Jump to content


  • Posts

  • Joined

  • Last visited

Everything posted by Repy

  1. Hello there. I'm interested in developing prestashop, not something hardcore, I made some improvements on my local install and I want to share them with the dev team. I have plans also to make some significant fixes and improvements, like making the shipping estimator usable (take into account the zone) and some options like an 'offline' option that allows the user to prevent the backend from contacting external resources. They are mostly small fixes and improvements. How should I proceed? Thanks. I already have 2 fixes, 1 new option for the backend (regarding the label of the products images) and I have an almost finished translation to portuguese (>90%,
  2. Gee! I managed to make it work by adding a line in the "Specific Configuration" field (Admin>Tools>Generators). However, I couldn't find anything better and I think its somewhat silly: ExpiresByType text/html "access plus 0 seconds" I was thinking about "none" or something less stupid, but the only working instruction is this one, i don't know the 'hardcore' alternative to the expiring time. Anyways, i noticed that the default prestashop htacces already have some mod_expires instructions, now why not include an instruction that disables caching of html files, because its needed for the platform to work correctly, so it's always good to make sure. Thanks. EDIT: Heh! The hardcore syntax would be: ExpiresByType text/html A0 Devs: Please include that line on the default htaccess, because it just overrides any instruction and i can't see why not. Please answer here if you've read this otherwise i'm gonna fill a bug/improvement (but i really don't think its necessary).
  3. Hah! I found the problem! It was happening because I had a mod_expires instruction on a parent directory: ExpiresByType text/html "access plus 15 minutes" Commenting out this line solves the issue. Now I'm gonna add a override to that instruction on the prestashop .htacces using the backend to see if what happens. Moderators: Please don't delete this topic for future reference.
  4. Hello there. I'm experiencing an annoying problem. The logout link doesn't work, it doesn't refresh the page, and after clicking it, if you load another page, looks like you're logged out, but you can just click the login link and you're logged again. No password, etc. I want some fix or even a better workaroud than disabling rewriting or cache. Thanks. Some relevant info: Prestashop Version: Server information: Linux PHP Version: 5.2.17 MySQL Version: 5.1.52 EDIT: Actually, not even disabling both url rewriting and cache the logout works.
  5. Gee! I found the problem! There was no password_query.txt (&html) files on 'mails/LANG_CODE'. I just had to copy everything from 'mails/en' and skip the overwrites, then everything worked like a charm. I thought prestashop would just use the english files instead of not sending the emails. PS: Please don't delete this post because it may be useful for future reference.
  6. Hello there. I don't know why the password recovery is not working. It returns me "Error occurred when sending the e-mail.". Email sending is working from both the contact form and from the backend test. I"ve tried the fixes on presto-changeo but didn't work either. Any clues? Thanks.
  7. Thanks for your answer. Yep. It works perfectly. I just wanted a second opinion, because the override feature isn't very well documented (at least in english) so i wasn't sure i was doing it right And yes, I checked the 'parent' code to make sure the override makes sense. I see your point. Everything should work as long as there's no other override for the same controller. I don't know about multiple overrides... I think you can't do that unless you manually put them in the same file, because the override is dependent on the file name, and conflicts are likely, so one should solve this manually also. Thank you .
  8. Owch... are you serious? In fact, I think the thing should be a little different, more or less like this: class PasswordController extends PasswordControllerCore { public function process() { if (Tools::isSubmit('email')) { if (!$mycaptchalib->check($_POST['captcha_field'])) $this->errors[] = Tools::displayError('Captcha was wrong.'); else parent::process(); } } } I'm not sure if i'm doing this right though. I fear it's not a safe way to extend the functionality. I know a little of french, should I ask things like this in the french forums?
  9. Hello there. I'm learning how overrides works, and I made my first one, but I'm not sure if its correct... could you check it please? The code is: class PasswordController extends PasswordControllerCore { public function process() { if (true) //check captcha here $this->errors[] = Tools::displayError('The captcha was wrong.'); else parent::process(); } } in the file /override/controllers/PasswordController.php. Also, is there a way to make it "installable" using the back end (like a module)? Thank you.
  10. Sorry, but I disagree. Who in the world ships to any location at the same cost? The estimator doesn't take into account the location, it simply gets the price of the first zone (possibly the first in db) for that carrier. So why in the hell there's options to choose the country and state, if that makes no difference at all? Even if it retrieved the prices according to the zones, the zipcode box would still be useless. I set up a prestashop for testing and I would like to have different news, but It's not quite ready for me yet. Things may be broken in the back-end, and not-so-used things may also be broken, i don't care about having to fix things by hand and i can live with broken things in backend, but we're talking about a widely-used feature for clients. I don't want my clients to experience malfunction in my site. The feature is so commom that pretty much every other ecommerce platform has it built-in and enabled by default. My first impression was somewhat bad. I know prestashop doesn't have a huge company behind it, but this for itself is already a point against it, because as long as its opensource, people tends to use the solutions that has well-known companies behind. So they should work to compensate that. If the others are better, more tested, has more users, has big companies working and investing on it, why would one use another solution that has some serious and basic flaws? Just take a look at the other ecommerce softwares, mainly the growing smaller ones, a commom feature that they has built-in is a shipping estimator, and a working one. Some had a working shipping estimator even before a cart system, and prestashop is old and has 100.000 shops and no working shipping estimator? Also, prestashop