• osCommerce Online Merchant v2.3.4
  • Changelog
    • New Modules
    • Updated Modules
    • External Library Updates
    • API Changes
    • Language Definitions
    • Modified Files
  • File Changes
  • Thank You!
  • Reference

osCommerce Online Merchant v2.3.4

osCommerce Online Merchant v2.3.4 is a general maintenance release focusing on improving core features and introduces a new Content Modules feature.

This release is based on v2.3.3.4, not on v2.3.3. It is therefore important to review the v2.3.3.1 to v2.3.3.4 release notes when upgrading from v2.3.3.

Changelog Changes from v2.3.3.4

The following changes have been applied:

New Modules

The following modules have been added:

Updated Modules

The following modules have been updated:

External Library Updates

The following external libraries have been updated:

API Changes

The following API changes have been applied:

Language Definitions

The following language definitions have been modified:

Modified Files

Files that have been modified in this release include:

File Changes

jQuery UI (2+ files)

This changeset updates the jQuery UI javascript library and theme from v1.8.22 to v1.10.4 and removes a bug fix workaround the earlier version introduced.

Delete the following directories and files:

ext/jquery/ui/i18n
ext/jquery/ui/jquery-ui-1.8.22.min.js
ext/jquery/ui/redmond

Copy the following directories and files to their respective destination:

ext/jquery/ui/i18n
ext/jquery/ui/jquery-ui-1.10.4.min.js
ext/jquery/ui/redmond

In:

admin/includes/template_top.php

around line 21, change from:

<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.8.22.css'); ?>">

to:

<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.10.4.min.css'); ?>">

around line 23, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.8.22.min.js'); ?>"></script>

<script type="text/javascript">
// fix jQuery 1.8.0 and jQuery UI 1.8.22 bug with dialog buttons; http://bugs.jqueryui.com/ticket/8484
if ( $.attrFn ) { $.attrFn.text = true; }
</script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.10.4.min.js'); ?>"></script>

includes/template_top.php

around line 29, change from:

<link rel="stylesheet" type="text/css" href="ext/jquery/ui/redmond/jquery-ui-1.8.22.css" />

to:

<link rel="stylesheet" type="text/css" href="ext/jquery/ui/redmond/jquery-ui-1.10.4.min.css" />

around line 31, change from:

<script type="text/javascript" src="ext/jquery/ui/jquery-ui-1.8.22.min.js"></script>
<script type="text/javascript">
// fix jQuery 1.8.0 and jQuery UI 1.8.22 bug with dialog buttons; http://bugs.jqueryui.com/ticket/8484
if ( $.attrFn ) { $.attrFn.text = true; }
</script>

to:

<script type="text/javascript" src="ext/jquery/ui/jquery-ui-1.10.4.min.js"></script>

View online at GitHub

jQuery (2+ files)

This changeset updates the jQuery javascript library from v1.8.0 to v1.11.1.

Delete the following file:

ext/jquery/jquery-1.8.0.min.js

Copy the following file to its respective destination:

ext/jquery/jquery-1.11.1.min.js

In:

admin/includes/template_top.php

around line 22, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.8.0.min.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.11.1.min.js'); ?>"></script>

includes/template_top.php

around line 30, change from:

<script type="text/javascript" src="ext/jquery/jquery-1.8.0.min.js"></script>

to:

<script type="text/javascript" src="ext/jquery/jquery-1.11.1.min.js"></script>

View online at GitHub

Flot (jQuery Library) (1+ files)

This changeset updates the Flot jQuery library from v0.6 to v0.8.3.

Delete the following directory:

ext/flot

Copy the following directory to its respective destination:

ext/flot

In:

admin/includes/template_top.php

around line 36, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.min.js'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.time.min.js'); ?>"></script>

View online at GitHub

PhotosetGrid and ColorBox (3+ files)

This changeset replaces the bxGallery and FancyBox jQuery libraries with PhotosetGrid and Colorbox jQuery libraries.

Delete the following directories:

ext/jquery/bxGallery
ext/jquery/fancybox

Copy the following directories to their respective destination:

ext/colorbox
ext/photoset-grid

In:

includes/template_top.php

around line 44, change from:

<script type="text/javascript" src="ext/jquery/bxGallery/jquery.bxGallery.1.1.min.js"></script>
<link rel="stylesheet" type="text/css" href="ext/jquery/fancybox/jquery.fancybox-1.3.4.css" />
<script type="text/javascript" src="ext/jquery/fancybox/jquery.fancybox-1.3.4.pack.js"></script>

to:

<script type="text/javascript" src="ext/photoset-grid/jquery.photoset-grid.min.js"></script>

<link rel="stylesheet" type="text/css" href="ext/colorbox/colorbox.css" />
<script type="text/javascript" src="ext/colorbox/jquery.colorbox-min.js"></script>

product_info.php

around line 69, change from:

<?php
    if (tep_not_null($product_info['products_image'])) {
      $pi_query = tep_db_query("select image, htmlcontent from " . TABLE_PRODUCTS_IMAGES . " where products_id = '" . (int)$product_info['products_id'] . "' order by sort_order");

      if (tep_db_num_rows($pi_query) > 0) {
?>

    <div id="piGal" style="float: right;">
      <ul>

<?php
        $pi_counter = 0;
        while ($pi = tep_db_fetch_array($pi_query)) {
          $pi_counter++;

          $pi_entry = '        <li><a href="';

          if (tep_not_null($pi['htmlcontent'])) {
            $pi_entry .= '#piGalimg_' . $pi_counter;
          } else {
            $pi_entry .= tep_href_link(DIR_WS_IMAGES . $pi['image'], '', 'NONSSL', false);
          }

          $pi_entry .= '" target="_blank" rel="fancybox">' . tep_image(DIR_WS_IMAGES . $pi['image']) . '</a>';

          if (tep_not_null($pi['htmlcontent'])) {
            $pi_entry .= '<div style="display: none;"><div id="piGalimg_' . $pi_counter . '">' . $pi['htmlcontent'] . '</div></div>';
          }

          $pi_entry .= '</li>';

          echo $pi_entry;
        }
?>

      </ul>
    </div>

<script type="text/javascript">
$('#piGal ul').bxGallery({
  maxwidth: 300,
  maxheight: 200,
  thumbwidth: <?php echo (($pi_counter > 1) ? '75' : '0'); ?>,
  thumbcontainer: 300,
  load_image: 'ext/jquery/bxGallery/spinner.gif'
});
</script>

<?php
      } else {
?>

    <div id="piGal" style="float: right;">
      <?php echo '<a href="' . tep_href_link(DIR_WS_IMAGES . $product_info['products_image'], '', 'NONSSL', false) . '" target="_blank" rel="fancybox">' . tep_image(DIR_WS_IMAGES . $product_info['products_image'], addslashes($product_info['products_name']), null, null, 'hspace="5" vspace="5"') . '</a>'; ?>
    </div>

<?php
      }
?>

<script type="text/javascript">
$("#piGal a[rel^='fancybox']").fancybox({
  cyclic: true
});
</script>

<?php
    }
?>

to:

<?php
    if (tep_not_null($product_info['products_image'])) {
      $photoset_layout = '1';

      $pi_query = tep_db_query("select image, htmlcontent from " . TABLE_PRODUCTS_IMAGES . " where products_id = '" . (int)$product_info['products_id'] . "' order by sort_order");
      $pi_total = tep_db_num_rows($pi_query);

      if ($pi_total > 0) {
        $pi_sub = $pi_total-1;

        while ($pi_sub > 5) {
          $photoset_layout .= 5;
          $pi_sub = $pi_sub-5;
        }

        if ($pi_sub > 0) {
          $photoset_layout .= ($pi_total > 5) ? 5 : $pi_sub;
        }
?>

    <div id="piGal">

<?php
        $pi_counter = 0;
        $pi_html = array();

        while ($pi = tep_db_fetch_array($pi_query)) {
          $pi_counter++;

          if (tep_not_null($pi['htmlcontent'])) {
            $pi_html[] = '<div id="piGalDiv_' . $pi_counter . '">' . $pi['htmlcontent'] . '</div>';
          }

          echo tep_image(DIR_WS_IMAGES . $pi['image'], '', '', '', 'id="piGalImg_' . $pi_counter . '"');
        }
?>

    </div>

<?php
        if ( !empty($pi_html) ) {
          echo '    <div style="display: none;">' . implode('', $pi_html) . '</div>';
        }
      } else {
?>

    <div id="piGal">
      <?php echo tep_image(DIR_WS_IMAGES . $product_info['products_image'], addslashes($product_info['products_name'])); ?>
    </div>

<?php
      }
    }
?>

<script type="text/javascript">
$(function() {
  $('#piGal').css({
    'visibility': 'hidden'
  });

  $('#piGal').photosetGrid({
    layout: '<?php echo $photoset_layout; ?>',
    width: '250px',
    highresLinks: true,
    rel: 'pigallery',
    onComplete: function() {
      $('#piGal').css({ 'visibility': 'visible'});

      $('#piGal a').colorbox({
        maxHeight: '90%',
        maxWidth: '90%',
        rel: 'pigallery'
      });

