unbranched

That's awesome, thank you! Can we hope in a stable 1.4.1 version soon?

Hi, I successfully upgraded from TB 1.2.0 to TB 1.4.0 but now I encounter this problem: in the backoffice login page if i put my correct credentials and press Enter, the page refreshes to the same login page. If then I just revisit the backoffice page typing it in the browser URL bar, I can access the dashboard without login. So I think there's a wrong redirect from the login page, or cookies are not seen at first, or the given tokens are wrong. My server setup Ubuntu 20.04 php 7.4 MariaDB 10.3 Thirtybees 1.4.0 Nginx configuration (I did it as much simple as possible for the tests): server { listen 443 ssl; index index.php index.html; server_name mywebsite.com www.mywebsite.com; root /var/www/html/mywebsite; ssl_certificate /etc/letsencrypt/live/mywebsite.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/mywebsite.com/privkey.pem; # php rewriting location ~ \.php$ { fastcgi_pass unix:/run/php/php7.4-fpm.sock; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } }

You do it with the "From:" parameter in the header, depending on the email server you use.

Ok I spent too much time but I solved this with DIY... now my script handles everything. At least I don't have to pay those online services. Would be great if TB will offer a more complex module to handle this GDPR complications.

I know we need to be careful with internet sources, anyway my primary was this , that links to this Paypal page. One other source is this, that shows a consequence of denying marketing cookies.

Trust me, I would 100% agree with you if it was 1 week ago. The problem is that I just discovered I need to handle this Paypal thing because they use analitycs cookies when the user buys. That's the point of this thread. So, sadly is not a necessary technical cookie anymore and I must give the user a choice. With your method you include all Paypal cookies included the analytics ones (unless cookiehub allows a more granular selection, I don't know), so I GUESS you're doing it wrong. Thirtybees is an ecommerce software, I bet 90% of its userbase uses Paypal module, so I really wonder why I can't find other topics about this. Looks like a big priority to me. Please tell me if I'm wrong, comments are welcome.

"So categorise the main paypal ones as essential for example which means the customer can not reject them" Ha! This totally kills the purpose of GDPR, never thought about this. Better find another solution, anyway thanks for sharing!

Hi, I don't use any analytical/statistical cookies on my website, but when a user buys a product can use Paypal to checkout. As far as I understand, I MUST add a cookie banner that can selectively block the installation of analytical/statistical cookies due to Paypal cookies. I'm currently using the "EU Cookie Consent" module that links the above explanation in my privacy policy. You can understand that this is not enough, so what can I do? Does the Cookiebot module handle this problem? If yes and if the user denies the consent, how the checkout page will be shown? Will the payment just fail? I'd like to know some personal experience before considering to pay for Cookiebot. Are there any free alternatives out there, even js scripts that can be added?

Not at all, not using inline things is actually always recommended in web developing since years.

Hi, just curious about the thirtybees cookie that is set just by browsing the website. Is it just a technical cookie or something analytical too? Due to those GDPR cookie warnings we must put on websites, I'd like to be sure about that. Then, I see you also use a tracking pixel, what's the purpose of it? Thanks

I was about to contact you due to CSP and found this thread. Is TB team working on this? Using Mozilla Observatory the best score I can get, making frontoffice & backoffice work, is B (screens in attachment). One first (easy I hope) step to let users setting a stronger CSP would be not using any inline script & css. Another is implementing some Subresource Integrity.

Ok, I'll retry asap.

Same problem here.

Looks like it wanted the contents inside my language folder, not inside "en". I'll double check this later and will put Solved on title if it's fixed.

I'm on TB 1.2.0, upgraded from 1.1.0 last week. On the backoffice translations page, the section for "blocknewsletter" says that english files are missing and to check under <MyPath>/modules/blocknewsletter/mails/en . There was no "en" folder, so I copied it with its contents from your Github, changed permissions, but the problem persists. What's still missing?

I'm on TB v1.1.0, Core Updater v1.3.2 can't compare versions because of CORS: Blocked multiorigin request (cross-origin): [...] https://api.thirtybees.com/coreupdater/master.php. Reason: CORS request failed. I'm using TB behind nginx, so I already tried this and then also tried adding in my .htaccess this , but no luck. Any suggestion? EDIT: oops looks like it was some Firefox addon... tried a clean Firefox profile and it works.

