Search found 604 matches

Search found 604 matches

Re: Adding BCC email address for all order confirmations

The UK law is just derived from the EU Directive. It's no different to the implementation in many other EU countries.

https://cookiepedia.co.uk/cookie-laws-across-europe

If fact some countries have more complicated version of the law, the Netherlands for example.

Jump to post
  • Tue Jul 17, 2018 11:50 pm
  • Replies 10
  • Views 191
Re: test credit card

No credit card numbers are stored in OpenCart. The only exception is maybe a third-party payment module and even then the data should be encrypted with proper access controls. Which payment module are you using?

Jump to post
  • Fri Jul 13, 2018 6:00 pm
  • Replies 5
  • Views 147
Re: test credit card

I think you would be best asking TrustWave what they mean by 'test credit card' and where they detected it.

Jump to post
  • Thu Jul 12, 2018 5:39 pm
  • Replies 5
  • Views 147
Re: OpenCart GDPR Code update

Some advice for recording consent below. Section 5.1.Demonstrate consent of http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=623051 How should we record consent? section of https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/consent/how-should-we-o...

Jump to post
  • Fri Jul 06, 2018 8:16 pm
  • Replies 45
  • Views 21790
Re: Skrill API URL update

The integration guide (https://www.skrill.com/fileadmin/content/pdf/Skrill_Quick_Checkout_Guide.pdf) has a differnt URL. Have you tried the following $this->data['action'] = 'https://pay.skrill.com/?p=OpenCart'; This was last changed in version 7.3 of that document. Also try manually reentering your...

Jump to post
  • Fri Jul 06, 2018 6:55 pm
  • Replies 8
  • Views 1302
Re: GDPR EU Law Cookies 2018

I was advised differently by the ICO in the UK. Their advice was that as a supplier was processing it for the purposes of arranging the delivery. They would be acting as a joint data controller and therefore no contract would be needed. I would assume this is because they have their own legal basis ...

Jump to post
  • Wed Jun 20, 2018 12:47 am
  • Replies 76
  • Views 13612
Re: GDPR EU Law Cookies 2018

You may not need a data processing agreement with them if they are acting as a data controller in their own right. If they determine the data require and what to do with it. For example they ask for a name and address to deliver goods to to fulfill a contract for you. What is your relationship with ...

Jump to post
  • Mon Jun 18, 2018 10:50 pm
  • Replies 76
  • Views 13612
Re: Checkout button no longer working (sagepay)

The version of OpenSSL used by PHP cURL functions needs to be version 1.0.1 or later. If you are on managed hosting, ask you host to sort it.

Jump to post
  • Mon Jun 18, 2018 10:23 pm
  • Replies 5
  • Views 545
Re: Summernote Text Editor Security

Could be used for admin user escalation. For example a admin user who only has access to edit products could plant a script to escalate their user account privileges. Giving themselves access to personal data or setting they shouldn't. Good admin user account policy (who has access to them and stron...

Jump to post
  • Mon Jun 18, 2018 7:18 pm
  • Replies 2
  • Views 565
Re: Checkout button no longer working (sagepay)

First check your server supports TLS 1.2 using PHP cRUL. Sage Pay did say the were enforcing this a few month ago, maybe they gave been late in doing so. This post may help to check. https://forum.opencart.com/viewtopic.php?f=179&t=204260#p723228 CURLOPT_PORT, CURLOPT_FOLLOWLOCATION, CURLOPT_FORBID_...

Jump to post
  • Sun Jun 17, 2018 6:21 am
  • Replies 5
  • Views 545
Re: Order insert shipping and payment method issue.

I've just tested and you are right, the shipping and payment methods are not selectable after clicking save. However, I was able to click on "Update Totals" again without have to reenter all the details. After that the shipping and payment methods were selectable again. This looks to be by design, a...

Jump to post
  • Wed Jun 13, 2018 8:01 pm
  • Replies 8
  • Views 1036
Re: My store only says HI

The master branch is the development branch for OpenCart on GitHub. Stable releases are only tagged.

Jump to post
  • Wed Jun 06, 2018 5:45 pm
  • Replies 3
  • Views 267
Re: My store only says HI

That was an issue with the development version. Download a stable version.

https://github.com/opencart/opencart/issues/6645

Jump to post
  • Wed Jun 06, 2018 12:38 am
  • Replies 3
  • Views 267
Re: Spam via my site 1.4.8b

Have you checked the email headers to make sure the emails are coming from your store? If not setting up SPF on your mail server may stop them. Have you looked through your web access logs to see if all the posts are coming from the same IP address? If so you could ban that IP address from your serv...

Jump to post
  • Wed Jun 06, 2018 12:28 am
  • Replies 2
  • Views 174
Re: OpenCart GDPR Code update

That is not true in the United Kingdom. As written, every shopowner has to know his business and the Laws in his country by himself. Asking here questions how long to keep records, is a bit late .. He has also to know which specific regulations he has to look for. Fact is, that an Invoice has to be...

Jump to post
  • Wed May 30, 2018 6:41 am
  • Replies 45
  • Views 21790
Re: OpenCart GDPR Code update

The internal captcha probably doesn't have personal data implications. You could switch to that one. Or is it easy to break? We would also need to consider the use of Gmail account for receiving order notifications, since Google has access to the data and analyze the contents. Google servers might ...

Jump to post
  • Wed May 30, 2018 5:58 am
  • Replies 45
  • Views 21790
Re: OpenCart GDPR Code update

OK, here is a question: A customer has ordered items in the past, and the store owner received email copies of submitted online orders. Now the customer wants to make use of his right to be deleted. So the store owner can delete his account, no problem. But what about the order history in the datab...

Jump to post
  • Wed May 30, 2018 5:17 am
  • Replies 45
  • Views 21790
Re: OpenCart GDPR Code update

I'm still not very familiar with the GDPR and am not an expert, but I suppose some countries might require that the privacy policy and TC be delivered to the customer during the sales. Even if what you say about not needing consent if the basis is for the contract, it might be necessary to have a r...

Jump to post
  • Tue May 29, 2018 7:45 am
  • Replies 45
  • Views 21790
Re: OpenCart GDPR Code update

That link you posted relates to the ePrivacy directive, which is different to the GDPR. To make matters more confusing the ePrivacy directive is shortly to be replaced by the ePrivacy Regulation. Which one of it's proposals is to make the cookie rules simpler. https://ec.europa.eu/digital-single-mar...

Jump to post
  • Mon May 28, 2018 10:05 pm
  • Replies 45
  • Views 21790

Search found 604 matches