OC 3.0.3.3, PHP 7.13, Apache Server.
I'm moving from a magento 1.9 site to OC 3.0.3.3, have already a an OC 3.0.20 site which works excellently with the depricated PayPal Express Checkout extension.
Eventually I managed to get the PayPal Commerce Platform to play ball after removing reCaptcha (Google) v2. The new site I have been testing is multi-language which seems to play havoc if you change language mid-surf.
Anyway, testing scenario. If I leave the site in the default language (en-gb) and process a transaction through PP Sandbox all works as expected. However, if I select more products to purchase and checkout and checkout as Guest, enter Billing details. I come to the Delivery Method. I have a unique bespoke shipping method (geo-zone) and appears with the expected postal cost, but when I click Continue I get the error "Warning: Shipping method required!", and can't continue.
If I click the PayPal button on the actual product page, it will go to the Sandbox, confirm card details then return to my website to confirm delivery cost, then finish off in PayPal site and return for a successful transaction.
Any ideas? Browser caching issues?
Have numerous other issues when in a different languageand trying to connect with PayPal and get a business structure issue, but one ussue at a time.
Thank you.
Not sure if related to your specific issue, but might want to try this - viewtopic.php?f=201&t=207498#p737358
Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!
Take note that the suggestion above should be used for troubleshooting purposes as it must not be used as a permanent solution. FAQ: viewtopic.php?f=134&t=215776#p775632
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Thank you @sw!tch, it got the site through that phase 
@straightlight completely understand, is this a known problem that has a fix in the pipeline?
Thank you for help.
P.S. should "Notify me when a reply is posted" send an email to inform me of your reply, as I dont recieve any
@straightlight completely understand, is this a known problem that has a fix in the pipeline?
Thank you for help.
P.S. should "Notify me when a reply is posted" send an email to inform me of your reply, as I dont recieve any
It's typically due to lack of proper headers being returned from the server.
If there is a lack of cache control headers being return from the server some browsers will basically guess the type of caching behavior to be given to the content.. Check with your web host and ensure your Apache config is setup proper per your requirements.
If there is a lack of cache control headers being return from the server some browsers will basically guess the type of caching behavior to be given to the content.. Check with your web host and ensure your Apache config is setup proper per your requirements.
Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!
Yes, correct. I will also add this post to the FAQ, since it comes to hosting setting in the end on anyhow.sw!tch wrote: ↑Sun May 17, 2020 4:54 pmIt's typically due to lack of proper headers being returned from the server.
If there is a lack of cache control headers being return from the server some browsers will basically guess the type of caching behavior to be given to the content.. Check with your web host and ensure your Apache config is setup proper per your requirements.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Ok, added to the FAQ.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
This issue has nothing to do with web server setup. If your server is set up correctly then you will get the issue. It's up to the web application to decide if the content it's outputting can be cached or not. Not the web server. The web server will never know if a particular output from a PHP script is cacheable or not.sw!tch wrote: ↑Sun May 17, 2020 4:54 pmIt's typically due to lack of proper headers being returned from the server.
If there is a lack of cache control headers being return from the server some browsers will basically guess the type of caching behavior to be given to the content.. Check with your web host and ensure your Apache config is setup proper per your requirements.
There is an explanation in the PHP manual in the Example #2 Caching directives section here.
https://www.php.net/manual/en/function. ... ample-5705
Probably the best permanent solution is here.
viewtopic.php?f=202&t=206449#p786660
Based on the above assumption, the #2 note on the php.net page also addresses:
In addition, the pragma: no cache solution has also been provided as the following example on the php.net page which shows:
When including JS files with IE. Since session_cache_limiter() seem to be a solution for all browsers, I will show this solution to Daniel and see if that can be a valuable solution for a future release.
However, it also mentions the following in the below notes of that section:PHP scripts often generate dynamic content that must not be cached by the client browser or any proxy caches between the server and the client browser. Many proxies and clients can be forced to disable caching with:
Opencart currently does not use session_cache_limiter(), or session.cache_limiter, which might be the issue since the beginning on why the headers are not responding accordingly and could be the permanent solution rather than using the workaround temporary solution.Additionally, session_cache_limiter() and the session.cache_limiter configuration setting can be used to automatically generate the correct caching-related headers when sessions are being used.
In addition, the pragma: no cache solution has also been provided as the following example on the php.net page which shows:
Code: Select all
header("Expires: Fri, 01 Jan 2010 05:00:00 GMT");
if(strstr($_SERVER["HTTP_USER_AGENT"],"MSIE")==false) {
header("Cache-Control: no-cache");
header("Pragma: no-cache");
}
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Thanks for looking at this again. You are correct. OpenCart 3 does not use the session.cache_limiter setting because it does not the use built in PHP session_start() anymore (version 2 and 1.5 did). That's is why you need to to set the cache control headers manually in ecch PHP generated response. This is what I originally posted in the GitHub issue 18 months ago. https://github.com/opencart/opencart/issues/7008
One thing to point out with your example. You don't need to test for "MSIE". I see you have taken that example from a post form 9 years ago. That was a workaround for Internet Explorer 6 to 8 and only when serving files for download. See https://support.microsoft.com/en-gb/hel ... he-cache-c
Also OpenCart already handels that if serving a download. See (and note that PHP header() will replace the previously set headers so there would be no duplicates).
https://github.com/opencart/opencart/bl ... #L123-L128
Since Internet Explorer 6 to 8 are no longer supported by OpenCart or Microsoft. Best to stick with the following and ensure compatibility with the current supported versions of Internet Explorer and other browsers.
