Mixed Content Error in Firefox when using CKEditor in Zen Cart

If you have upgraded to FF 23 and suddenly your CKEditor is not working (in admin->catalog->categories/products), take heart: it’s a one line fix to get it back again. Edit

<your renamed admin>/includes/ckeditor.php

and change the inclusion of jsapi to not use a protocol, i.e.

<script type=”text/javascript” src=”//www.google.com/jsapi”></script>

instead of
<script type=”text/javascript” src=”http://www.google.com/jsapi”></script>

and you should be all set. You will NOT see this issue in FF 22 and prior, only FF23 (and perhaps higher).

NOTE: The latest CKEditor package in the ZC Plugins area already has this change in it.

This was originally posted by That Software Guy on the Zen Cart forum on 8/28/13.

Using the admin name “admin” in Zen Cart 1.5.x

*** Warning: This is only suitable for use on your own computer for test carts which are not on the public Internet.   Actual live carts which are in production should abide by the forced rename so the URL to your admin is not known or easily guessed. ***

If you want to use the admin URL “admin” in Zen Cart 1.5.x, it’s a pretty simple change.  Edit the file

admin/includes/init_includes/init_admin_auth.php

and  insert the following line above line 12:

define('ADMIN_BLOCK_WARNING_OVERRIDE', '1');

That’s all!

Sales Report and my discounting mods

NOTE: This post was created several years ago; a more complete list of discounts and associated classes is provided here.

If you are using any of my discounting software (Better Together, Combination Discounts, Big Spender, Big Chooser, Quantity Discounts, Frequency Discounts, Military Discounts, Newsletter Discounts) along with the Zen Cart Sales Report mod, please be aware of the following issue.

Running Sales Report against an order with one of these discounts will cause the totals not to add up correctly.

The fix is to modify admin/includes/classes/sales_report.php  as follows:  search for

          elseif ($class == "ot_coupon" || $class == "ot_group_pricing" || $class == "ot_better_together") {

and add in the classes you are using.

For Quantity Discounts, this would be

$class == "ot_coupon" || $class == "ot_group_pricing" || $class == "ot_better_together" || $class == "ot_quantity_discount"

A complete list of the classes I have created that require this fix is:

  • Better Together: “ot_better_together”
  • Big Chooser: “ot_big_chooser”
  • Big Spender: “ot_bigspender_discount”
  • Combination Discounts: “ot_combination_discounts”
  • Frequency Discounts: “ot_frequency_discount”
  • Quantity Discounts:  “ot_quantity_discount”
  • Newsletter Discounts: “ot_newsletter_discount”
  • Military Discount: “ot_military_discount”

If you want a complete if clause that handles all of these plus the built in discounts (including GV), it would look like this:

elseif ($class == "ot_coupon" || $class == "ot_group_pricing" ||
                 $class == "ot_better_together" ||
                 $class == "ot_big_chooser" ||
                 $class == "ot_bigspender_discount" ||
                 $class == "ot_combination_discounts" ||
                 $class == "ot_frequency_discount" ||
                 $class == "ot_quantity_discount" ||
                 $class == "ot_newsletter_discount" ||
                 $class == "ot_military_discount"
) {

Disabling the forced Admin password change in Zen Cart 1.5.0

*** Warning: This change will violate the PCI status of your cart.  You should only do this on test carts on your own PC or on carts which do not require PCI certification. ***

One of the features which is required for Zen Cart PCI compliance is periodic password changes.  This can be a nuisance on test carts and carts on your local PC.  Here’s how to turn it off.

a) To disable forced 90 day password changes, edit

admin/login.php

and change

define('ADMIN_PASSWORD_EXPIRES_INTERVAL', strtotime('- 90 day'));

to

define('ADMIN_PASSWORD_EXPIRES_INTERVAL', strtotime('- 36500 day'));

(Note that the above change means you won’t have to change passwords for 100 years.  To require an annual password change, use the value 365 instead.)

b) To disable the check against the last 3 passwords, edit

admin/includes/functions/admin_access.php
and change zen_check_for_password_problems() so that the first line is
return FALSE;

Increasing the Admin timeout in Zen Cart 1.5.0

*** Warning: This change will violate the PCI status of your cart.  You should only do this on test carts on your own PC or on carts which do not require PCI certification. ***

To increase the Admin Timeout value to 1800 seconds (30 minutes), go to Admin->Tools->Install SQL patches, and paste the following into the “Enter the query to be executed” box:

UPDATE configuration SET
configuration_value = '1800',
set_function = 'zen_cfg_select_option(array(\'1800\', \'900\', \'600\', \'300\'), '
WHERE configuration_key = 'SESSION_TIMEOUT_ADMIN';

To change it back, go to  Admin->Configuration->My Store, and set the
Admin Session Time Out in Seconds value back to 900.

To use a value other than 30 minutes, just change the two “1800” numbers above to a number of seconds of your choosing (above 900).

