Route 66 upgraded to version 06.6.00.0008

  • MisterEd
  • Topic Author
  • Offline
  • Administrator
  • Administrator
More
3 years 11 months ago #21 by MisterEd
I upgraded Route 66 to .0007 which primarily includes some fixes for error logging issues and incorporates a fix for PayPalIPN.

missing STATIC HTML page error logging: error logs have been filling up fast for some merchants. While the error logging is useful for finding out if a &cartlink= or &page= type link (the 2 types of STATIC HTML pages we use) is broken or missing, there are script kiddies and others trying to see if they can create an injection vulnerability and get to the database. You can tell these types of attacks as thy will add something like 'A=0 on the end of the URL or a million different things like it but it always starts with a quote and then tries to do what we call a variable set. But to your store, this looks like a page request and so it will try to find a page that does not exist. When that error happens, the error is logged. If emails are enabled, you will also get an email with the error details. While they cannot use this method on AgoraCart, the error handling was working but would cause server errors after some changes a while ago. So the handling now shows the 405 error properly. These types of attacks fill up the error logs very quickly so your error logs need to be examined and emptied regularly and that frequency depends upon your traffic volume.

Missing cart sessions: The cart sessions are used to track your customer's session do expire within the time period you set in your main settings. When this happens and they try to visit checkout, view cart, or other things that rely on a cart session built into the URL or form submit, then they will get an error screen but the cart session will be rebuilt as if new and the error logged. If emails are enabled, you will also get an email with the error details. This type of errors are good for spotting cart IDs that are built into your URLs. Route 66 has been optimized to not require cart IDs in regular links as most people use cookies now. This error happens from time to time when someone might bookmark a URL that includes a Cart ID and then come back to find their cart session has expired (but it is rebuilt automatically once they navigate the storefront). Can also happen from sharing a URL or cutting and pasting a URL into other parts of a website. If the visitor is not the owner of the cart session, then the error is generated, logged, and emailed every time the link is visited. This can fill up your error logging with lots of these errors.

Error Logging Controls: This version brings the ability to enable/disable error logging for the 2 most common error types: missing cart sessions and missing STATIC HTML pages. It also allows you to turn off error emails that contain the error details. IF you turn off a common error type, then the emails for that error is also skipped. You can set these up in your Store Settings > Main/Core Settings > misc tab.

Included: The PayPal IPN fixes for the address validation errors for the 24 country codes required if the customer is not in same country as merchant.

Misc type fixes, if any.

Please Log in or Create an account to join the conversation.

Time to create page: 0.280 seconds
Powered by Kunena Forum