181
Shipping Modules / Re: 10002: The XML document is well formed but the document is not valid
« on: June 29, 2012, 12:04:48 PM »
Thanks!
That's good news.
David
That's good news.
David
News:
AbanteCart v1.3.4 is released.
Show Posts
182
Configuration / Re: ssl and domain name
« on: June 29, 2012, 12:03:58 PM »
That is quite a reasonable concern.
Another concern that should be considered with ecommerce sites is that floating back and forth from secure to insecure states can increase opportunities to hijack the session.
Its not reasonable to use content sourced from insecure servers or connections in any case. In the end, the associated risks of viral loading, phishing and other code insertion should be sufficient to push the industry into a fully secure mode. I will agree however that a good deal of thought should be applied before changing the application to meet this standard..
David
Another concern that should be considered with ecommerce sites is that floating back and forth from secure to insecure states can increase opportunities to hijack the session.
Its not reasonable to use content sourced from insecure servers or connections in any case. In the end, the associated risks of viral loading, phishing and other code insertion should be sufficient to push the industry into a fully secure mode. I will agree however that a good deal of thought should be applied before changing the application to meet this standard..
David
183
Security / Re: Prevent Fraud in Real Time!
« on: June 27, 2012, 08:01:04 AM »
You could also try velocity checking. Find all orders from the current customer's IP address which occur within a given amount of time. If it exceeds a set number, flag the orders for review before shipping..
David
David
184
Existing features / Re: Backup/Restore seems largely non-functional
« on: June 27, 2012, 07:49:35 AM »
This begs the question of why the cache is not cleared automatically during the import process. Perhaps this is a change which should be considered...
David
David
185
Existing features / Data Import Date Formats?
« on: June 27, 2012, 07:42:25 AM »
What formats are acceptable for date inputs in imports? I see a couple of varieties used...
186
Configuration / Re: ssl and domain name
« on: June 26, 2012, 09:06:34 PM »
The recommended approach to using SSL is that once the visitor enters a secure state, they do not leave it unless they leave the site, or log out.
The cart would benefit from a change to this approach.
David
The cart would benefit from a change to this approach.
David
187
Shipping Modules / Re: 10002: The XML document is well formed but the document is not valid
« on: June 26, 2012, 09:00:01 PM »
Based on past experience with other carts, this likely means that you are missing the weight or dimensional data (height, width, length) for one or more products in that order. Adding this data should make the error go away in this case.
David
David
188
New Features Discussion / API request
« on: June 26, 2012, 08:03:34 PM »
Can we get the quantity on hand checks encapsulated and hooked? This would be most helpful for a project we're working on..
(particularly concerned with add to cart and cart validation in checkout)
David
(particularly concerned with add to cart and cart validation in checkout)
David
189
General Discussion / Re: All product images in one directory is a bad idea
« on: June 26, 2012, 08:00:34 PM »
Good to hear this. File systems may tolerate a single folder system much better than a well secured FTP service. So, the planned change will improve user experience on security sensitive hosts..
David
David
190
Existing features / Data Import / Export actions?
« on: June 26, 2012, 07:48:48 PM »
I see some references in the documentation for Data Import / Export that an XML ACTION tag is required to insert new products via this system, and get the impression that this would be required for CSV and other delimited files as well. Can someone verify this, and advise as to any column heading requirements ??
David
David