Then modify /includes/functions/sessions.php as follows:

a) Find the block that looks like this:

if (!$SESS_LIFE = (SESSION_TIMEOUT_ADMIN > 900 ? 900 : SESSION_TIMEOUT_ADMIN)) {
$SESS_LIFE = (SESSION_TIMEOUT_ADMIN > 900 ? 900 : SESSION_TIMEOUT_ADMIN);
}

and change it to this:

$SESS_LIFE = SESSION_TIMEOUT_ADMIN;

b) Find the block that looks like this:

      
@ini_set('session.gc_maxlifetime', (SESSION_TIMEOUT_ADMIN > 900 ? 900 : SESSION_TIMEOUT_ADMIN));

and change it to this:

      
@ini_set('session.gc_maxlifetime', SESSION_TIMEOUT_ADMIN);

Switching from TYPE=MyISAM to ENGINE=MyISAM for Zen Cart Mods

If you have a newer version of MySQL, you may notice an error when you run SQL scripts (using Admin->Tools->Install SQL Patches) during mod installs on your Zen Cart.  The error will look something like this:

1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'TYPE=MyISAM' at line 1
in:
[CREATE TABLE foo1 ( coupon_id int(11) NOT NULL auto_increment, orders_id int(11) NOT NULL, copy_from_coupon_code varchar(32) NOT NULL default '', new_coupon_name varchar(32) NOT NULL default '', customers_id int(11) NOT NULL default '0', PRIMARY KEY (coupon_id), KEY idx_coupon_code (copy_from_coupon_code), KEY idx_coupon_name(new_coupon_name), KEY idx_customers_id (customers_id) ) TYPE=MyISAM;]
If you were entering information, press the BACK button in your browser and re-check the information you had entered to be sure you left no blank fields.

Solving this issue is straightforward: in the .sql file you are running, just change

TYPE=MyISAM

to

ENGINE=MyISAM

Of my Zen Cart mods, the following mods have a table create with TYPE=MyISAM, which could cause this issue:

 

Turning off Admin Activity emails in Zen Cart 1.5.0

Zen Cart 1.5.0, as part of PCI Compliance, emails the shopowner every time something changes in the admin.  While this is a good safety feature, it’s not desirable on test carts.  Here’s how to turn it off:

Edit the file  includes/functions/functions_email.php

At the start of the function zen_mail() add the line

if ($module == ‘admin_settings_changed’) return;

This will bypass the sending of notifications on admin changes.

Zen Cart Edit Orders/Super Orders and my discounting mods

If you are using any of my discounting software (Better Together, Combination Discounts, Big Spender, Big Chooser, Quantity Discounts, Frequency Discounts, Military Discounts, Newsletter Discounts) along with Zen Cart Edit Orders or Super Orders please be aware of the following issue.

*** Update 08/20/2012 – updated for Table Discounts, Manufacturer Discounts.

*** Update 03/21/2015 – Please note that this article only applies to older 1.3.9 versions of these mods; the issues described here are fixed in version 4 of both Edit Orders and Super Orders (for Zen Cart 1.5.x).

Running Edit Orders or Super Edit against an order with one of these discounts will improperly change the minus sign in the discount amount to a plus sign.  So a Better Together discount of $15.00 will become a $15.00 surcharge.

The root cause of this bug is that both of these mods, when updating an order, enumerate through a fixed list of classes to see if the order total in question a known native discount (coupons or group discounts), and otherwise, assumes it’s a surcharge.

The fix is to modify admin/edit_orders.php and admin/super_edit.php as follows:  search for

 $ot_class == "ot_coupon"

and add in the classes you are using.   For Better Together, this would be

$ot_class == "ot_coupon" || $ot_class == "ot_better_together"

For Better Together and Quantity Discounts, this would be

$ot_class == "ot_coupon" || $ot_class == "ot_better_together" || $ot_class == "ot_quantity_discount"

“if statements” containing this check occur several times (depending on version) in the two files; make sure you get them all.

A complete list of the classes I have created that require this fix is:

  • Better Together: “ot_better_together”
  • Big Chooser: “ot_big_chooser”
  • Big Spender: “ot_bigspender_discount”
  • Combination Discounts: “ot_combination_discounts”
  • Frequency Discounts: “ot_frequency_discount”
  • Quantity Discounts:  “ot_quantity_discount”
  • Newsletter Discounts: “ot_newsletter_discount”
  • Military Discount: “ot_military_discount”
  • Table Discounts: “ot_table_discounts”
  • Manufacturer Discount: “ot_manufacturer_discount”

If you want a complete if clause that handles all of these plus the built in discounts (including GV), it would look like this:

if ($ot_class == "ot_gv" || $ot_class == "ot_coupon" || $ot_class == "ot_group_pricing" ||
                 $ot_class == "ot_better_together" ||
                 $ot_class == "ot_big_chooser" ||
                 $ot_class == "ot_bigspender_discount" ||
                 $ot_class == "ot_combination_discounts" ||
                 $ot_class == "ot_frequency_discount" ||
                 $ot_class == "ot_quantity_discount" ||
                 $ot_class == "ot_newsletter_discount" ||
                 $ot_class == "ot_table_discounts" ||
                 $ot_class == "ot_manufacturer_discount" ||
                 $ot_class == "ot_military_discount"
) {