Show Posts

Topics - llegrand

Pages: [1] 2 3 ... 9
I am aware that the track stock option ON condition disengages the manual updating of track stock and quantity on the Product General page.   I am requesting a rethink of that.  Please refer to the attached screen shot for more clarity.

The Product dashboard reports the correct quantity,  a total of the options quantities.  However,  the current disengagement of the Product general quantity field -  the information remains "frozen"  as to the number that was there when the track options are engaged.  Please see if you can display the same total that shows on the Dashboard.   This disinformation on the Product general page is confusing -  and also a bit cumbersome to either have to refer to the dashboard  or to do the math on the options pages.

Seems if you can display the correct total on the dashboard you should be able to display it on the product general page.


Security / jQuery before 3.0.0 is vulnerable to XSS
« on: March 28, 2018, 11:12:42 PM »
While working to obtain PCI compliance on a site  all tests have been successfully passed except for one. 

CVE-2015-9251 fails with this notification:

jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when across-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

It looks like 1.2.12  version is using jQuery 1.12.4.  jQuery site states that verions 1.x and 2.x are no longer receiving patches.  Do you anticipate upgrading to 3.x  with the next AbanteCart version 1.2.13?

Info regarding the issue can be found here:

Any feedback on this would be appreciated.


Documentations & Manuals / coupon description where shown
« on: December 07, 2017, 10:47:33 PM »
when making a coupon there is a coupon description field - according to the manual it is suppose to appear on the storefront.  Where exactly is this suppose to show up?  I am unable to find it except with the admin panel for coupons.  The Coupon Name field is what is displayed on the checkout page.

From the manual Name: Enter a name of a new Coupon
Coupon Description: descriptive text you want to appear on the storefront

If multi-store is setup correctly  -  and all stores use the same shipping extension (say FedEx)  but each has it's own shipper account or at least the origination point is different -  does the current coding handle this?

Same question in regards to  payments - say PayPal -  can each location have their own account setup?

I suppose I am asking if the DB fields for payments and shippers are correctly associated with a store ID?

Thanks in advance.

Security / Apache UserDir Protection
« on: September 16, 2016, 01:08:11 PM »
One of my servers cPanel is now "recommending" a new feature  UserDir Protection to be enabled.  This will configure Apache’s mod_userdir functionality to only be active on the default hostname. User site data will no longer be accessible under other usernames.

Here is the link to more information:

under warnings it has this:
Websites that use the mod_rewrite or other directives in their .htaccess files will not function correctly when visitors view them through mod_userdir URLs.

So my question to the developers is  -  what is the correct setting for mod-userdir for AbanteCart installations?


Security / advertising link in footer on forum?
« on: July 10, 2016, 09:03:56 PM »

so what's with the link in the footer to the advertising

Worldwide Online Advertising Company

Currently  Customer Tax Address  as set in system > settings > checkout ques off the customer address as selected by the Admin  to use with customer billing or shipping address for the tax location and most often at least in US is the shipping address.

This works okay for most taxsing requirements, except in one case:

If Pickup from Store is selected - this changes the tax rules for an order as it now has to conform to the store location rules.  This will probably be different than a customer billing or shipping address.

Please consider adding an option for Pickup from Store to allow Admin to use store address for location lookup or some way to refer to a "store"  tax class that can be selected for the Pickup from Store  that overrides the system > settings > checkout rules for all other taxation rules.

Thanks for considering this function.

On Abantecart 1.2.6  I can get PayPal Express to show up on checkout ONLY if guest checkout is enabled.
If only allowing registered accounts,  no PayPal Express.

Is this a requirement for the extension?  Or some fix that needs to be accomplished?


Extensions and Add-Ons / doc info for PayPay Express
« on: May 03, 2016, 12:51:49 PM »

On this doc for PayPal express is this reference correct?

API Username: - your PayPal Pro API username
API Password: - your PayPal Pro API password
I am not aware that Express requires a Pro anything.
Thanks for your correction or clarification.

Built-in Features / Options – required status working incorrectly
« on: May 01, 2016, 10:59:22 AM »
 Testing in version 1.2.6 (both on my tests sites and on your demo site)
The required switch does not appear to have an incorrect result.
Testing conditions:
Selectbox,  Multiselectbox, CheckBox,  Checkboxgroup, textarea 
All enabled all of the above with all set with NO default option checked – which then shows the lowest sort order within the option box on product page for customer
All have REQUIRED selected – this is verified by the red asterisks on the product page for customer
ONLY the checkbox and textarea will give a message for the need to be selected.   
Selectbox, multiselectbox and checkboxgroup automatically use the default selection.
The same result on the ordering is observed even if the required field is off.   
I have tested with having the global option set with required on and off,  and alternating the individual option with on and off,  the results are identical
So the question is what use is the required field for most options if the required selection by a customer selects for them?
 See attached for what shows up on my testing.
Am I missing some thought process here in how a required field should work?

Extensions and Add-Ons / zero balance requiring payment method
« on: April 22, 2016, 02:42:02 PM »
This was an issue back in 1.1.7  I think,  but it was fixed previously.  Seems it might be back again there is one payment -  installed,  it has been working flawlessly for many months.

In applying a credit to an account thatreduced the order to zero  I am getting 
Error: payment method required.

You can see by the screen shots that system has identified that there is a payment account noted but the previous fix to ignore zero balances seems to be broken.

this is a 1.2.6 Abantecart Version


Extensions and Add-Ons / authorize net api updating
« on: April 20, 2016, 12:28:37 PM »
there are some AuthorizeNet api updates coming up  -  want to be sure you are aware and can get the default AuthorizeNet extension in compliance if changes are necessary

Here is the link for more info about changes that just came in today - with time frames for implementation


New Features Discussion / add cloning to forms
« on: April 20, 2016, 10:55:12 AM »
The latest version of forms manager is quite excellent.   If you could add a cloning (replication) routine to an existing form - that would make it spectacular IMO. 

There are lots of times when a user has a basic form and then needs just a small field addition or change for a different form to be used .  So they have two different forms for slightly different purposes.  Some forms are quite lengthy, so re-building from scratch takes quite a bit of time.

Thanks for considering this.


Opinions / What Version are you using?
« on: January 19, 2016, 04:27:24 PM »
Hello fellow AbanteCart users.  As I relatively long -time user of AbanteCart (since 1.1.7)  and a frequent poster on the board  I have often wonder what we're all using for our current versions. 

Please take a moment to respond to the survey.  It may help admins and volunteer posters give better help,  and perhaps help extension writers to know how many versions to support so more can benefit.

Thanks for your time to respond.


In a new install using Softaculous  when working on the permissions I have no admin/system/backup/

Is this the expectation on a new install now?

Also I see all the file permissions are now being set to 755  except for config.php

still indicate 777 and a recent post on forum,4197.msg18284.html#msg18284  suggests 444 for config.   This is becoming a bit confusing -  and permission settings need to be correct for functionality and secure.   Can you please update the docs?


Pages: [1] 2 3 ... 9