One thing to point out with your example. You don't need to test for "MSIE". I see you have taken that example from a post form 9 years ago. That was a workaround for Internet Explorer 6 to 8 and only when serving files for download. See https://support.microsoft.com/en-gb/hel ... he-cache-c
Also OpenCart already handels that if serving a download. See (and note that PHP header() will replace the previously set headers so there would be no duplicates).
https://github.com/opencart/opencart/bl ... #L123-L128
Since Internet Explorer 6 to 8 are no longer supported by OpenCart or Microsoft. Best to stick with the following and ensure compatibility with the current supported versions of Internet Explorer and other browsers.
Code: Select all
$response->addHeader('Expires: Thu, 19 Nov 1981 08:52:00 GMT');
$response->addHeader('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
$response->addHeader('Pragma: no-cache');
E.g number 2 does not provide those steps. It only provides the steps with revalidate. Which means, your solution is still a workaround and not a definite solution since the solution you have posted 18 months ago is simply improvised as compared to the original code posted from php.net - #2.ADD Creative wrote: ↑Mon May 18, 2020 2:58 amThanks for looking at this again. You are correct. OpenCart 3 does not use the session.cache_limiter setting because it does not the use built in PHP session_start() anymore (version 2 and 1.5 did). That's is why you need to to set the cache control headers manually in ecch PHP generated response. This is what I originally posted in the GitHub issue 18 months ago. https://github.com/opencart/opencart/issues/7008
One thing to point out with your example. You don't need to test for "MSIE". I see you have taken that example from a post form 9 years ago. That was a workaround for Internet Explorer 6 to 8 and only when serving files for download. See https://support.microsoft.com/en-gb/hel ... he-cache-c
Also OpenCart already handels that if serving a download. See (and note that PHP header() will replace the previously set headers so there would be no duplicates).
https://github.com/opencart/opencart/bl ... #L123-L128
Since Internet Explorer 6 to 8 are no longer supported by OpenCart or Microsoft. Best to stick with the following and ensure compatibility with the current supported versions of Internet Explorer and other browsers.
Code: Select all
$response->addHeader('Expires: Thu, 19 Nov 1981 08:52:00 GMT'); $response->addHeader('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0'); $response->addHeader('Pragma: no-cache');
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
The Example 2 is just that, an example. My solution is based on the default setting for session.cache_limiter. Which is the headers PHP actually would set if native sessions were used (i.e. these are the headers that OpenCart 2 and 1.5 set).
https://www.php.net/manual/en/function. ... imiter.php
https://www.php.net/manual/en/function. ... imiter.php
Exactly, it is just an example as there's nowhere to be seen on this example that pragma: no-cache does actually replace the session.cache_limiter on that article.ADD Creative wrote: ↑Mon May 18, 2020 3:15 amThe Example 2 is just that, an example. My solution is based on the default setting for session.cache_limiter. Which is the headers PHP actually would set if native sessions were used (i.e. these are the headers that OpenCart 2 and 1.5 set).
https://www.php.net/manual/en/function. ... imiter.php
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Yes it does.
It's basically saying set your own cache control header if not using native PHP sessions.Additionally, session_cache_limiter() and the session.cache_limiter configuration setting can be used to automatically generate the correct caching-related headers when sessions are being used.
Exactly, additionally, but it does not state to use pragma: no-cache on this documentation.ADD Creative wrote: ↑Mon May 18, 2020 3:26 amYes it does.It's basically saying set your own cache control header if not using native PHP sessions.Additionally, session_cache_limiter() and the session.cache_limiter configuration setting can be used to automatically generate the correct caching-related headers when sessions are being used.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
I agree with @ADD Creative on this. The application should be responsible for providing some default cache headers, as not everyone has access to mod headers or defaults in place via the server.ADD Creative wrote: ↑Sun May 17, 2020 10:26 pmThe web server will never know if a particular output from a PHP script is cacheable or not.
There is an explanation in the PHP manual in the Example #2 Caching directives section here.
https://www.php.net/manual/en/function. ... ample-5705
Probably the best permanent solution is here.
viewtopic.php?f=202&t=206449#p786660
I would suggest a look into the OWASP recommendations.
Full Stack Web Developer :: Send a PM for Custom Work.
Backup and learn how to recover before you make any changes!
As per Mozilla website indicates: https://developer.mozilla.org/en-US/doc ... ers/Pragma
Note: Pragma is not specified for HTTP responses and is therefore not a reliable replacement for the general HTTP/1.1 Cache-Control header, although it does behave the same as Cache-Control: no-cache, if the Cache-Control header field is omitted in a request. Use Pragma only for backwards compatibility with HTTP/1.0 clients.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Good point about OWASP recommendations. As the lack of cache controls headers could also be a risk of leaking sensitive data.
Looking at https://cheatsheetseries.owasp.org/chea ... nt-caching
No sperficatic values, just to use restrictive cache directives for Cache-Control and Pragma HTTP headers.Even after the session has been closed, it might be possible to access the private or sensitive data exchanged within the session through the web browser cache. Therefore, web applications must use restrictive cache directives for all the web traffic exchanged through HTTP and HTTPS, such as the Cache-Control and Pragma HTTP headers, and/or equivalent META tags on all or (at least) sensitive web pages.
Ok, enough. It's just going to be another locked topic every time we're talking about this. It's been discussed before and there's no need to discuss about it again. Two different developer websites or above says separate things. Opencart is still one subject that we only support here and always has been that way.
As for referring workarounds from Github, it is of course admissible but forum users are being advised on what type of integration they put on their stores.
This topic will now be locked.
As for referring workarounds from Github, it is of course admissible but forum users are being advised on what type of integration they put on their stores.
This topic will now be locked.
Dedication and passion goes to those who are able to push and merge a project.
Regards,
Straightlight
Programmer / Opencart Tester
Who is online
Users browsing this forum: OSWorX and 324 guests