@yaniv14 ?]$+>!`=

Solved. This has been really tedious, not for first timers... So in the end looks like TB smtp interface is buggy or doesn't handle passwords with special characters or wathever. I ended up installing Postfix, configuring it to relay to the smtp mailservice, setting the login details and changing the header to use the correct sender address. After all this, I select the php mail() option in TB interface and the system still uses postfix smtp conf. Tested and works.

Almost solved. Looks like Ubuntu doesn't come by default with sendmail-bin, so installing it the php mail() function works. This should be added in install docs... Now, for reasons I'd like to use the smtp email but it still doesn't work. I tried installing msmtp package and configuring it, then sending an email with it via shell works, but via Thirtybees still not. I wrote this in php.ini: sendmail_path = "/usr/bin/msmtp -t" with no other params because they're already set in TB interface. What else should I need?

@datakick Thanks for the infos. I don't know what to look for: my php config is the default Ubuntu one, with just the recommended settings applied as suggested by thirtybees install docs. See it in attachment. I also attach my nginx virtual server conf. Php modules: # php -m [PHP Modules] apc apcu bcmath calendar Core ctype curl date dom exif FFI fileinfo filter ftp gd gettext hash iconv imap json libxml mbstring mysqli mysqlnd openssl pcntl pcre PDO pdo_mysql Phar posix readline Reflection session shmop SimpleXML sockets sodium SPL standard sysvmsg sysvsem sysvshm tokenizer xml xmlreader xmlwriter xsl Zend OPcache zip zlib [Zend Modules] Zend OPcache nginx php.ini

I'm getting php errors in nginx: 94123#94123: *30016 FastCGI sent in stderr: "PHP message: PHP Notice: Trying to access array offset on value of type null in /var/www/html/mysite/classes/ErrorHandler.php on line 181" while reading response header from upstream, client: 83.xx.yy.zz, server: mysite.com, request: "POST /adminurl/ajax.php?rand=1611394623600 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:", host: "mysite.com", referrer: "https://mysite.com/adminurl/index.php?controller=AdminEmails&token=04017..." 94123#94123: *30018 FastCGI sent in stderr: "PHP message: PHP Notice: Trying to access array offset on value of type null in /var/www/html/mysite/classes/ErrorHandler.php on line 181" while reading response header from upstream, client: 83.xx.yy.zz, server: mysite.com, request: "POST /adminurl/ajax.php?rand=1611394693404 HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.4-fpm.sock:", host: "mysite.com", referrer: "https://mysite.com/adminurl/index.php?controller=AdminProducts&token=2318b..." Could it be related? Is php 7.4 fully supported? EDIT Another update: tried this time on a raspberry in my home, only difference is php 7.3. -Test email with php mail(): says succesfully sent, but I don't see anything in my webmail inbox... -Test email with smtp: same red error telling me nothing, like in my original post. -No php errors in nginx logs. -Tried then with apache instead of nginx. Same behaviour. I'm starting to think could it be a mariadb issue? I'm almost clueless now, I need help.

I'm the server admin, and I already tested sending emails via shell, just to see if my hosting provider would block some outgoing traffic. They work without any issue.

@30knees I'll check again asap, but I'm pretty sure I already have 755 on all folders, and owned by www-data user. Edit: I confirm this.

Yes, it's blank.

Setup: -Thirtybees 1.1.0 fresh installation -Ubuntu 20.04 -nginx server (tls v1.2 and 1.3) -php 7.4 -mariadb -thirtybees languages: english and spanish The BO test email never sends, I tried php mail(), smtp mail with different providers... but always fails. The message in red is only "Error: check your configuration". The debug mode doesn't show me any more details about it. One thing to note: if I intentionally put a wrong password in smtp details, the error message changes (wrong parameter from service, or something similar), so with the correct password my server actually succeeds in reaching the email service. Normal email sending from the server shell works. I searched here and on your github, but I don't find anything relevant (maybe only the languages thing of another github issue, but the files are all there) so I wonder why I'm the only one having this problem.