Jump to content

Welcome, Guest!

By registering with us, you'll be able to discuss, share and private message with other members of our community.


  • Content Count

  • Joined

  • Last visited

  • Days Won


Traumflug last won the day on March 24

Traumflug had the most liked content!

Community Reputation

824 Excellent


About Traumflug

  • Rank
    Markus Hitter

Recent Profile Visitors

4,060 profile views
  1. Of course I know how XSS works. This "somehow manages" simply must not happen. Neither originating from a browser, nor originating from elsewhere.
  2. If hackers can work around a security measure by simply accessing the server directly, this measure is pointless. Maybe that's why I don't care much about such headers and turn my attention to safety of the code instead. That said, if these headers don't get into the way, it's fine to add them. Not too easy, because modules have a tendency to grab resources from about everywhere. Fonts, images, icons, some even call home.
  3. Setting headers doesn't improve security of a server. A browser can respect these settings, a malicious visitor would simply ignore them. To test server security, there are scripts like testssl.sh: https://testssl.sh/ Don't forget to turn off UFW DoS protection and Fail2Ban while testing, testssl.sh triggers them. That said, these CORS requests for Core Updater still work.
  4. In this screencast you edit metas and product name all the time, this doesn't matter. Only this 'URL amigable' field matters. Maybe it's simply too long. As long as saving reports an error, it's pointless to try in front office anyways. Also, after changing SEO preferences, reloading a product page doesn't work, because the URL of that page has changed. One has to start over at the home page and also reload that. With these tips it shouldn't be hard to get this working. There are always these demo products where one can look at.
  5. You shouldn't modify files coming with the distribution at all. First choice to tweak functionality is to use hooks, this is the most maintainable way. If this doesn't work, one can use overrides. Common to each of these strategies is that you add files rather than modifying existing ones. Which removes the license question, you can put these files under any license you like, including "proprietary". That said, if you fix bugs or enhance code in a way interesting for all merchants, it's always a good idea to feed them back to the project. This eases future updates a lot and gives you free maintenance for these changes.
  6. This is apparently a well known issue elsewhere and connected to libcurl 7.69.1. Switching to an earlier or later version (in cPanel) should solve it. Note that the Curl used by PHP isn't necessarily the same as the Curl used on the command line. https://github.com/guzzle/guzzle/issues/2617#issuecomment-674176945
  7. I fear, neither PrestaShop nor thirty bees nor Merchant's Edition support dealing with fractional quantities natively. One can work around this by selling grams and tweaking the theme to look more convenient. Like some JavaScript on the product page to replace '1500 x 1g' with '1.5 kg'. Another, often seen solution is to offer variants ("Combinations") of the same product in various sizes. Product "flour", then combinations with 0.5 kg, 1.0 kg, 2.5 kg, ... This is supported natively, just like distinct colors.
  8. Core Updater v2.0.0 was just released: Blog Post Github This Core Updater includes all features of thirty bees' Core Updater, but should not confused with it.
  9. This screenshot looks much like broken code. No matter what's up with password or cookies, the full login screen should appear. Time to look up whether all files are still there.
  10. Why do you bring this up, then, like so many other do? Makes no sense. Constantly asking for the impossible is, ... well, I'll stop talking here.
  11. That's pretty much on every page load. Even when visitors just look around, sections like "recently visited" changes on about every click. Don't believe it? How about a look from the opposite direction, an e-commerce solution for Hugo, a static(!) web page generator: https://snipcart.com/blog/hugo-tutorial-static-site-ecommerce Essentially they use their static pages just as a placeholder for a dynamic e-commerce solution just like PrestaShop/thirty bees/Merchant's Edition. Third, page caching can apply to the initial HTML page load, only. And that's less than a second on a decent hosting already, so there's simply nothing which could be taken away by caching. All other time spent until the loaded page is completed is for loading images, fonts and embedded stuff like Google Maps, Google Translate, whatever. Full Page Caching for e-commerce is a pipe dream which simply doesn't want to die.
  12. Wieso denn als ZIP? Diese PrestaShop-Leute machen immer alles viel komplizierter als notwendig. Falls alle Stricke reissen, hier ist die config.xml von PrestaShop config.xml
  13. Probier's halt einfach aus. Die beste Anleitung nutzt ja nichts, wenn bei Dir das vergleichen zweier Textdateien unter "Bahnhof" läuft.
  14. Bleeding Edge currently lists '1.0.x', 1.1.x', 1.2.x' and 'main'.
  15. It's new to me that PS offers upgrading from 1.6 to 1.7 at all. Module 'autoupdater' allows upgrading up to, only, AFAIK. Given this, it doesn't work with tb either, of course.
  • Create New...