      $('#piGal img').each(function() {
        var imgid = $(this).attr('id').substring(9);

        if ( $('#piGalDiv_' + imgid).length ) {
          $(this).parent().colorbox({ inline: true, href: "#piGalDiv_" + imgid });
        }
      });
    }
  });
});
</script>

stylesheet.css

change the following css definitions from:

#piGal ul {
  list-style-type: none;
}

#piGal img {
  -webkit-box-shadow: 0px 0px 1px #000;
  -moz-box-shadow: 0px 0px 1px #000;
}

#piGal .outer {
  margin-left: -30px;
}

to:

#piGal {
  float: right;
  width: 250px;
}

#piGal img {
  max-width: 250px;
  height: auto;
}

View online at GitHub

Administration Tool Boxes (1 file)

This changeset fixes the height of the Administration Tool boxes to work with the newer jQuery UI javascript library.

admin/includes/column_left.php

around line 74, change from:

autoHeight: false,

to:

heightStyle: 'content',

View online at GitHub

Improve $PHP_SELF (11 files)

This changeset improves the value of $PHP_SELF and keeps the path when the value is used in subdirectories (eg, viewing pages from the ext/ directory).

admin/includes/application_top.php

around line 38, change from:

$PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']);

to:

$req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
$PHP_SELF = substr($req['path'], strlen(DIR_WS_ADMIN));

around line 127, change from:

$current_page = basename($PHP_SELF);

to:

$current_page = $PHP_SELF;

admin/includes/classes/split_page_results.php

around line 55, change from:

$display_links = tep_draw_form('pages', basename($PHP_SELF), '', 'get');

to:

$display_links = tep_draw_form('pages', $PHP_SELF, '', 'get');

around line 58, change from:

$display_links .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';

to:

$display_links .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';

around line 66, change from:

$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';

to:

$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';

includes/application_top.php

around line 47, change from:

$PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo') == false)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF']) : basename($HTTP_SERVER_VARS['SCRIPT_NAME']);

to:

$req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
$PHP_SELF = substr($req['path'], ($request_type == 'NONSSL') ? strlen(DIR_WS_HTTP_CATALOG) : strlen(DIR_WS_HTTPS_CATALOG));

around line 317, change from:

$goto = basename($PHP_SELF);

to:

$goto = $PHP_SELF;

around line 367, change from:

tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));

to:

tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));

around line 377, change from:

tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action', 'notify'))));

to:

tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action', 'notify'))));

around line 389, change from:

tep_redirect(tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action'))));

to:

tep_redirect(tep_href_link($PHP_SELF, tep_get_all_get_params(array('action'))));

includes/classes/navigation_history.php

around line 30, change from:

if ( ($this->path[$i]['page'] == basename($PHP_SELF)) ) {

to:

if ($this->path[$i]['page'] == $PHP_SELF) {

around line 61, change from:

$this->path[] = array('page' => basename($PHP_SELF),

to:

$this->path[] = array('page' => $PHP_SELF,

around line 72, change from:

if ($this->path[$last_entry_position]['page'] == basename($PHP_SELF)) {

to:

if ($this->path[$last_entry_position]['page'] == $PHP_SELF) {

around line 86, change from:

$this->snapshot = array('page' => basename($PHP_SELF),

to:

$this->snapshot = array('page' => $PHP_SELF,

includes/classes/split_page_results.php

around line 83, change from:

if ($this->current_page_number > 1) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . ($this->current_page_number - 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_PREVIOUS_PAGE . ' "><u>' . PREVNEXT_BUTTON_PREV . '</u></a>&nbsp;&nbsp;';

to:

if ($this->current_page_number > 1) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . ($this->current_page_number - 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_PREVIOUS_PAGE . ' "><u>' . PREVNEXT_BUTTON_PREV . '</u></a>&nbsp;&nbsp;';

around line 93, change from:

if ($cur_window_num > 1) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . (($cur_window_num - 1) * $max_page_links), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PREV_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>';

to:

if ($cur_window_num > 1) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . (($cur_window_num - 1) * $max_page_links), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PREV_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>';

around line 100, change from:

$display_links_string .= '&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . $jump_to_page, $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PAGE_NO, $jump_to_page) . ' "><u>' . $jump_to_page . '</u></a>&nbsp;';

to:

$display_links_string .= '&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . $jump_to_page, $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_PAGE_NO, $jump_to_page) . ' "><u>' . $jump_to_page . '</u></a>&nbsp;';

around line 105, change from:

if ($cur_window_num < $max_window_num) $display_links_string .= '<a href="' . tep_href_link(basename($PHP_SELF), $parameters . $this->page_name . '=' . (($cur_window_num) * $max_page_links + 1), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_NEXT_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>&nbsp;';

to:

if ($cur_window_num < $max_window_num) $display_links_string .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $this->page_name . '=' . (($cur_window_num) * $max_page_links + 1), $request_type) . '" class="pageResults" title=" ' . sprintf(PREVNEXT_TITLE_NEXT_SET_OF_NO_PAGE, $max_page_links) . ' ">...</a>&nbsp;';

around line 108, change from:

if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= '&nbsp;<a href="' . tep_href_link(basename($PHP_SELF), $parameters . 'page=' . ($this->current_page_number + 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_NEXT_PAGE . ' "><u>' . PREVNEXT_BUTTON_NEXT . '</u></a>&nbsp;';

to:

if (($this->current_page_number < $this->number_of_pages) && ($this->number_of_pages != 1)) $display_links_string .= '&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . 'page=' . ($this->current_page_number + 1), $request_type) . '" class="pageResults" title=" ' . PREVNEXT_TITLE_NEXT_PAGE . ' "><u>' . PREVNEXT_BUTTON_NEXT . '</u></a>&nbsp;';

includes/functions/general.php

around line 896, change from:

$sort_prefix = '<a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('page', 'info', 'sort')) . 'page=1&sort=' . $colnum . ($sortby == $colnum . 'a' ? 'd' : 'a')) . '" title="' . tep_output_string(TEXT_SORT_PRODUCTS . ($sortby == $colnum . 'd' || substr($sortby, 0, 1) != $colnum ? TEXT_ASCENDINGLY : TEXT_DESCENDINGLY) . TEXT_BY . $heading) . '" class="productListing-heading">' ;

to:

$sort_prefix = '<a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('page', 'info', 'sort')) . 'page=1&sort=' . $colnum . ($sortby == $colnum . 'a' ? 'd' : 'a')) . '" title="' . tep_output_string(TEXT_SORT_PRODUCTS . ($sortby == $colnum . 'd' || substr($sortby, 0, 1) != $colnum ? TEXT_ASCENDINGLY : TEXT_DESCENDINGLY) . TEXT_BY . $heading) . '" class="productListing-heading">' ;

includes/modules/boxes/bm_currencies.php

around line 55, change from:

'    ' . tep_draw_form('currencies', tep_href_link(basename($PHP_SELF), '', $request_type, false), 'get') .

to:

'    ' . tep_draw_form('currencies', tep_href_link($PHP_SELF, '', $request_type, false), 'get') .

includes/modules/boxes/bm_languages.php

around line 46, change from:

$languages_string .= ' <a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('language', 'currency')) . 'language=' . $key, $request_type) . '">' . tep_image(DIR_WS_LANGUAGES .  $value['directory'] . '/images/' . $value['image'], $value['name']) . '</a> ';

to:

$languages_string .= ' <a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('language', 'currency')) . 'language=' . $key, $request_type) . '">' . tep_image(DIR_WS_LANGUAGES .  $value['directory'] . '/images/' . $value['image'], $value['name']) . '</a> ';

includes/modules/boxes/bm_order_history.php

around line 51, change from:

'    <td align="right" valign="top"><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=cust_order&pid=' . $products['products_id']) . '">' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '</a></td>' .

to:

'    <td align="right" valign="top"><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=cust_order&pid=' . $products['products_id']) . '">' . tep_image(DIR_WS_ICONS . 'cart.gif', ICON_CART) . '</a></td>' .

includes/modules/boxes/bm_product_notifications.php

around line 48, change from:

if ($notification_exists == true) {
  $notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
} else {
  $notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
}

to:

if ($notification_exists == true) {
  $notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications_remove.gif', IMAGE_BUTTON_REMOVE_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify_remove', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY_REMOVE, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
} else {
  $notif_contents = '<table border="0" cellspacing="0" cellpadding="2" class="ui-widget-content infoBoxContents"><tr><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . tep_image(DIR_WS_IMAGES . 'box_products_notifications.gif', IMAGE_BUTTON_NOTIFICATIONS) . '</a></td><td><a href="' . tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=notify', $request_type) . '">' . sprintf(MODULE_BOXES_PRODUCT_NOTIFICATIONS_BOX_NOTIFY, tep_get_products_name($HTTP_GET_VARS['products_id'])) .'</a></td></tr></table>';
}

includes/modules/product_listing.php

around line 135, change from:

$prod_list_contents .= '        <td align="center">' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . '</td>';

to:

$prod_list_contents .= '        <td align="center">' . tep_draw_button(IMAGE_BUTTON_BUY_NOW, 'cart', tep_href_link($PHP_SELF, tep_get_all_get_params(array('action')) . 'action=buy_now&products_id=' . $listing['products_id'])) . '</td>';

View online at GitHub

Session Lifetime (5 files + SQL)

