You already purchased this item…

In some shopping sites, I think it’s a good idea to show people the items they’ve already purchased. In osCommerce, this is standard and is known as the “perviously purchased” infoBox.

Which is good enough for most stores – but what if your store sells products that are very cheap and people might accidentally buy again (I’m thinking maybe a DVD or Book store – after a few months I can barely remember what I’ve read or watched!)…

I haven’t found any site that shows the buyer if they have already purchased the product within the product_info page, so I set out to try to find one. The closest I could find was this “freelancer” job from TravelVideoStore.com;

We are currently running OsCommerce and would like to add the ability for a logged in customer to see items that they previously purchased with us. The key screens will be the product_info.php which displays the product detail information, search pages, shopping cart page and the confirm order page. The reason for this modification is that we have many customers that come back often and buy films and they would like to know if they had already purchased the film so that they do not have to send it back. Basically each fo the above screens need to display a message “* Previously Purchased Item” in red so they know thye had already bought that item from us.

After less than 15 minutes work, here is what I came up with;

Which shows the buyer that they have already bought the product using the following code;

[php]clubosc_previously_purchased($products_id, ‘tr’)[/php]

Note that in my function, the “tr” signifies that the “you’ve already bought” message should be wrapped in table tags to suit the markup of the product_info page.

Obviously if they are looking at a product that they have not previously purchased, then the message does not show at all.

I then took it a step further, and added almost the same code (though notice there is no “tr” this time, so instead the function shows an image!

[php]clubosc_previously_purchased($listing[‘products_id’]);[/php]

to the product_listing module, but this time used an image to show if the product was previously purchased (the small exclamation mark image, obviously as the shop owner you’d let buyers know that any product with this image means they have already purchased it);

A ncie little mod, that should come in handy for many stores. If anyone wants to commercially sponsor a code clean-up and contribution, please do email me.

Fuinny isn’t it, that this blog post took me longer to compise than I spent actually making this basic modification of osCommerce!

Uber Hacked osCommerce Site

This week has been one of those weeks that has been absolutely non-stop for osCommerce work. One of the more interesting jobs was to lockdown an osCommerce site that had been the subject of a hack.

As usual, I cleaned the site of the hack, then made a few core code adjustments and installed a few security extras. This included renaming the admin area and setting up a new user for the usual osCommerce login and protcting via .htaccess.

All locked down. And yet…a few hours later I received an email from my client saying the site had been hacked again. Well, I know that’s just not possible anymore, so logged in and found…yes, the files had been hacked.

as I know that the changes I made are secure, the hacker had to be getting in from somewhere else. Checking the log files showed me some interesting info;

The hacker was accessing the webmail of my client – so when I sent my client any info, the hacker was able to read it easily. I instructed my client to remove webmail from his hosting control panel, then set up a hotmail account. I then cleaned the site again, and sent new admin URL and passwords to the hotmail account.

Since then, no more hacks.

So, when you think that it is your osCommerce site that is the problem, it might well not be. Make sure to lockdown EVERYTHING, including hosting control panel, your own computer, etc. Change passwords regularly. If you give your password out to anyone (eg, a developer), make sure to change it again after he has finished work.

Remember – it takes only one dis-satisfied client of your shop to ruin your reputation. Don’t let that happen because of a lapse in your security!

HAZMAT Handling Fee in osCommerce

This morning I came up with the code to enable HAZMAT Handling Fees in osCommerce. My idea was to allow the Shop Owner to set individual products to be “Hazardous” or not. If they are Hazardous then a Handling Charge is introduced at the checkout_confirmation page.

Step 1 was to create the extras needed in the product adding/editing page;

Step 2 was to code up the HAZMAT Order Total module;

Step 3 was to link the two together to show at the confirmation screen;

Not too difficult. Obviously there were extra things to do such as creating functions and changing the cart class slightly, as well as making language definitions. Here is the finished layout, so you can see how complicated even a little job can be;

All in all, a nice and easy code chop up, ready to rock and roll on your osCommerce site. I don’t do “contributions”, I only do “commercial” – so if you are interested in getting this, please email me to discuss rates.