is proud of the built-in "features" but those features are very basic, and if you want something special you have either to figure-out how to program for yourself, or pay for that. There's a huge extension market for prestashop, this is something bad, because i can be wrong but this will make the developers think twice before developing a feature built-in that has a commercial competitor. In terms of extensions, development and "fair" commercialization, OpenCart is much better. The most expensive modules costs US$:100.00, the development is very cheap and straight-forward because it's very easy to develop for it. So you can charge low prices also. You make money selling large amounts of cheap things, not little amounts of expensive things. And popularity is the most important thing for an opensource ecommerce platform. Prestashop itself is free, but you end up paying sometimes US$:1,000.00 in modules. If i would have to pay that, I'd rather pay for the core developers, instead of module developers. Not to tell that there's a LOT of reports on this issue, all of them closed without solving or checking the problem. Also, something that is irritating in prestashop is the changelog. On others, i can clearly see if an update has a security fix, or if i can avoid updating my store if the fixes doesn't affect me, because obviously, any security fix makes an update essential. But on prestashop there's no way to know that, are they assuming that the developers should update all their shops as long as an update is released? I'm sorry but most mass-developers will just stick with the latest secure and functional version. And that's why on the competition you can clearly decide if you should update your stores by quickly looking at changelogs. If everything is working, and there's no security flaws, why should one update the store platform? To waste time? I don't mean to be rude, etc.. I just think prestashop is going the wrong way maybe. I'm fully supportive to this kind of project and I really want them to become better. One solid step at time. Thank you.
  11. It's unbelievable they actually released such a "broken" internal module... The "total shipping" item shows numbers that doesn't make sense if the estimator is not installed. If it's installed, it doesn't work. I created some zones, created states, linked the states to the zones, configured the prices for each zone, and the thing simply doesn't work. This is so "unprofessional"... Such an important module...
  12. Hi there. I want anyone to be able to see the shipping cost even before registering. I noticed that the "Total Shipping" item in the cart doesn't work... It assumes the default carrier and zone. Useless. I need a dropbox for "zones" and another one for "carriers", this way even unregistered users will be able to know what the shipping cost is like. Something like the shipping estimate in Magento and others. Thank you. PS: I'm not using third party modules for shipping, i'm configuring them and entering the prices manually.
  13. Hmm. Sorry, my bad. I forgot to allow prestashop.com on noscript . (I always download it from my back office) However, that doesn't make much sense imho. I don't want to criticize too much because you do an extraordinary work, but here we go: The "download" button isn't the actual download button, it's a newsletter form that if clicked shows the actual download button. Imho the newsletter and download should be apart. Or at least that button should be "Show the Download Link" instead of simply "Download". Anyways... Do you keep a track of important changes (like 'real' security issues)? The changelog has some entries that looks like security fixes, but i'm not 100% sure. Thank you man.
  14. Why don't you simply put a link for the latest changelog on the download page? I can see it for the version 1.5, but to find the changelog for the stable version It's necessary to either enter the address manually or search on google for something like "site:prestashop.com changelog" otherwise it will return uncountable forum posts asking exactly 'where is the changelog'. And most of them are outdated, what means the link won't work any longer. My humble advices: If you only keep the latest version of the changelog, why don't you keep a unique filename? Couldn't it be something simply like "changelog.txt"? Link the changelog file. Always. I'd love to access the download page and be able to click somewhere to open the latest changelog. So i could easily verify if something affects me. Thank you.
  15. Just for reference. New versions of prestashop now stores the address on database. Precisely on: your_prestashop_db > ps_configuration > PS_SHOP_DOMAIN and PS_SHOP_DOMAIN_SSL for ssl Just change that an it'll work like a charm . Just don't forget the settings config/settings.inc.php. If your new domain is for example: mydomain.com/shop you'll need to change the database entries to "mydomain.com" and on settings.inc.php the __PS_BASE_URI__ definition from whatever to "define('__PS_BASE_URI__', '/shop/');" This was driving me nuts also, almost got crazy because of that. I always setup things in my local box, so this "undocumented" (or kinda) change just killed my workflow. It was redirecting to 'localhostwww.something'. Crazy stuff. They should put a change like this on headlines ihmo.
  16. Hello there. I've been wondering how secure actually is PrestaShop out of the box. I want to install it in a shared webserver (private ssl and ip) and the cpanel provides a link to that "oneclick installer" what in theory, takes care of apache configuration and files and dirs permissions, but should I rely on them, or should I install everything manually? It installs the latest prestashop version, and the thing seems quite updated. Also, is there a checklist on security or something? I don't want those file permissions checklist that i found on google, i want something useful and that makes sense (like checking the most important files and their md5), something automated maybe. Is prestashop secure by default? I would like to know anything that increases or improves the security. Security plugins generally only makes the entire thing more unsecure, but are there any stand-alone softwares that i could install to check the "health" of my prestashop setup? I want to know anything useful that actually improves the security, I want my install to be as safe as possible. If PrestaShop is safe out of the box, then okay. Thank you. PS: Forget all that virus and misconfiguration thing, let's assume it's a "perfect" install and the admin machine is totally safe.
  • Create New...

Important Information

Cookies ensure the smooth running of our services. Using these, you accept the use of cookies. Learn More