This changeset updates the lifetime of database based sessions to match the lifetime of file based sessions for consistent lifetime behaviour, and now relies on the PHP session garbage collection setting for automatic cleanup of old sessions. The security of sessions has also been improved by not accepting GET/POST session IDs if SESSION_FORCE_COOKIE_USE is enabled.

admin/includes/functions/sessions.php
includes/functions/sessions.php

in those two files, around line 19, remove the following lines:

if (!$SESS_LIFE = get_cfg_var('session.gc_maxlifetime')) {
  $SESS_LIFE = 1440;
}

around line 31, change from:

function _sess_read($key) {
  $value_query = tep_db_query("select value from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "' and expiry > '" . time() . "'");
  $value = tep_db_fetch_array($value_query);

  if (isset($value['value'])) {
    return $value['value'];
  }

  return '';
}

to:

function _sess_read($key) {
  $value_query = tep_db_query("select value from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");
  $value = tep_db_fetch_array($value_query);

  if (isset($value['value'])) {
    return $value['value'];
  }

  return '';
}

around line 42, change from:

function _sess_write($key, $val) {
  global $SESS_LIFE;

  $expiry = time() + $SESS_LIFE;
  $value = $val;

  $check_query = tep_db_query("select count(*) as total from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");
  $check = tep_db_fetch_array($check_query);

  if ($check['total'] > 0) {
    return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input($expiry) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");
  } else {
    return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input($expiry) . "', '" . tep_db_input($value) . "')");
  }
}

to:

function _sess_write($key, $value) {
  $check_query = tep_db_query("select 1 from " . TABLE_SESSIONS . " where sesskey = '" . tep_db_input($key) . "'");

  if ( tep_db_num_rows($check_query) > 0 ) {
    return tep_db_query("update " . TABLE_SESSIONS . " set expiry = '" . tep_db_input(time()) . "', value = '" . tep_db_input($value) . "' where sesskey = '" . tep_db_input($key) . "'");
  } else {
    return tep_db_query("insert into " . TABLE_SESSIONS . " values ('" . tep_db_input($key) . "', '" . tep_db_input(time()) . "', '" . tep_db_input($value) . "')");
  }
}

around line 62, change from:

function _sess_gc($maxlifetime) {
  tep_db_query("delete from " . TABLE_SESSIONS . " where expiry < '" . time() . "'");

  return true;
}

to:

function _sess_gc($maxlifetime) {
  return tep_db_query("delete from " . TABLE_SESSIONS . " where expiry < '" . (time() - $maxlifetime) . "'");
}

around line 71, change from:

function tep_session_start() {
  global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;

  $sane_session_id = true;

  if (isset($HTTP_GET_VARS[tep_session_name()])) {
    if (preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) {
      unset($HTTP_GET_VARS[tep_session_name()]);

      $sane_session_id = false;
    }
  } elseif (isset($HTTP_POST_VARS[tep_session_name()])) {
    if (preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) {
      unset($HTTP_POST_VARS[tep_session_name()]);

      $sane_session_id = false;
    }
  } elseif (isset($HTTP_COOKIE_VARS[tep_session_name()])) {
    if (preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false) {
      $session_data = session_get_cookie_params();

      setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);

      $sane_session_id = false;
    }
  }

  if ($sane_session_id == false) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  register_shutdown_function('session_write_close');

  return session_start();
}

to:

function tep_session_start() {
  global $HTTP_GET_VARS, $HTTP_POST_VARS, $HTTP_COOKIE_VARS;

  $sane_session_id = true;

  if ( isset($HTTP_GET_VARS[tep_session_name()]) ) {
    if ( (SESSION_FORCE_COOKIE_USE == 'True') || (preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_GET_VARS[tep_session_name()]) == false) ) {
      unset($HTTP_GET_VARS[tep_session_name()]);

      $sane_session_id = false;
    }
  }

  if ( isset($HTTP_POST_VARS[tep_session_name()]) ) {
    if ( (SESSION_FORCE_COOKIE_USE == 'True') || (preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_POST_VARS[tep_session_name()]) == false) ) {
      unset($HTTP_POST_VARS[tep_session_name()]);

      $sane_session_id = false;
    }
  }

  if ( isset($HTTP_COOKIE_VARS[tep_session_name()]) ) {
    if ( preg_match('/^[a-zA-Z0-9,-]+$/', $HTTP_COOKIE_VARS[tep_session_name()]) == false ) {
      $session_data = session_get_cookie_params();

      setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);
      unset($HTTP_COOKIE_VARS[tep_session_name()]);

      $sane_session_id = false;
    }
  }

  if ($sane_session_id == false) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  register_shutdown_function('session_write_close');

  return session_start();
}

around line 161, change from:

function tep_session_destroy() {
  return session_destroy();
}

to:

function tep_session_destroy() {
  global $HTTP_COOKIE_VARS;

  if ( isset($HTTP_COOKIE_VARS[tep_session_name()]) ) {
    $session_data = session_get_cookie_params();

    setcookie(tep_session_name(), '', time()-42000, $session_data['path'], $session_data['domain']);
    unset($HTTP_COOKIE_VARS[tep_session_name()]);
  }

  return session_destroy();
}

includes/application_top.php

around line 151, change from:

if (isset($HTTP_POST_VARS[tep_session_name()])) {
  tep_session_id($HTTP_POST_VARS[tep_session_name()]);
} elseif ( ($request_type == 'SSL') && isset($HTTP_GET_VARS[tep_session_name()]) ) {
  tep_session_id($HTTP_GET_VARS[tep_session_name()]);
}

to:

if ( SESSION_FORCE_COOKIE_USE == 'False' ) {
  if ( isset($HTTP_GET_VARS[tep_session_name()]) && (!isset($HTTP_COOKIE_VARS[tep_session_name()]) || ($HTTP_COOKIE_VARS[tep_session_name()] != $HTTP_GET_VARS[tep_session_name()])) ) {
    tep_session_id($HTTP_GET_VARS[tep_session_name()]);
  } elseif ( isset($HTTP_POST_VARS[tep_session_name()]) && (!isset($HTTP_COOKIE_VARS[tep_session_name()]) || ($HTTP_COOKIE_VARS[tep_session_name()] != $HTTP_POST_VARS[tep_session_name()])) ) {
    tep_session_id($HTTP_POST_VARS[tep_session_name()]);
  }
}

login.php

around line 15, change from:

// redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled (or the session has not started)
  if ($session_started == false) {
    tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));
  }

to:

// redirect the customer to a friendly cookie-must-be-enabled page if cookies are disabled (or the session has not started)
  if ($session_started == false) {
    if ( !isset($HTTP_GET_VARS['cookie_test']) ) {
      $all_get = tep_get_all_get_params();

      tep_redirect(tep_href_link(FILENAME_LOGIN, $all_get . (empty($all_get) ? '' : '&') . 'cookie_test=1', 'SSL'));
    }

    tep_redirect(tep_href_link(FILENAME_COOKIE_USAGE));
  }

logoff.php

around line 19, change from:

tep_session_unregister('customer_id');
tep_session_unregister('customer_default_address_id');
tep_session_unregister('customer_first_name');
tep_session_unregister('customer_country_id');
tep_session_unregister('customer_zone_id');
tep_session_unregister('comments');

to:

tep_session_unregister('customer_id');
tep_session_unregister('customer_default_address_id');
tep_session_unregister('customer_first_name');
tep_session_unregister('customer_country_id');
tep_session_unregister('customer_zone_id');

if ( tep_session_is_registered('sendto') ) {
  tep_session_unregister('sendto');
}

if ( tep_session_is_registered('billto') ) {
  tep_session_unregister('billto');
}

if ( tep_session_is_registered('shipping') ) {
  tep_session_unregister('shipping');
}

if ( tep_session_is_registered('payment') ) {
  tep_session_unregister('payment');
}

if ( tep_session_is_registered('comments') ) {
  tep_session_unregister('comments');
}

Database

Perform the following SQL commands:

alter table sessions modify sesskey varchar(128) not null;

This increases the session ID column to better support session.hash_function and session.hash_bits_per_character PHP ini settings.

