Yabber

Such a leak of customer data could result in huge fines for Prestashop. This is probably why the previous owners sold Prestashop so quickly.

@DRMasterChief It won't be a "Cancel order" button, but a confusing contact form where the customer has to fill in dozens of pieces of information. This was certainly not the intention of the creators of this law. The customer clicks on the "Guest Tracking" link and sees a single "Cancel order" button, which changes the status of the order in the store to "Order canceled". And that's it.

Here is a description of the attack vector: https://www.prestashop.com/forums/topic/1105466-recent-prestashop-securtity-alert/?do=findComment&comment=3543558 Conclusion: Prestashop Addons Marketplace is a dangerous store where you should not provide any login details for your store. If you have provided your login details for your store on Prestashop Addons Marketplace, you should change them immediately.

The standard procedure in Prestashop is to release beta versions with thousands of bugs and security vulnerabilities for download as stable versions, and then fix these bugs in dozens of subversions. If stores do not update the engine and modules, they get hacked. There was a security vulnerability in PS 9.0.2, which was patched in the latest version 9.0.3. The basic order completion module “ps_checkout” used since PS 1.7 also had a vulnerability Here are all the security vulnerabilities detected in Prestashop and its modules: https://security.friendsofpresta.org/

I tested “Kustom Official” module on PS9 and WooCommerce. The module is designed as an aggressive virus. During the order finalization process, the module hides all other payment methods, presenting the customer with only the “Kustom” payment option. It is a terribly aggressive and intrusive way of fighting competition.

Cyber_Folks is owned by H88, a company that has been acquiring smaller hosting companies in Poland for many years. After each such acquisition, the prices of all services are raised by an average of 300%. Also, after this acquisition, Prestashop will be the most expensive SaaS in the world.

In the language configuration: Localization -> Languages, add your own “No-picture” images (can be transparent PNG).

A less labor-intensive solution is to replace the image /img/404.gif with an blank transparent image.

I deliberately deleted the image for this one category to get the effect of displaying a placeholder image 🙂 Whether this is a bug or not is open to debate. If we decide to display subcategory images, we should add images to all categories. However, many stores do not have a uniform data management concept and add images to some categories but not to others. And with these placeholder images, it looks ugly.

Displaying a placeholder image for subcategories causes an bug in getSubCategories() method of Category class: foreach ($result as &$row) { $row[‘id_image’] = $row[‘id_category’]; $row[‘legend’] = ‘no picture’; } Whether the image exists or not, ‘id_image’ with the ID of the given subcategory is always returned. And if there is no image, the rules from htaccess load a placeholder image.

As for a descriptive list of changes for version 1.7.0, it does not exist yet, because this version is still under development. This is a programming list of changes: https://github.com/thirtybees/thirtybees/compare/1.6.0...main Without knowing which module you are using to create these articles, it is difficult to say anything.

Since you're already spending time on upgrades and testing, it's best to upgrade thirtybees to 1.7.0 (Bleeding edge) and enable PHP 8.3.

It is not just a matter of module compatibility with a given version of Prestashop. This module is based on the SaaS model and requires the “ps_accounts” module to be installed and the store to be integrated with Prestashop servers. Soon, you will have to pay a subscription fee to use these modules, and if you don't pay, Prestashop will be able to disable any modules it wants in any store it wants.

Personally, I think Turnstile is MUCH better than Google reCaptcha. It's also worth considering changing your anti-spam security.

Not all stores use Clodflare. The module from the thirtybees repository “nocaptcharecaptcha” also secures the customer registration form.

This module has bugs, and this response from the module developer makes no sense. It's easy to verify. Just write a product review or log in to your customer account. Then check the tab: Customers -> Shopping Carts. No shopping carts are created from writing comments or logging in. In the Cart thirtybees class, there is no such thing as an "abandoned cart", so there can be no bug in something that does not exist. Whether a cart is abandoned or not is only classified by modules using their own methods.

Modules on Prestashop add-ons have new versions every few moments because these modules contain millions of bugs and are constantly being fixed.

The Stripe module for thirtybees supports credit cards and iDEAL payments.

At the bottom of page, JavaScript scripts are loaded, preceded by comment: /* <![CDATA[ */

https://github.com/thirtybees/blockviewed It also collects product data from cookies. After all, this module has no value for customers, so why install it in the store?

I have never encountered a carrier module for Prestashop that would provide such detailed information about shipments via API. Not even from such giants as UPS, FedEx, or DHL.

Why do we need a solution that is only needed in one store out of a million? Let the customer learn how to configure redirects in their email account. One customer wants to send to two emails, and another wants to send to two hundred 🙂 That's what redirects in the customer's email account are for.

There has been no activity on GitHub for over a month.

I did a test on a client account with a gmail address and all the store's emails are delivered correctly. Also, the reason for non-delivery of mail is definitely a misconfiguration of the mail server on the hosting.

I thought that a gmail account is used to send mail in the store and that's why you wanted to change the “from” field in phpMailer. A common cause of non-delivery of email is the misconfiguration of the DNS zone of the domain from which we send emails. Missing records: dkim, spf, dmarc. Check your domain to see if it is configured correctly: https://mxtoolbox.com/domain/ You can also check if, due to spam, the domain has been added to some RBL lists: https://www.anti-abuse.org/multi-rbl-check/