($currencies->currencies)) {
                  $currencies_array[] = array('id' => $key, 'text' => $value['title']);
                }
                  $hidden_get_variables = '';
                  reset($_GET);
                  while (list($key, $value) = each($_GET)) {
                  if ( ($key != 'currency') && ($key != tep_session_name()) && ($key != 'x') && ($key != 'y') ) {
                  $hidden_get_variables .= tep_draw_hidden_field($key, $value);
                }
              }
            }
                  echo tep_draw_form('currencies', tep_href_link(basename($PHP_SELF), '', $request_type, false), 'get');
                  echo tep_draw_pull_down_menu('currency', $currencies_array, $currency, 'onChange="this.form.submit();"') . $hidden_get_variables . tep_hide_session_id();
                  echo '';
    ?>

Disable any ‘Switch to Default Language Currency’ setting you may have enabled in your Configuration panel.

Australian zone and tax settings

You can plug all the default zone and tax settings through the Admin but there’s an easier way. The sql snippets below can be run through phpMyAdmin which you can usually access through cPanel. Once in phpmyadmin, select the database you want to update and click on the Sql tab at the top of the page. Copy n paste the code below then Go. Once done, your Australian store will have all the tax and zone information needed for using various shipping and payment modules.

Note – the sqls below are for a store that is missing the data. Check your admin for these settings already (eg under Localizations >> Currencies for AUD; under Locations/Taxes >> Zones for Australian states. There’s no point readding them if they already exist.)

Australian Zones (States)

INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'NSW','New South Wales');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'VIC','Victoria');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'QLD','Queensland');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'NT','Northern Territory');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'WA','Western Australia');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'SA','South Australia');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'TAS','Tasmania');
INSERT INTO zones (zone_id, zone_country_id, zone_code, zone_name) VALUES ('',13,'ACT','Australian Capital Territory');

Australia GST Setup

update tax_class set tax_class_title="GST" where tax_class_title = "Taxable Goods";
update tax_class set tax_class_description="The following types of products attract GST in Australia" where tax_class_title = "GST";
update tax_rates set tax_description = "GST" where tax_description = "FL TAX 7.0%";
update tax_rates set tax_rate = "10" where tax_description = "GST";

Australia Currency Setup

update currencies set code = "AUD" where code = "USD";
update currencies set title = "Australian Dollar" where code = "AUD";
update configuration set configuration_value = "AUD" where configuration_key = "DEFAULT_CURRENCY";
update configuration set configuration_value = "true" where configuration_key = "DISPLAY_PRICE_WITH_TAX";

Australia Tax Geo Zone Setup

insert into `geo_zones` (`geo_zone_id`,`geo_zone_name`,`geo_zone_description`) values (1,'Australia','');
insert into zones_to_geo_zones (zone_country_id, zone_id, geo_zone_id)
select countries_id as zone_country_id, 0 as zone_id, geo_zone_id
   from countries, geo_zones
   where countries_name = "Australia"
   and geo_zone_name = "Australia";