View online at GitHub

Block Orders With No Shipping (2 files + SQL)

This changeset allows orders to be blocked when the destination does not match any defined shipping zones and when no shipping rates are available.

checkout_shipping.php

around line 139, change from:

$shipping = false;

tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));

to:

if ( defined('SHIPPING_ALLOW_UNDEFINED_ZONES') && (SHIPPING_ALLOW_UNDEFINED_ZONES == 'False') ) {
  tep_session_unregister('shipping');
} else {
  $shipping = false;

  tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, '', 'SSL'));
}

around line 156, change from:

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_SHIPPING);

to:

require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_CHECKOUT_SHIPPING);

if ( defined('SHIPPING_ALLOW_UNDEFINED_ZONES') && (SHIPPING_ALLOW_UNDEFINED_ZONES == 'False') && !tep_session_is_registered('shipping') && ($shipping == false) ) {
  $messageStack->add_session('checkout_address', ERROR_NO_SHIPPING_AVAILABLE_TO_SHIPPING_ADDRESS);

  tep_redirect(tep_href_link(FILENAME_CHECKOUT_SHIPPING_ADDRESS, '', 'SSL'));
}

includes/languages/english/checkout_shipping.php

add the following language definition:

define('ERROR_NO_SHIPPING_AVAILABLE_TO_SHIPPING_ADDRESS', 'Shipping is currently not available for the selected shipping address. Please select or create a new shipping address to use with your purchase.');

Database

Perform the following SQL commands:

insert into configuration (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Allow Orders Not Matching Defined Shipping Zones ', 'SHIPPING_ALLOW_UNDEFINED_ZONES', 'False', 'Should orders be allowed to shipping addresses not matching defined shipping module shipping zones?', '7', '5', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now());

This adds the following configuration parameter:

Administration Tool -> Configuration -> Shipping/Packaging -> Allow Orders Not Matching Defined Shipping Zones (False by default)

View online at GitHub

Product Attributes Administration (1 file)

This changeset removes a duplicate database query when administrating product attributes.

admin/products_attributes.php

around line 134, change from:

tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . (int)$value_id . "'");
tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . (int)$value_id . "'");
tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " where products_options_values_id = '" . (int)$value_id . "'");

to:

tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES . " where products_options_values_id = '" . (int)$value_id . "'");
tep_db_query("delete from " . TABLE_PRODUCTS_OPTIONS_VALUES_TO_PRODUCTS_OPTIONS . " where products_options_values_id = '" . (int)$value_id . "'");

View online at GitHub

Remove Free Shipping Check On Non-Related Page (1 file)

This changeset removes a free shipping check on a non-related page.

checkout_payment.php

around line 176, change from:

} elseif ($free_shipping == false) {

to:

} else {

View online at GitHub

Checkout Confirmation MessageStack (1 file)

This changeset allows messages added to the message stack to be shown on the checkout confirmation page.

checkout_confirmation.php

around line 96, change from:

if (isset($$payment->form_action_url)) {
  $form_action_url = $$payment->form_action_url;
} else {
  $form_action_url = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');
}

to:

if ($messageStack->size('checkout_confirmation') > 0) {
  echo $messageStack->output('checkout_confirmation');
}

if (isset($$payment->form_action_url)) {
  $form_action_url = $$payment->form_action_url;
} else {
  $form_action_url = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', 'SSL');
}

View online at GitHub

CA Public Certificate Bundle (1 file)

This changeset adds the CA public certificate bundle which curl can use to verify secure connections.

Copy the following file to its respective directory:

includes/cacert.pem

View online at GitHub

Modules Administration (1 file)

This changeset prevents duplicate module parameters being installed when installed module files were deleted without uninstalling them prior and copying the files back at a later date to install again.

admin/modules.php

around line 48, change from:

if ($action == 'install') {
  $module->install();

  $modules_installed = explode(';', constant($module_key));
  $modules_installed[] = $class . $file_extension;

  tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . implode(';', $modules_installed) . "' where configuration_key = '" . $module_key . "'");
  tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $class));
} elseif ($action == 'remove') {
  $module->remove();

  $modules_installed = explode(';', constant($module_key));
  unset($modules_installed[array_search($class . $file_extension, $modules_installed)]);

  tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . implode(';', $modules_installed) . "' where configuration_key = '" . $module_key . "'");
  tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set));
}

to:

if ($action == 'install') {
  if ($module->check() > 0) { // remove module if already installed
    $module->remove();
  }

  $module->install();

  $modules_installed = explode(';', constant($module_key));

  if (!in_array($class . $file_extension, $modules_installed)) {
    $modules_installed[] = $class . $file_extension;
  }

  tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . implode(';', $modules_installed) . "' where configuration_key = '" . $module_key . "'");
  tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set . '&module=' . $class));
} elseif ($action == 'remove') {
  $module->remove();

  $modules_installed = explode(';', constant($module_key));

  if (in_array($class . $file_extension, $modules_installed)) {
    unset($modules_installed[array_search($class . $file_extension, $modules_installed)]);
  }

  tep_db_query("update " . TABLE_CONFIGURATION . " set configuration_value = '" . implode(';', $modules_installed) . "' where configuration_key = '" . $module_key . "'");
  tep_redirect(tep_href_link(FILENAME_MODULES, 'set=' . $set));
}

around line 181, change from:

<td class="dataTableContent" align="right"><?php if (is_numeric($module->sort_order)) echo $module->sort_order; ?></td>

to:

<td class="dataTableContent" align="right"><?php if (in_array($module->code . $file_extension, $modules_installed) && is_numeric($module->sort_order)) echo $module->sort_order; ?></td>

around line 249, change from:

if ($mInfo->status == '1') {

to:

if (in_array($mInfo->code . $file_extension, $modules_installed) && ($mInfo->status > 0)) {

View online at GitHub

HTTPS Administration Tool (22 files + Config)

This changeset forces HTTPS for the Administration Tool if SSL has been enabled.

admin/includes/configure.php

add the following configuration parameters with your store values:

define('HTTPS_SERVER', '');
define('ENABLE_SSL', false);
define('HTTP_COOKIE_DOMAIN', '');
define('HTTPS_COOKIE_DOMAIN', '');
define('HTTP_COOKIE_PATH', '');
define('HTTPS_COOKIE_PATH', '');

define('DIR_WS_HTTPS_ADMIN', '/catalog/admin/');

admin/cache.php

around line 87, change from:

<td class="dataTableContent" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CACHE, 'action=reset&block=' . $cache_blocks[$i]['code'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_reset.gif', 'Reset', 13, 13) . '</a>'; ?>&nbsp;</td>

to:

<td class="dataTableContent" align="right"><?php echo '<a href="' . tep_href_link(FILENAME_CACHE, 'action=reset&block=' . $cache_blocks[$i]['code']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_reset.gif', 'Reset', 13, 13) . '</a>'; ?>&nbsp;</td>

admin/categories.php

around line 595, change from:

<div><?php echo '<strong>' . TEXT_PRODUCTS_MAIN_IMAGE . ' <small>(' . SMALL_IMAGE_WIDTH . ' x ' . SMALL_IMAGE_HEIGHT . 'px)</small></strong><br />' . (tep_not_null($pInfo->products_image) ? '<a href="' . DIR_WS_CATALOG_IMAGES . $pInfo->products_image . '" target="_blank">' . $pInfo->products_image . '</a> &#124; ' : '') . tep_draw_file_field('products_image'); ?></div>

to:

<div><?php echo '<strong>' . TEXT_PRODUCTS_MAIN_IMAGE . ' <small>(' . SMALL_IMAGE_WIDTH . ' x ' . SMALL_IMAGE_HEIGHT . 'px)</small></strong><br />' . (tep_not_null($pInfo->products_image) ? '<a href="' . HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $pInfo->products_image . '" target="_blank">' . $pInfo->products_image . '</a> &#124; ' : '') . tep_draw_file_field('products_image'); ?></div>

around line 604, change from:

echo '                <li id="piId' . $pi_counter . '" class="ui-state-default"><span class="ui-icon ui-icon-arrowthick-2-n-s" style="float: right;"></span><a href="#" onclick="showPiDelConfirm(' . $pi_counter . ');return false;" class="ui-icon ui-icon-trash" style="float: right;"></a><strong>' . TEXT_PRODUCTS_LARGE_IMAGE . '</strong><br />' . tep_draw_file_field('products_image_large_' . $pi['id']) . '<br /><a href="' . DIR_WS_CATALOG_IMAGES . $pi['image'] . '" target="_blank">' . $pi['image'] . '</a><br /><br />' . TEXT_PRODUCTS_LARGE_IMAGE_HTML_CONTENT . '<br />' . tep_draw_textarea_field('products_image_htmlcontent_' . $pi['id'], 'soft', '70', '3', $pi['htmlcontent']) . '</li>';

to:

echo '                <li id="piId' . $pi_counter . '" class="ui-state-default"><span class="ui-icon ui-icon-arrowthick-2-n-s" style="float: right;"></span><a href="#" onclick="showPiDelConfirm(' . $pi_counter . ');return false;" class="ui-icon ui-icon-trash" style="float: right;"></a><strong>' . TEXT_PRODUCTS_LARGE_IMAGE . '</strong><br />' . tep_draw_file_field('products_image_large_' . $pi['id']) . '<br /><a href="' . HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $pi['image'] . '" target="_blank">' . $pi['image'] . '</a><br /><br />' . TEXT_PRODUCTS_LARGE_IMAGE_HTML_CONTENT . '<br />' . tep_draw_textarea_field('products_image_htmlcontent_' . $pi['id'], 'soft', '70', '3', $pi['htmlcontent']) . '</li>';

around line 724, change from:

<td class="main"><?php echo tep_image(DIR_WS_CATALOG_IMAGES . $products_image_name, $pInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'align="right" hspace="5" vspace="5"') . $pInfo->products_description; ?></td>

to:

<td class="main"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $products_image_name, $pInfo->products_name, SMALL_IMAGE_WIDTH, SMALL_IMAGE_HEIGHT, 'align="right" hspace="5" vspace="5"') . $pInfo->products_description; ?></td>

around line 777, change from:

<td align="right" class="smallText"><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link($back_url, $back_url_params, 'NONSSL')); ?></td>

to:

<td align="right" class="smallText"><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link($back_url, $back_url_params)); ?></td>

around line 956, change from:

$contents[] = array('text' => '<br />' . tep_image(DIR_WS_CATALOG_IMAGES . $cInfo->categories_image, $cInfo->categories_name) . '<br />' . DIR_WS_CATALOG_IMAGES . '<br /><strong>' . $cInfo->categories_image . '</strong>');

to:

