*** OpenCart v1.4.8 Sneak Peak ***

A quick request: could you add a field called price with tax included? Something like in this post: http://forum.opencart.com/viewtopic.php?f=23&t=11285
This would be very very useful.

In Settings > Store the template preview does not work because the javascript doesn't have the token. Sounds like $this->data['token'] is not initialized properly (though it seems OK by looking at the latest version of the controller line 120). Has the file been updated on the demo server?

I think that when a order has the status Shipped it should not be possible to add or remove products.

voodoo wrote:In Settings > Store the template preview does not work because the javascript doesn't have the token. Sounds like $this->data['token'] is not initialized properly (though it seems OK by looking at the latest version of the controller line 120). Has the file been updated on the demo server?

Fixed. Good catch.

i2Paq wrote:I think that when a order has the status Shipped it should not be possible to add or remove products.

I dont think restricting any part of the admin is a good idea.

Moggin wrote:
A thought for a (distant) future version: that is, to remove/disable product sideboxes during checkout. This might sidestep the security problem described above and also 'enclose the checkout' as this econsultancy blogger (among others) suggests.
But it's only a thought - not worth doing if extremely difficult. There's only so much you can do
Many thanks for all the hard work, team.

You can actually do this by modifying the template. Many templates are already set up to remove the navigation column during the checkout process.

In the guest checkout, step 2, title says 'Thank you for shopping with %s .... ' (there is a store name in admin)

Just modify the language file to have it display a more personal message.

remarkimaging wrote:

In the guest checkout, step 2, title says 'Thank you for shopping with %s .... ' (there is a store name in admin)

Just modify the language file to have it display a more personal message.

That wasn't the issue.. its fixed anyway

Oh, it was actually displaying the %! I gotcha.

katalin wrote:A quick request: could you add a field called price with tax included? Something like in this post: http://forum.opencart.com/viewtopic.php?f=23&t=11285
This would be very very useful.

Q, any news about my request?

katalin wrote:

katalin wrote:A quick request: could you add a field called price with tax included? Something like in this post: http://forum.opencart.com/viewtopic.php?f=23&t=11285
This would be very very useful.

Q, any news about my request?

Only bug fixes going into 1.4.8
New features can be requested in the new features thread.

The first login nothing wrong, and the second login i get this screen.


And after the login
Warning: array_merge() [function.array-merge]: Argument #2 is not an array in /home/unban/public_html/v148rc1/admin/controller/common/home.php on line 257Warning: in_array() [function.in-array]: Wrong datatype for second argument in /home/unban/public_html/v148rc1/admin/controller/common/home.php on line 259Warning: Cannot modify header information - headers already sent by (output started at /home/unban/public_html/v148rc1/admin/index.php:72) in /home/unban/public_html/v148rc1/system/engine/controller.php on line 27

carpin wrote:The first login nothing wrong, and the second login i get this screen.


And after the login
Warning: array_merge() [function.array-merge]: Argument #2 is not an array in /home/unban/public_html/v148rc1/admin/controller/common/home.php on line 257Warning: in_array() [function.in-array]: Wrong datatype for second argument in /home/unban/public_html/v148rc1/admin/controller/common/home.php on line 259Warning: Cannot modify header information - headers already sent by (output started at /home/unban/public_html/v148rc1/admin/index.php:72) in /home/unban/public_html/v148rc1/system/engine/controller.php on line 27

The login error happens if your session token doesn't match the url token so that is fine.
The other issue I have fixed.
Thanks

Qphoria wrote:**Update**

There is one last bit of unfortunate news.. In efforts to secure the admin, we've added a new token system. This means all urls will have a token as part of the url. There is a validation check done at page load for the token existence and if it doesn't exist, it redirects to the login page with error. But that includes user made extensions. So ALL custom modules, payments, shipping, etc.. will require updates to the admin side to add the token bits to their urls. It was something we were trying to avoid, but for the sake of security, it had to be done.

No problem, if it increases security, thats great Will you update your modules soon to support this, or provide a simple guide of what to append to the php files upon release tomorrow?

datacon wrote:

Qphoria wrote:**Update**

There is one last bit of unfortunate news.. In efforts to secure the admin, we've added a new token system. This means all urls will have a token as part of the url. There is a validation check done at page load for the token existence and if it doesn't exist, it redirects to the login page with error. But that includes user made extensions. So ALL custom modules, payments, shipping, etc.. will require updates to the admin side to add the token bits to their urls. It was something we were trying to avoid, but for the sake of security, it had to be done.

No problem, if it increases security, thats great Will you update your modules soon to support this, or provide a simple guide of what to append to the php files upon release tomorrow?

As a fallback I added a token ignore option for each page. For the interim, you can simply check the box next to the custom mods and it will bypass the token check. This way you can update to 1.4.8 and won't have to wait for updates to mods. I will be updating my mods as soon as possible to support the token system.

Qphoria wrote:You guys can feel free to make your own damn reports. I just gave you the needed field in the core. The rest is up to you.

Don't make me hunt you down! I have 800 acres, a shotgun and a shovel.... the worms gotta eat too.

I'll take a look at it and hopefully be able to figure it out. Thanks for your work on this, I'm really enjoying OC.

BRING IT!

Ok.. i'm going to bed. When I wake up.. I will fix any last chance bugs and release this mutha. So get testing so we can find any last second stuff!

Hi Q...
Thanks for all your great efforts you did for OC...
I have one comment. Don't you think it would be better if the admin is allowed to add products with options in the back-end, the current situation is limiting the admin to add products with the default options and that is not the case when customers request the store owner to modify their orders, most probably they will ask for a change in product options and this requires the above mentioned modification.

Qphoria wrote:BRING IT!

Ok.. i'm going to bed. When I wake up.. I will fix any last chance bugs and release this mutha. So get testing so we can find any last second stuff!

Can't wait. Thanks so much for all your work

I've also noticed that the product options disappear and the newly added products are set to price 0 by default when you edit an order.

eyas2n wrote:Hi Q...
Thanks for all your great efforts you did for OC...
I have one comment. Don't you think it would be better if the admin is allowed to add products with options in the back-end, the current situation is limiting the admin to add products with the default options and that is not the case when customers request the store owner to modify their orders, most probably they will ask for a change in product options and this requires the above mentioned modification.

eyas2n wrote:I've also noticed that the product options disappear and the newly added products are set to price 0 by default when you edit an order.

Yes, when you add a new product it should add it's price(the discount price if any)