30knees

Is there anything we should manually change with installed modules from a security perspective?

@mockob said in What's the best way to optimize product pages?: From my experience with my current ps 1.5 shop it is hard to optimize product pages for search engines. The only thing that google sees is the meta title and description, nothing about long description. I made my short description as rich snippet but what about the description, google doesn't care about it. For my products I have decent unique descriptions, some are more than 1000 words. Submitted manually the pages in webmaster tools etc. Is it true that product page content isn't properly indexed for SEO in tb? It seems hard to imagine.

Volume discount pricing isn't working for one product where I have it apply to only a specific combination. It works for other products (and the same product) where I choose all combinations. Might this be a bug for volume discounts and specific combinations? This is what I have in the backend: This is what is shown in the front-end (and the 12% for 5x is also not calculated):

Hallo, hat hier jemand mit remarketing Diensten im deutschsprachigen Raum Erfahrungen, zB AdRoll, Tapad, etc.?

@manisch said in DSVGO ThirtyBees Modul: Kennt ihr euch eigentlich mit Verträgen zur Auftragsdatenverarbeitung aus? Habe gerade die Diskussion, wann man das mit Google (Analytics) und Facebook (Pixel) abschließen muss. Mein Verständnis ist es, dass es jeden betrifft, der so einen Dienst nutzt, weil Kundendaten von externen Firmen weiterverarbeitet werden. Das Gegenargument sei, dass das nur wichtig sei, wenn noch eine Agentur dazwischen geschaltet ist. Wenn sich ein Shop-Betreiber direkt bei Analytics anmeldet, dann würde es ohne Vertrag gehen... Ein Vertrag ist bei beiden Varianten erforderlich. Bei Google kann man einen ADV ganz einfach abschließen: https://support.google.com/analytics/answer/3379636?hl=en

@drmasterchief said in New General Data Protection Regulation 2018-05-25: Would it be possible to remove the tickbox - but leave the text- from - Block customer privacy (module) - checkout last step (i agree to terms and conditons....) because customers must not be forced to tick any of these. They just have to read it. This is why the text (with link) should be there, but no tickbox. Would this be possible with the tb GDPR module? Agree - no tickbox needed from a data protection perspective. The information just needs to be there.

@mdekker said in New General Data Protection Regulation 2018-05-25: An unsubscribe option by email (w/o account) is more important. From the Dutch GDPR regulator's website (www.autoriteitpersoonsgegevens.nl): Correct - unsubscribe is super important. The unsubscribe link should also be in every newsletter sent, etc.

@datakick said in Question: GDPR for module developers: I have two modules that I believe could be affected - revws module that collects product reviews, and price alert that notifies your customer when prices drops below some threshold. Both these modules collect personal information, specifically email addresses. But you don't get any personal data, only the shop owner does, right? This should be covered in the privacy notice towards the customer. What you want to make sure is covered is: - Export of the data supplied, eg in a CSV - Data deletion - Data correction The PS guidelines say you need a consent tick box. That is incorrect. Consent need not be indicated by a tick box. If the customer submits a review it's clear that they consent to that processing.

@lesley said in New General Data Protection Regulation 2018-05-25: I personally do not think a contact form needs a consent. A user knows what they are doing when they trigger that form. They know emails are stored. Quite right, no tick box needed. Two possible legal bases here: 1) Consent, which is indicated by contacting you. 2) In order to take steps at the request of the customer prior to entering into a contract. A lot of people think consent is something the GDPR requires. That's a huge misunderstanding. It's one of a couple of legal bases for any processing.

One solution for 'services' like social sharing, send to friend, etc, if technically possible, would be to drop the cookie only when the service is requested. I think there's a good argument then that no consent is required.

Nope, haven't found any solution yet. :(

Thank you for this. module. You could edit the title so it's clear right away what the module does.

Thank you! :) I get the following: ``` ThirtyBeesException Class 'Stripe\Customer' not found at line 119 in file modules/stripe/vendor/stripe/stripe-php/lib/Util/Util.php php 114. if (isset($resp['object']) && is_string($resp['object']) && isset($types[$resp['object']])) { 115. $class = $types[$resp['object']]; 116. } else { 117. $class = 'Stripe\\StripeObject'; 118. } 119. => return $class::constructFrom($resp, $opts); 120. } else { 121. return $resp; 122. } 123. } 124. /** - ThirtyBeesStripe\Stripe\Util\Util::convertToStripeObject - [line 135 - modules/stripe/vendor/stripe/stripe-php/lib/ApiResource.php] - [2 Arguments] php 130. protected static function _create($params = null, $options = null) 131. { 132. self::_validateParams($params); 133. $url = static::classUrl(); 134. list($response, $opts) = static::_staticRequest('post', $url, $params, $options); 135. => $obj = \ThirtyBeesStripe\Stripe\Util\Util::convertToStripeObject($response->json, $opts); 136. $obj->setLastResponse($response); 137. return $obj; 138. } 139. /** 140. * @param string $id The ID of the API resource to update. and more, but it looks like the above is the relevant part.

I'm getting a 500 server error message at the "Card verified, redirecting" stage. I've copied the error code, which looks like def5020***. If it's safe to do so, I can post it here. I'm using the latest Stripe API and the logs in the Stripe account don't show anything. The customer is captured, but the payment isn't. Any idea how to troubleshoot?

Take a look at the @datakick module. It's very capable!

I was looking for something similar, see https://forum.thirtybees.com/topic/806/using-packs-and-combinations-a-possibility-or-is-there-another-solution I don't think it's possible. :(

@manisch I've had that, too, but with a different shop software. Because of that, I think it's often the customer. I've not been running tb long enough to have it happen with tb yet.

@geo86 You can have different categories of attributes. You could call one global and the next product-specific. Then you can mix and match the global ones with the product-specific ones. Would that work for you?

@wakabayashi I just noticed that while the hack fixes the problem on the order creation page, it pushes it further down the line for the first order attempt. Now the error pops up on the next page after clicking "Create the order". But, when I tried a second time, like you wrote above, the order went through. Might there be another spot where some code needs to be edited?

@wakabayashi I turned off multistore but get the same error message. Your hack works perfectly, though! Thank you!

@wakabayashi I'm using 1.0.3. I'll test turning off multistore and also your hack and write again. Thanks! :)

@wakabayashi Thanks for confirming! Multistore is active, but I only have one store. I've tried to create the order multiple times and it still doesn't work. I've also cleared out any unordered carts, etc.

It's really nice!

With certain customers, and I haven't been able to figure out which, I'm unable to place a manual back office order. I get this error message when I select any product: An order has already been placed with this cart. This product cannot be added to the cart. Does anyone have an idea how to troubleshoot the issue?

@kryotic said in Floating/Fixed Top Bar: Thanks for suggesting the Sunnytoo themes, they definitely do it. It's a bit too early to invest in TB though. Will be checking out Woo and PS 1.7. I was in your shoes a while back. If you're testing and comparing, I'd recommend focusing on non-theme elements, on functionality, etc., unless you're looking at how easy it is to edit the theme yourself. Each of those alternatives can be made to look similar.