$contents[] = array('text' => '<br />' . tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $cInfo->categories_image, $cInfo->categories_name) . '<br />' . DIR_WS_CATALOG_IMAGES . '<br /><strong>' . $cInfo->categories_image . '</strong>');

admin/includes/application_top.php

around line 37, change from:

// set php_self in the local scope
  $req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
  $PHP_SELF = substr($req['path'], strlen(DIR_WS_ADMIN));

to:

// set the type of request (secure or not)
  $request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';

// set php_self in the local scope
  $req = parse_url($HTTP_SERVER_VARS['SCRIPT_NAME']);
  $PHP_SELF = substr($req['path'], ($request_type == 'SSL') ? strlen(DIR_WS_HTTPS_ADMIN) : strlen(DIR_WS_ADMIN));

around line 83, change from:

// set the session name and save path
  tep_session_name('osCAdminID');
  tep_session_save_path(SESSION_WRITE_DIRECTORY);

to:

// set the cookie domain
  $cookie_domain = (($request_type == 'NONSSL') ? HTTP_COOKIE_DOMAIN : HTTPS_COOKIE_DOMAIN);
  $cookie_path = (($request_type == 'NONSSL') ? HTTP_COOKIE_PATH : HTTPS_COOKIE_PATH);

// set the session name and save path
  tep_session_name('osCAdminID');
  tep_session_save_path(SESSION_WRITE_DIRECTORY);

around line 89, change from:

session_set_cookie_params(0, DIR_WS_ADMIN);

to:

session_set_cookie_params(0, $cookie_path, $cookie_domain);

around line 92, change from:

ini_set('session.cookie_path', DIR_WS_ADMIN);

to:

ini_set('session.cookie_path', $cookie_path);
ini_set('session.cookie_domain', $cookie_domain);

admin/includes/classes/split_page_results.php

around line 58, change from:

$display_links .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number - 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';

to:

$display_links .= '<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number - 1)) . '" class="splitPageLink">' . PREVNEXT_BUTTON_PREV . '</a>&nbsp;&nbsp;';

around line 66, change from:

$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number + 1), 'NONSSL') . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';

to:

$display_links .= '&nbsp;&nbsp;<a href="' . tep_href_link($PHP_SELF, $parameters . $page_name . '=' . ($current_page_number + 1)) . '" class="splitPageLink">' . PREVNEXT_BUTTON_NEXT . '</a>';

admin/includes/functions/general.php

around line 27, change from:

function tep_redirect($url) {
  global $logger;

  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
  }

  if ( strpos($url, '&') !== false ) {
    $url = str_replace('&', '&', $url);
  }

  header('Location: ' . $url);

  if (STORE_PAGE_PARSE_TIME == 'true') {
    if (!is_object($logger)) $logger = new logger;
    $logger->timer_stop();
  }

  exit;
}

to:

function tep_redirect($url) {
  global $logger;

  if ( (strstr($url, "\n") != false) || (strstr($url, "\r") != false) ) {
    tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL', false));
  }

  if ( strpos($url, '&') !== false ) {
    $url = str_replace('&', '&', $url);
  }

  header('Location: ' . $url);

  if (STORE_PAGE_PARSE_TIME == 'true') {
    if (!is_object($logger)) $logger = new logger;
    $logger->timer_stop();
  }

  exit;
}

around line 270, change from:

function tep_info_image($image, $alt, $width = '', $height = '') {
  if (tep_not_null($image) && (file_exists(DIR_FS_CATALOG_IMAGES . $image)) ) {
    $image = tep_image(DIR_WS_CATALOG_IMAGES . $image, $alt, $width, $height);
  } else {
    $image = TEXT_IMAGE_NONEXISTENT;
  }

  return $image;
}

to:

function tep_info_image($image, $alt, $width = '', $height = '') {
  if (tep_not_null($image) && (file_exists(DIR_FS_CATALOG_IMAGES . $image)) ) {
    $image = tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . $image, $alt, $width, $height);
  } else {
    $image = TEXT_IMAGE_NONEXISTENT;
  }

  return $image;
}

admin/includes/functions/html_output.php

around line 15, change from:

function tep_href_link($page = '', $parameters = '', $connection = 'NONSSL') {
  $page = tep_output_string($page);

  if ($page == '') {
    die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine the page link!<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
  }
  if ($connection == 'NONSSL') {
    $link = HTTP_SERVER . DIR_WS_ADMIN;
  } elseif ($connection == 'SSL') {
    if (ENABLE_SSL_CATALOG == 'true') {
      $link = HTTPS_SERVER . DIR_WS_ADMIN;
    } else {
      $link = HTTP_SERVER . DIR_WS_ADMIN;
    }
  } else {
    die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
  }
  if ($parameters == '') {
    $link = $link . $page . '?' . SID;
  } else {
    $link = $link . $page . '?' . tep_output_string($parameters) . '&' . SID;
  }

  while ( (substr($link, -1) == '&') || (substr($link, -1) == '?') ) $link = substr($link, 0, -1);

  return $link;
}

to:

function tep_href_link($page = '', $parameters = '', $connection = 'SSL', $add_session_id = true) {
  global $request_type;

  $page = tep_output_string($page);

  if ($page == '') {
    die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine the page link!<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
  }

  if ($connection == 'NONSSL') {
    $link = HTTP_SERVER . DIR_WS_ADMIN;
  } elseif ($connection == 'SSL') {
    if (ENABLE_SSL == true) {
      $link = HTTPS_SERVER . DIR_WS_HTTPS_ADMIN;
    } else {
      $link = HTTP_SERVER . DIR_WS_ADMIN;
    }
  } else {
    die('</td></tr></table></td></tr></table><br /><br /><font color="#ff0000"><strong>Error!</strong></font><br /><br /><strong>Unable to determine connection method on a link!<br /><br />Known methods: NONSSL SSL<br /><br />Function used:<br /><br />tep_href_link(\'' . $page . '\', \'' . $parameters . '\', \'' . $connection . '\')</strong>');
  }

  if (tep_not_null($parameters)) {
    $link .= $page . '?' . tep_output_string($parameters);
    $separator = '&';
  } else {
    $link .= $page;
    $separator = '?';
  }

  while ( (substr($link, -1) == '&') || (substr($link, -1) == '?') ) $link = substr($link, 0, -1);

// Add the session ID when moving from different HTTP and HTTPS servers, or when SID is defined
  if ( ($add_session_id == true) && (SESSION_FORCE_COOKIE_USE == 'False') ) {
    if (tep_not_null($SID)) {
      $_sid = $SID;
    } elseif ( ( ($request_type == 'NONSSL') && ($connection == 'SSL') && (ENABLE_SSL == true) ) || ( ($request_type == 'SSL') && ($connection == 'NONSSL') ) ) {
      if (HTTP_COOKIE_DOMAIN != HTTPS_COOKIE_DOMAIN) {
        $_sid = tep_session_name() . '=' . tep_session_id();
      }
    }
  }

  if (isset($_sid)) {
    $link .= $separator . tep_output_string($_sid);
  }

  while (strstr($link, '&&')) $link = str_replace('&&', '&', $link);

  return $link;
}

admin/includes/functions/sessions.php

around line 91, change from:

if ($sane_session_id == false) {
  tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'NONSSL', false));
}

register_shutdown_function('session_write_close');

to:

if ($sane_session_id == false) {
  tep_redirect(tep_href_link(FILENAME_DEFAULT, '', 'SSL', false));
}

register_shutdown_function('session_write_close');

admin/includes/header.php

around line 20, change from:

<td colspan="2"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT, '', 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'oscommerce.png', 'osCommerce Online Merchant v' . tep_get_version()) . '</a>'; ?></td>

to:

<td colspan="2"><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '">' . tep_image(DIR_WS_IMAGES . 'oscommerce.png', 'osCommerce Online Merchant v' . tep_get_version()) . '</a>'; ?></td>

around line 23, change from:

<td class="headerBarContent">&nbsp;&nbsp;<?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT, '', 'NONSSL') . '" class="headerLink">' . HEADER_TITLE_ADMINISTRATION . '</a> &nbsp;|&nbsp; <a href="' . tep_catalog_href_link() . '" class="headerLink">' . HEADER_TITLE_ONLINE_CATALOG . '</a> &nbsp;|&nbsp; <a href="http://www.oscommerce.com" class="headerLink">' . HEADER_TITLE_SUPPORT_SITE . '</a>'; ?></td>

to:

<td class="headerBarContent">&nbsp;&nbsp;<?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT) . '" class="headerLink">' . HEADER_TITLE_ADMINISTRATION . '</a> &nbsp;|&nbsp; <a href="' . tep_catalog_href_link() . '" class="headerLink">' . HEADER_TITLE_ONLINE_CATALOG . '</a> &nbsp;|&nbsp; <a href="http://www.oscommerce.com" class="headerLink">' . HEADER_TITLE_SUPPORT_SITE . '</a>'; ?></td>

admin/includes/modules/security_check/extended/admin_backup_directory_listing.php

around line 26, change from:

$request = $this->getHttpRequest(tep_href_link('backups/', '', 'NONSSL'));

to:

$request = $this->getHttpRequest(tep_href_link('backups/'));

admin/includes/modules/security_check/extended/admin_backup_file.php

around line 57, change from:

