^ Scroll to Top
Contact us | Login

Archive for the ‘Web Development’ Category

JavaScript Object alert, print_r for javaScript / jQuery

Saturday, August 11th, 2012

Just a quick post to share a nice wee code snippet for debugging javascript objects with jQuery

jQuery.each(OBJECT_NAME, function(key, element) {
    alert('key: ' + key + '\n' + 'value: ' + element);
});

Magento – There was a problem with reindexing process.

Monday, January 16th, 2012

Just a quick blog about this one as it wasted about an hour of my time and wanted to help others (and remind myself for future reference)

I had a customer who had this error when trying to re-index his Category Products “ There was a problem with reindexing process.”

After a bit of digging the solution was to:

1. Backup the SQL table “catalog_category_product_index” with “Disable foreign key checks” ticked.
2. Drop the table.
3. Remove the constraints at the bottom of the backup file, except “SET FOREIGN_KEY_CHECKS=1;”
so on my file it was this
“ALTER TABLE `catalog_category_product_index`

ADD CONSTRAINT `FK_CATALOG_CATEGORY_PROD_IDX_CATEGORY_ENTITY` FOREIGN KEY (`category_id`) REFERENCES `catalog_category_entity` (`entity_id`) ON DELETE CASCADE ON UPDATE CASCADE,
ADD CONSTRAINT `FK_CATALOG_CATEGORY_PROD_IDX_PROD_ENTITY` FOREIGN KEY (`product_id`) REFERENCES `catalog_product_entity` (`entity_id`) ON DELETE CASCADE ON UPDATE CASCADE;”
4. Save and Import your backup file, or runt the sql directly.
5. You should then be able to run the re-index from the magento backend.
6. If 5 did not work(you might have thousands of products) SSH to your install and go to /shell/ and run this command.
“php indexer.php –reindex catalog_category_product”
if you want to re-index all run this “php indexer.php reindexall”
That’s it, i hope this helps some one…
Stiofan

GeoTheme.com

Monday, January 16th, 2012


GeoTheme has been under development for about a year and since partnering with an Italian web marketing agency it’s development has progressed more quickly and was officially launched in December 2011.

GeoTheme is what can be called a wordpress Yelp clone . The theme has been developed to create beautiful Geo Portals and Directories just like Yelp or Trip Advisor.

We have added some awesome features to the theme and we are constantly updating and improving it. We have both Iphone and Android app’s under development to make this a complete package.

GeoTheme can be bought for only $85, yes $ dollars, this is because it is the most Internationally used currency and GeoTheme is a global product.

I am very excited about this project and things have started of well for us, you can view the demo here http://demo.geotheme.com/

Here you can also view some example of sites users have made: GeoTheme Showcase

TimThumb Exploit and Fix Package Tim-Scan

Friday, August 12th, 2011

This is a HUGE EXPLOIT first discovered at the start of August 2011. This exploit affects timthumb.php up to version 1.33, timthumb is a PHP image resizing script that is used by thousands of websites and is included in alot of wordpress themes. Basically if a hacker finds a vulnerable version of this script on your site they can do almost anything including steal your whole database and deface or delete or spam hijack your site.

The Exploit

This is surprisingly  simple, i must admit the after reading about the exploit i decided to see if i could re-create it and started messing with trying to fool the script into thinking my .php file was an image by changing the mime type – that didn’t work, i then tried inserting some PHP code into the end of a small image, i had some success with that but i then realised it is even more simple than that.

The whole reason for the exploit is that the script allows you to use images from a few other sites such as flickr.com and picasa.com, bu the check on these domains is easily fooled, so you could throw together a few sub-domains and have http://flickr.com.thebaddies.com/MyBadFile.php If you then tell timthumb.php to use that as an image it will first copy the file to a /temp/ folder and then throw the error “Unable to open image” the script then tells you the location of the PHP file and you can go execute it. (i’m leaving out a little detail so Jo Blogs can’t do it it his mate Dave’s site)

I run a load of wordpress sites and after having a go at the exploit and realising how easy it was, i wrote a script to check for vulnerable versions and update them and also scan for any nasty code left by any hackers.

If you are interested my script is available here ~> http://code.google.com/p/timthumb-updater/downloads/list

EDIT*  i have added a video with basic instructions, as requested…

Paypal IPN INVALID on LIVE server but VALID on TEST server FIXED

Tuesday, September 14th, 2010


This paylap IPN INVALID problem has been the bane of my life for the past few days.  I have been building a invoicing system to invoice my clients, this system uses the paypal IPN to update my invoices in my system as paid and send a thank you email to the customer.

I started running my test transactions on paypals sandbox server and everything worked fine, every transaction processed properly but as soon as i tried a few small transactions on the LIVE paypal site they were coming back as INVALID by the IPN script, they were being processed and completing successfully but just not being validated by the IPN script.

Naturally you start to weed out what the difference’s can be and the only things changing between the TEST & LIVE server was the server address, the buyer email and seller email addresses (you have to use test email accounts on the test server).  Eventually after trying PHP IPN scripts direct from the paypal site and stil getting the same result i thought it was maybe a problem with my personal account so i got my mother to try a live transaction and it failed too.

After trying everything i could think of, wasting a lot of time and making sure it was not my fault i decided to call paypal support, the tech-guy i eventually spoke to was very good and ran me through everything and didn’t make me feel rushed at all. I sent him the scripts i had been using and he checked them and they seemed to look ok to him so he was a bit puzzled as well. After eliminating my scripts as the problem he was happy to try a few test live transactions from his live test account and hay presto they worked!!! We then tried to find out why his worked and mine and my mothers failed, there was no obvious answer so i got a friend to  try a live transaction and it worked too. It was very confusing to me and the tech but i decided to go live and i sent out a few invoices from my new invoicing system and the first two that were paid came back as INVALID grrr…

I now had a long list of  VALID & INVALID IPN responses, and i lined them up in a table and went through every detail, i firstly noticed that the ones that actually VALIDATED had unconfirmed addresses and the INVALID ones had confirmed addresses.   I then ran a few tests and captured the IPN response before it was sent to paypal with the one paypal had in it’s IPN history, i then noticed that address line one and address line two(optional) were put on the same line in the IPN response but there was a carriage return between the first and second line.

I noticed that paypal sends this carriage as %0D%0A but carriage returns in php 5.2 is %0A which is what my server was sending back causing the INVALID IPN response. The reason this never happened with paypal’s sandbox test server is that the test accounts you make in the sandbox don’t have the second address line which is optional and which was causing the problem, also the IPN tester in the sandbox account doesn’t have the second address line, so it is almost imposable to recreate this problem on the test server, and in case you were wondering the tech and my friend’s liver test’s that worked both didn’t have the second optional address line filed out.

Solution

The one line of code that could have saved me hundreds in wasted time.

$value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i','${1}%0D%0A${3}',$value);

This line replaces the %0A with %0D%0A in your IPN repose string thus solving the INVALID warning and making it VALID where it should be.

I am not sure what is causing the difference in the way the server are encoding the url but if you are having this same problem just add the line to your IPN script like i did below.

// read the post from PayPal system and add 'cmd'
		$req = 'cmd=_notify-validate';

		foreach ($_POST as $key => $value)
		{
			$value = urlencode(stripslashes($value));
			$value = preg_replace('/(.*[^%^0^D])(%0A)(.*)/i','${1}%0D%0A${3}',$value);// IPN fix
			$req .= "&$key=$value";

Thanks for reading and if this helps you please feel free to leave me a comment.