$request = $this->getHttpRequest(tep_href_link('backups/' . $backup_file, '', 'NONSSL'));

to:

$request = $this->getHttpRequest(tep_href_link('backups/' . $backup_file));

admin/includes/modules/security_check/extended/ext_directory_listing.php

around line 26, change from:

$request = $this->getHttpRequest(tep_catalog_href_link('ext/', '', 'NONSSL'));

to:

$request = $this->getHttpRequest(tep_catalog_href_link('ext/'));

admin/includes/template_top.php

around line 19, change from:

<base href="<?php echo HTTP_SERVER . DIR_WS_ADMIN; ?>" />
<!--[if IE]><script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/excanvas.min.js'); ?>"></script><![endif]-->
<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.10.4.min.css'); ?>">
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.11.1.min.js'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.10.4.min.js'); ?>"></script>

to:

<base href="<?php echo ($request_type == 'SSL') ? HTTPS_SERVER . DIR_WS_HTTPS_ADMIN : HTTP_SERVER . DIR_WS_ADMIN; ?>" />
<!--[if IE]><script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/excanvas.min.js', '', 'SSL'); ?>"></script><![endif]-->
<link rel="stylesheet" type="text/css" href="<?php echo tep_catalog_href_link('ext/jquery/ui/redmond/jquery-ui-1.10.4.min.css', '', 'SSL'); ?>">
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/jquery-1.11.1.min.js', '', 'SSL'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/jquery-ui-1.10.4.min.js', '', 'SSL'); ?>"></script>

around line 28, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/i18n/jquery.ui.datepicker-' . JQUERY_DATEPICKER_I18N_CODE . '.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/jquery/ui/i18n/jquery.ui.datepicker-' . JQUERY_DATEPICKER_I18N_CODE . '.js', '', 'SSL'); ?>"></script>

around line 36, change from:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.min.js'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.time.min.js'); ?>"></script>

to:

<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.min.js', '', 'SSL'); ?>"></script>
<script type="text/javascript" src="<?php echo tep_catalog_href_link('ext/flot/jquery.flot.time.min.js', '', 'SSL'); ?>"></script>

admin/invoice.php

around line 39, change from:

<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_CATALOG_IMAGES . 'store_logo.png', STORE_NAME); ?></td>

to:

<td class="pageHeading" align="right"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'store_logo.png', STORE_NAME); ?></td>

admin/packingslip.php

around line 38, change from:

<td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_CATALOG_IMAGES . 'store_logo.png', STORE_NAME); ?></td>

to:

<td class="pageHeading" align="right"><?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'store_logo.png', STORE_NAME); ?></td>

admin/products_attributes.php

around line 207, change from:

<td align="right" colspan="3" class="smallText"><br /><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="right" colspan="3" class="smallText"><br /><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 216, change from:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option&option_id=' . $HTTP_GET_VARS['option_id'] . '&' . $page_info, 'NONSSL'), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option&option_id=' . $HTTP_GET_VARS['option_id'] . '&' . $page_info), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 260, change from:

echo '<form name="option" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_name&' . $page_info, 'NONSSL') . '" method="post">';

to:

echo '<form name="option" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_name&' . $page_info) . '" method="post">';

around line 270, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 277, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info, 'NONSSL')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info)) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_option&option_id=' . $options_values['products_options_id'] . '&' . $page_info)); ?>&nbsp;</td>

around line 296, change from:

echo '<form name="options" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_options&' . $page_info, 'NONSSL') . '" method="post"><input type="hidden" name="products_options_id" value="' . $next_id . '">';

to:

echo '<form name="options" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_options&' . $page_info) . '" method="post"><input type="hidden" name="products_options_id" value="' . $next_id . '">';

around line 364, change from:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 373, change from:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_value&value_id=' . $HTTP_GET_VARS['value_id'] . '&' . $page_info, 'NONSSL'), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td class="smallText" align="right" colspan="3"><br /><?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_value&value_id=' . $HTTP_GET_VARS['value_id'] . '&' . $page_info), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 420, change from:

echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_value&' . $page_info, 'NONSSL') . '" method="post">';

to:

echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_value&' . $page_info) . '" method="post">';

around line 442, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 450, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info, 'NONSSL')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info)) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_option_value&value_id=' . $values_values['products_options_values_id'] . '&' . $page_info)); ?>&nbsp;</td>

around line 467, change from:

echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_option_values&' . $page_info, 'NONSSL') . '" method="post">';

to:

echo '<form name="values" action="' . tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=add_product_option_values&' . $page_info) . '" method="post">';

around line 600, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_SAVE, 'disk', null, 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 643, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_attribute&attribute_id=' . $HTTP_GET_VARS['attribute_id'] . '&' . $page_info), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_attribute&attribute_id=' . $HTTP_GET_VARS['attribute_id'] . '&' . $page_info), 'primary') . tep_draw_button(IMAGE_CANCEL, 'close', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, $page_info)); ?>&nbsp;</td>

around line 653, change from:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info, 'NONSSL')) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info, 'NONSSL')); ?>&nbsp;</td>

to:

<td align="center" class="smallText">&nbsp;<?php echo tep_draw_button(IMAGE_EDIT, 'document', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=update_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info)) . tep_draw_button(IMAGE_DELETE, 'trash', tep_href_link(FILENAME_PRODUCTS_ATTRIBUTES, 'action=delete_product_attribute&attribute_id=' . $attributes_values['products_attributes_id'] . '&' . $page_info)); ?>&nbsp;</td>

admin/reviews.php

around line 161, change from:

<td class="main"><strong><?php echo ENTRY_RATING; ?></strong>&nbsp;<?php echo tep_image(DIR_WS_CATALOG_IMAGES . 'stars_' . $rInfo->reviews_rating . '.gif', sprintf(TEXT_OF_5_STARS, $rInfo->reviews_rating)); ?>&nbsp;<small>[<?php echo sprintf(TEXT_OF_5_STARS, $rInfo->reviews_rating); ?>]</small></td>

to:

<td class="main"><strong><?php echo ENTRY_RATING; ?></strong>&nbsp;<?php echo tep_image(HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES . 'stars_' . $rInfo->reviews_rating . '.gif', sprintf(TEXT_OF_5_STARS, $rInfo->reviews_rating)); ?>&nbsp;<small>[<?php echo sprintf(TEXT_OF_5_STARS, $rInfo->reviews_rating); ?>]</small></td>

around line 186, change from:

<td align="right" class="smallText"><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link($back_url, $back_url_params, 'NONSSL')); ?></td>

to:

<td align="right" class="smallText"><?php echo tep_draw_button(IMAGE_BACK, 'triangle-1-w', tep_href_link($back_url, $back_url_params)); ?></td>

admin/specials.php

around line 25, change from:

tep_redirect(tep_href_link(FILENAME_SPECIALS, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'sID=' . $HTTP_GET_VARS['id'], 'NONSSL'));

to:

tep_redirect(tep_href_link(FILENAME_SPECIALS, (isset($HTTP_GET_VARS['page']) ? 'page=' . $HTTP_GET_VARS['page'] . '&' : '') . 'sID=' . $HTTP_GET_VARS['id']));

around line 111, change from:

<tr><form name="new_special" action="<?php echo tep_href_link(FILENAME_SPECIALS, tep_get_all_get_params(array('action', 'info', 'sID')) . 'action=' . $form_action, 'NONSSL'); ?>" method="post"><?php if ($form_action == 'update') echo tep_draw_hidden_field('specials_id', $HTTP_GET_VARS['sID']); ?>

to:

<tr><form name="new_special" action="<?php echo tep_href_link(FILENAME_SPECIALS, tep_get_all_get_params(array('action', 'info', 'sID')) . 'action=' . $form_action); ?>" method="post"><?php if ($form_action == 'update') echo tep_draw_hidden_field('specials_id', $HTTP_GET_VARS['sID']); ?>

around line 179, change from:

echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', IMAGE_ICON_STATUS_GREEN, 10, 10) . '&nbsp;&nbsp;<a href="' . tep_href_link(FILENAME_SPECIALS, 'action=setflag&flag=0&id=' . $specials['specials_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . '</a>';

to:

echo tep_image(DIR_WS_IMAGES . 'icon_status_green.gif', IMAGE_ICON_STATUS_GREEN, 10, 10) . '&nbsp;&nbsp;<a href="' . tep_href_link(FILENAME_SPECIALS, 'action=setflag&flag=0&id=' . $specials['specials_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_red_light.gif', IMAGE_ICON_STATUS_RED_LIGHT, 10, 10) . '</a>';

around line 181, change from:

echo '<a href="' . tep_href_link(FILENAME_SPECIALS, 'action=setflag&flag=1&id=' . $specials['specials_id'], 'NONSSL') . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '</a>&nbsp;&nbsp;' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10);

to:

echo '<a href="' . tep_href_link(FILENAME_SPECIALS, 'action=setflag&flag=1&id=' . $specials['specials_id']) . '">' . tep_image(DIR_WS_IMAGES . 'icon_status_green_light.gif', IMAGE_ICON_STATUS_GREEN_LIGHT, 10, 10) . '</a>&nbsp;&nbsp;' . tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', IMAGE_ICON_STATUS_RED, 10, 10);

admin/stats_customers.php

around line 56, change from:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CUSTOMERS, 'search=' . $customers['customers_lastname'], 'NONSSL'); ?>'">

to:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CUSTOMERS, 'search=' . $customers['customers_lastname']); ?>'">

around line 58, change from:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, 'search=' . $customers['customers_lastname'], 'NONSSL') . '">' . $customers['customers_firstname'] . ' ' . $customers['customers_lastname'] . '</a>'; ?></td>

to:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CUSTOMERS, 'search=' . $customers['customers_lastname']) . '">' . $customers['customers_firstname'] . ' ' . $customers['customers_lastname'] . '</a>'; ?></td>

admin/stats_products_purchased.php

around line 50, change from:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_PURCHASED . '?page=' . $HTTP_GET_VARS['page'], 'NONSSL'); ?>'">

to:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_PURCHASED . '?page=' . $HTTP_GET_VARS['page']); ?>'">

around line 52, change from:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_PURCHASED . '?page=' . $HTTP_GET_VARS['page'], 'NONSSL') . '">' . $products['products_name'] . '</a>'; ?></td>

to:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_PURCHASED . '?page=' . $HTTP_GET_VARS['page']) . '">' . $products['products_name'] . '</a>'; ?></td>

admin/stats_products_viewed.php

around line 49, change from:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_VIEWED . '?page=' . $HTTP_GET_VARS['page'], 'NONSSL'); ?>'">

to:

<tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href='<?php echo tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_VIEWED . '?page=' . $HTTP_GET_VARS['page']); ?>'">

around line 51, change from:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_VIEWED . '?page=' . $HTTP_GET_VARS['page'], 'NONSSL') . '">' . $products['products_name'] . '</a> (' . $products['name'] . ')'; ?></td>

to:

<td class="dataTableContent"><?php echo '<a href="' . tep_href_link(FILENAME_CATEGORIES, 'action=new_product_preview&read=only&pID=' . $products['products_id'] . '&origin=' . FILENAME_STATS_PRODUCTS_VIEWED . '?page=' . $HTTP_GET_VARS['page']) . '">' . $products['products_name'] . '</a> (' . $products['name'] . ')'; ?></td>

admin/whos_online.php

around line 59, change from:

echo '              <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_WHOS_ONLINE, tep_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online['session_id'], 'NONSSL') . '\'">' . "\n";

to:

echo '              <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)" onclick="document.location.href=\'' . tep_href_link(FILENAME_WHOS_ONLINE, tep_get_all_get_params(array('info', 'action')) . 'info=' . $whos_online['session_id']) . '\'">' . "\n";

View online at GitHub

Content Modules (6+ files)

This changeset introduces a new Content Modules implementation where the content of a page is loaded through modules. This is introduced for the Login, My Account, and Checkout Success pages.

Step 1: Content Modules Administration Page

Step 1 adds the content modules administration page to the Administration Tool -> Modules menu.

Copy the following files to their respective destination:

admin/includes/boxes/modules_content.php
admin/includes/languages/english/modules/boxes/modules_content.php
admin/includes/languages/english/modules_content.php
admin/modules_content.php

Step 2: Content Modules

Step 2 adds the actual content modules to your store installation.

Copy the following directories to their respective destination:

ext/modules/content
includes/languages/english/modules/content
includes/modules/content
includes/modules/pages

This adds the following Content Modules which can be installed and configured on the Administration Tool -> Modules -> Content Modules -> Install page:

• Account
  • Set Password
  • Braintree Cards Management Page
  • Sage Pay Cards Management Page
  • Stripe Cards Management Page
• Checkout Success
  • Downloads
  • Product Notifications
  • Redirect Old Order
  • Thank You
• Login
  • Create Account
  • Login
  • Log In with PayPal

Step 3: Template Class

Step 3 adds functions to the template class to call and initialize content modules.

includes/classes/osc_template.php

around line 14, change from:

var $_title;
var $_blocks = array();
var $_grid_container_width = 24;
var $_grid_content_width = 16;
var $_grid_column_width = 4;

to:

var $_title;
var $_blocks = array();
var $_content = array();
var $_grid_container_width = 24;
var $_grid_content_width = 16;
var $_grid_column_width = 4;
var $_data = array();

around line 110, add the following class functions:

function addContent($content, $group) {
  $this->_content[$group][] = $content;
}

function hasContent($group) {
  return (isset($this->_content[$group]) && !empty($this->_content[$group]));
}

function getContent($group) {
  global $language;

  if ( !class_exists('tp_' . $group) && file_exists(DIR_WS_MODULES . 'pages/tp_' . $group . '.php') ) {
    include(DIR_WS_MODULES . 'pages/tp_' . $group . '.php');
  }

  if ( class_exists('tp_' . $group) ) {
    $template_page_class = 'tp_' . $group;
    $template_page = new $template_page_class();
    $template_page->prepare();
  }

  foreach ( $this->getContentModules($group) as $module ) {
    if ( !class_exists($module) ) {
      if ( file_exists(DIR_WS_MODULES . 'content/' . $group . '/' . $module . '.php') ) {
        if ( file_exists(DIR_WS_LANGUAGES . $language . '/modules/content/' . $group . '/' . $module . '.php') ) {
          include(DIR_WS_LANGUAGES . $language . '/modules/content/' . $group . '/' . $module . '.php');
        }

        include(DIR_WS_MODULES . 'content/' . $group . '/' . $module . '.php');
      }
    }

    if ( class_exists($module) ) {
      $mb = new $module();

      if ( $mb->isEnabled() ) {
        $mb->execute();
      }
    }
  }

  if ( class_exists('tp_' . $group) ) {
    $template_page->build();
  }

  if ($this->hasContent($group)) {
    return implode("\n", $this->_content[$group]);
  }
}

function getContentModules($group) {
  $result = array();

  foreach ( explode(';', MODULE_CONTENT_INSTALLED) as $m ) {
    $module = explode('/', $m, 2);

    if ( $module[0] == $group ) {
      $result[] = $module[1];
    }
  }

  return $result;
}

Step 4: Page Updates

Step 4 updates the Login, My Account, and Checkout Success pages to use the installed and configured Content Modules for the page layout.

Login Page

login.php

The code authenticating the customer and presenting the login form and create account link have moved from the login.php page to the Login Form and Create Account Link Content Modules. Due to the source code changes involved and possible customizations applied to your login page, it is recommended to review and compare your login.php page with the v2.3.4 version and apply any customizations in the login process to the Login Form Content Module.

The Login Form Content Module assigns the global $login_customer_id variable with the customer ID when the customer has been successfully authenticated. This value is then detected in the login.php page and continues to log the customer into their session.

The location of the Login Form Content Module files are at:

• includes/languages/english/modules/content/login/cm_login_form.php (language definitions)
• includes/modules/content/login/cm_login_form.php (main class which authenticates the customer)
• includes/modules/content/login/templates/login_form.php (template)

The location of the Create Account Link Content Module files are at:

• includes/languages/english/modules/content/login/cm_create_account_link.php (language definitions)
• includes/modules/content/login/cm_create_account_link.php (main class)
• includes/modules/content/login/templates/create_account_link.php (template)

The login.php file included in v2.3.4 can be found at:

https://github.com/osCommerce/oscommerce2/blob/3eaa3d1d0e9646329a1540bc3b63c192b4306f1c/catalog/login.php

includes/languages/english/login.php

The following language definitions have moved and have been replaced by definitions in the Content Modules.

My Account Page

account.php

The structured links shown on the My Account page are now generated from an array which Content Modules can manipulate. Content Modules can add new sections to the My Account page, add links to existing sections, and also remove or replace links in special occassions.

The standard links for the My Account page are defined in a Content Module Page class which the My Account Content Modules have access to.

The location of the My Account Content Module Page class is at:

• includes/modules/pages/tp_account.php

The standard links for the My Account page include:

• My Account
  • Edit Account
  • Address Book
  • Change Password
• Orders
  • Order History
• Notifications
  • Newsletters
  • Product Notifications

This release introduces a My Account Set Password Content Module that automatically replaces the Change Password link to a Set Password link for accounts that have been created without a password (eg, accounts created through Log In with PayPal or when guests purchase an order with PayPal Express Checkout).

The account.php file included in v2.3.4 can be found at:

https://github.com/osCommerce/oscommerce2/blob/3eaa3d1d0e9646329a1540bc3b63c192b4306f1c/catalog/account.php

Checkout Success Page

checkout_success.php

The content of the checkout success page has moved and is now built with the following Content Modules:

• Thank You
• Product Notifications
• Downloads

The checkout success page assigns the global $order_id variable with the order ID of the customers last order which the Checkout Success Content Modules have access to.

The location of the Thank You Content Module files are at:

• includes/languages/english/modules/content/checkout_success/cm_cs_thank_you.php (language definitions)
• includes/modules/content/checkout_success/cm_cs_thank_you.php (main class)
• includes/modules/content/checkout_success/templates/thank_you.php (template)

The location of the Product Notifications Content Module files are at:

• includes/languages/english/modules/content/checkout_success/cm_cs_product_notifications.php (language definitions)
• includes/modules/content/checkout_success/cm_cs_product_notifications.php (main class)
• includes/modules/content/checkout_success/templates/product_notifications.php (template)

The location of the Downloads Content Module files are at:

• includes/languages/english/modules/content/checkout_success/cm_cs_downloads.php (language definitions)
• includes/modules/content/checkout_success/cm_cs_downloads.php (main class)

The checkout_success.php file included in v2.3.4 can be found at:

https://github.com/osCommerce/oscommerce2/blob/3eaa3d1d0e9646329a1540bc3b63c192b4306f1c/catalog/checkout_success.php

includes/languages/english/checkout_success.php

The following language definitions have moved and have been replaced by definitions in the Content Modules.

View online at GitHub

Version Update (1 file)

This changeset updates the version file.

includes/version.php

change line 1 from:

2.3.3.4

to:

2.3.4

View online at GitHub

Administration Dashboard Latest News and Add-Ons (4+ files)

This changeset updates the Administration Tool Dashboard Latest News and Latest Add-Ons modules.

Copy the following files and directories to their respective directories:

admin/images/icon_facebook.png
admin/images/icon_google_plus.png
admin/images/icon_oscommerce.png
admin/images/icon_twitter.png
admin/includes/languages/english/modules/dashboard/d_latest_addons.php
admin/includes/languages/english/modules/dashboard/d_latest_news.php
admin/includes/modules/dashboard/d_latest_addons.php
admin/includes/modules/dashboard/d_latest_news.php

View online at GitHub

Administration Tool Orders Box (3 files)

This changeset moves the Administration Tool -> Customers -> Orders page into a new Administration Tool -> Orders section.

Copy the following files and directories to their respective directories:

admin/includes/boxes/orders.php

In:

admin/includes/boxes/customers.php

around line 20, remove the following lines:

),
array(
  'code' => FILENAME_ORDERS,
  'title' => BOX_CUSTOMERS_ORDERS,
  'link' => tep_href_link(FILENAME_ORDERS)

admin/includes/languages/english.php

around line 20, change from:

define('BOX_CUSTOMERS_ORDERS', 'Orders');

to:

// orders box text in includes/boxes/orders.php
define('BOX_HEADING_ORDERS', 'Orders');
define('BOX_ORDERS_ORDERS', 'Orders');

View online at GitHub

Payment Acceptance Box (2+ files)

This changeset introduces a new Payment Acceptance box that promotes the payment methods accepted on the store.

Copy the following files and directories to their respective directories:

images/card_acceptance
includes/languages/english/modules/boxes/bm_card_acceptance.php
includes/modules/boxes/bm_card_acceptance.php

After this changeset is applied, the module can be installed from the Administration Tool -> Modules -> Boxes -> Install page.

View online at GitHub

PayPal Modules (23 files)

This changeset updates and introduces new PayPal modules.

Payment Modules

PayPal Express Checkout

Copy the following files to their respective directories:

ext/modules/payment/paypal/express.php
ext/modules/payment/paypal/paypal.com.crt
includes/languages/english/modules/payment/paypal_express.php
includes/modules/payment/paypal_express.php

Delete the following file:

admin/ext/modules/payment/paypal/paypal_express.php

PayPal Payments Standard

Copy the following files to their respective directories:

ext/modules/payment/paypal/paypal.com.crt
ext/modules/payment/paypal/standard_ipn.php
includes/languages/english/modules/payment/paypal_standard.php
includes/modules/payment/paypal_standard.php

PayPal Payments Pro (Direct Payment)

Copy the following files to their respective directories:

ext/modules/payment/paypal/paypal.com.crt
includes/languages/english/modules/payment/paypal_pro_dp.php
includes/modules/payment/paypal_pro_dp.php

PayPal Payments Pro (Hosted Solution)

Copy the following files to their respective directories:

ext/modules/payment/paypal/hosted_checkout.php
ext/modules/payment/paypal/images/hss_load.gif
ext/modules/payment/paypal/paypal.com.crt
ext/modules/payment/paypal/pro_hosted_ipn.php
includes/languages/english/modules/payment/paypal_pro_hs.php
includes/modules/payment/paypal_pro_hs.php

PayPal Express Checkout (Payflow Edition)

Copy the following files to their respective directories:

ext/modules/payment/paypal/express_payflow.php
ext/modules/payment/paypal/paypal.com.crt
includes/languages/english/modules/payment/paypal_pro_payflow_ec.php
includes/modules/payment/paypal_pro_payflow_ec.php

PayPal Payments Pro (Payflow Edition)

Copy the following files to their respective directories:

ext/modules/payment/paypal/paypal.com.crt
includes/languages/english/modules/payment/paypal_pro_payflow_dp.php
includes/modules/payment/paypal_pro_payflow_dp.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

Content Modules

Log In with PayPal

Copy the following files to their respective directories:

ext/modules/payment/paypal/paypal.com.crt
includes/languages/english/modules/content/login/cm_paypal_login.php
includes/modules/content/login/cm_paypal_login.php
includes/modules/content/login/templates/paypal_login.php

After the files have been copied, the module can be installed from the Administration Tool -> Modules -> Content -> Install page.

View online at GitHub

Sage Pay Modules (12 files)

This changeset updates and introduces new Sage Pay modules.

Payment Modules

Sage Pay Direct

Copy the following files to their respective directories:

ext/modules/payment/sage_pay/checkout.php
ext/modules/payment/sage_pay/direct_3dauth.php
ext/modules/payment/sage_pay/errors.php
ext/modules/payment/sage_pay/redirect.php
includes/languages/english/modules/payment/sage_pay_direct.php
includes/modules/payment/sage_pay_direct.php

Sage Pay Form

Copy the following files to their respective directories:

ext/modules/payment/sage_pay/errors.php
includes/languages/english/modules/payment/sage_pay_form.php
includes/modules/payment/sage_pay_form.php

Sage Pay Server

Copy the following files to their respective directories:

ext/modules/payment/sage_pay/checkout.php
ext/modules/payment/sage_pay/errors.php
ext/modules/payment/sage_pay/redirect.php
ext/modules/payment/sage_pay/server.php
includes/languages/english/modules/payment/sage_pay_server.php
includes/modules/payment/sage_pay_server.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

Content Modules

Sage Pay Cards Management Page

Copy the following files to their respective directories:

ext/modules/content/account/sage_pay/cards.php
includes/languages/english/modules/content/account/cm_account_sage_pay_cards.php
includes/modules/content/account/cm_account_sage_pay_cards.php

After the files have been copied, the module can be installed from the Administration Tool -> Modules -> Content -> Install page.

View online at GitHub

Authorize.net Modules (7 files)

This changeset updates and introduces new Authorize.net modules.

Payment Modules

Authorize.net Advanced Integration Method (AIM)

Copy the following files to their respective directories:

ext/modules/payment/authorizenet/authorize.net.crt
includes/languages/english/modules/payment/authorizenet_cc_aim.php
includes/modules/payment/authorizenet_cc_aim.php

Authorize.net Server Integration Method (SIM)

Copy the following files to their respective directories:

includes/languages/english/modules/payment/authorizenet_cc_sim.php
includes/modules/payment/authorizenet_cc_sim.php

Authorize.net Direct Post Method (DPM)

Copy the following files to their respective directories:

includes/languages/english/modules/payment/authorizenet_cc_dpm.php
includes/modules/payment/authorizenet_cc_dpm.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

View online at GitHub

Stripe Modules (5 files)

This changeset introduces new Stripe modules.

Payment Modules

Stripe.js

Copy the following files to their respective directories:

includes/languages/english/modules/payment/stripe.php
includes/modules/payment/stripe.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

Content Modules

Stripe Cards Management Page

Copy the following files to their respective directories:

ext/modules/content/account/stripe/cards.php
includes/languages/english/modules/content/account/cm_account_stripe_cards.php
includes/modules/content/account/cm_account_stripe_cards.php

After the files have been copied, the module can be installed from the Administration Tool -> Modules -> Content -> Install page.

View online at GitHub

Braintree Modules (5+ files)

This changeset introduces new Braintree modules.

Payment Modules

Braintree

Copy the following files and directories to their respective directories:

includes/languages/english/modules/payment/braintree_cc.php
includes/modules/payment/braintree_cc
includes/modules/payment/braintree_cc.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

Content Modules

Braintree Cards Management Page

Copy the following files to their respective directories:

ext/modules/content/account/braintree/cards.php
includes/languages/english/modules/content/account/cm_account_braintree_cards.php
includes/modules/content/account/cm_account_braintree_cards.php

After the files have been copied, the module can be installed from the Administration Tool -> Modules -> Content -> Install page.

View online at GitHub

WorldPay Modules (3 files)

This changeset updates the WorldPay Hosted Payment Pages module.

Payment Modules

WorldPay Hosted Payment Pages

Copy the following files and directories to their respective directories:

ext/modules/payment/rbsworldpay/hosted_callback.php
includes/languages/english/modules/payment/rbsworldpay_hosted.php
includes/modules/payment/rbsworldpay_hosted.php

After the files have been copied, the modules can be installed from the Administration Tool -> Modules -> Payment -> Install page, or configured from the Administration Tool -> Modules -> Payment page if they were previously installed.

View online at GitHub

Thank You!

We'd like to thank the community for their feedback on our releases. In addition, we thank the following people who participated in the development of this release.

Reference

A full list of source code changes can be seen at:

https://github.com/osCommerce/oscommerce2/compare/v2.3.3.4...upgrade234