right_side

Categories

Archives

Search

























Posted on 20 Nov 2008 - by Ali In: Random Thoughts

A bug in 2checkout passback variables

A couple of months ago, when I was developing custom E-Commerce Management which handles all the orders, customers, support, product, product downloads etc etc including a shopping cart using third party credit card processor www.2checkout.com I figured out  minor bug, and I was amazed to see that one was able to download products without even purchasing any product, and I am sure several of the people might have downloaded my own products which I was selling through 2checkout.com
 
Note : I hope I will be given credit by the 2checkout.com team for pointing out this security issue.
 
Other companies knew ?

Yes ! I have seen several companies selling shopping carts integrated with 2CO but I guess they never told 2CO about this error, and that was one thing which made me think how poor attitude people have about telling something to others. This was quite unfair for the people who were selling their templates or ebooks, and one was able to download it for free without paying..

 
Where was the bug ?
 
I am currently using 2checkout.com but since I have developed an Advance E-Commerce system, it can no longer be applied to my shop at http://www.swish-shop.com
 
2CO provide you facility to put your system in DEMO mode so that you can test your system and /or if you are working on shopping cart no actual sale occurs, the bug was in DEMO mode. But you might be thinking that companies selling products were not in demo mode, how one was able to download ?
 
well, what you had to do was put the seller id and another variable &demo=Y in the url, and fill up the credit card information, since it was in demo mode, there was no actual check for the credit card and 2CO system shows a page at the end which states “This was the demo transaction, no actual sales were processed” but what the heck ? at bottom it was mentioned, here is the product for your demo order ? and direct link to the product was given.
 
When I saw that I was completely shocked, I said WOW what a bug in the system, then I tried this method on other couple of sites and it and it worked, it was quite a shame, then I thought why my sales graph went down.. LOL..
 
But now, I have developed a system which never provides the purchased product immediately, this is because there are several fraudulent attempt (stolen credit card), and I don’t want to give my product away for free, so what my system does, is checks either the user is already a customer ? if NO, the customer is added to the database after the successfull payment (soon as his order completes), and they are given a username and password to login to their account, their account show the status of their order “pending”, and soon as I approve those orders am email is shooted toward the customers detailing their download details and saying that their order has been approved and they can download the products.
 
This system really helps and saves a lot of my time by manually adding customer and their details in my client base, if you need help let me know I have a wonderful solution for the people who are using 2checkout.com
Posted on 20 Nov 2008 - by Ali In: Web Downloads

Cross browser rich text editor WYSIWYG

Well, this is complete FREE to use WYSIWYG Editor, and I must say that its great, most of the companies charge you $800 or even more for having a license to rich text editors, but here it is, completely FREE to use in your scrips.

I must say a big THANKS to Kevin Roth, the developer of this script and his generosity for giving away this script with Publis Domain License. I used this script in one of my project when I didnt have another Advance Editor which I have used in my Article Management System.

Rich Text Editor Demo
http://www.kevinroth.com/rte/demo.htm

The cross-browser rich-text editor (RTE) is based on the designMode() functionality introduced in Internet Explorer 5, and implemented in Mozilla 1.3+ using the Mozilla Rich Text Editing API. The cross-browser rich-text editor now includes table support (as of 2/10/2005) as well as an option to generate xhtml-compliant code (as of 2/24/2005).

This code is public domain. Redistribution and use of this code, with or without modification, is permitted.

For frequently asked question and support, please visit http://www.kevinroth.com/forums/index.php?c=2

Requires: IE5+/Mozilla 1.3+/Mozilla Firebird/Firefox 0.6.1+/Netscape 7.1+, or any other browser that fully supports designMode() for all rich-text features to function properly. All other browsers will display a standard textarea box instead.

Source: rte.zip, rte.tar.gz
Included in the zip are HTML, ASP, and PHP demos. Also, here is an html demo showing multiple RTEs on one page.

Change Log: changelog.txt

Click here to be notified when a new release of Cross-Browser Rich Text Editor is available.

Posted on 20 Nov 2008 - by Ali In: Random Thoughts

What is Public Domain License

What is Public Domain License ?
 
Sometimes it confuses some of the people what actually “Public Domain License” is ? Well, a quck answer to this is that “Free to use in any way, personal or commercial”. Well, I have been looking for a couple of articles and at the end I found that everybody has posted those articles, so its useless to post the outdated articles and news, for example I created a category for public domain articles and after a few minutes I realised that the articles I found useful were posted over a thousand of websites, so its pretty useless to repost that material.
 
But, yes its useful for the people who organise those articles and confirm that those are public domain articles, then arrange an ebook or some sort of online course or anything and sell it, I guess the people dont have time to search and read, so they just use their credit card and buy those e-books.
 
For examples, here is the list of coupld of articles you can republish on your website without any restriction
 
here is some useful information I found at  http://www.ezau.com
Public Domain and Free eText Sources
Project Gutenberg - Project Gutenburg claims to be the Internet’s oldest producer or ebooks or electronic texts. You can search their database by title, author or subject. The subject field comes in handy if you are looking to create products for a target market. The site has full instructions on how to define your search and files can be viewed in text format online or you can download zipped texts to your hard drive.Internet Public Library - has over 20, 000 titles you can browse. Search by author or title. The books can be viewed online in txt or html and zip versions of each format can be downloaded. The download links do not open in a new window so you might like to right mouse click on the download links and select the “save as” option to download.

Search eBooks - seems to have thousands of texts available to read online. You have one search field. Results shown provide two links for each result. One to read the text and the other is the home page of the provider. If you have difficulty finding what you want while searching more than one word, try closing the search string with “inverted commas” as this will produce a different result.

It’s more difficult to find help, terms of use and specific copywrite information at this site. Still a handy resource because search results load quickly. To find more copywrite info about titles at Search eBooks, it might be a good idea to re-search the titles at Internet Public Library or Project Glutenberg.

Public Domain Riches - is a special course which covers how to get into the business of marketing public domain books. It teaches exactly how to research and profit from public domain material.

 

Check Copyright Before Publishing

It is suggested that you check the specific copyright information for each title if you intend to republish with your own brand. Some of the titles copyright information are straight forward but others are difficult to even find. Public Domain Riches has more info about this.Either way, you can still read thousands of titles completely Free.

Posted on 20 Nov 2008 - by Ali In: Random Thoughts

Swish user forums and online communities

Well, you might be expecting that I will start putting the names straight away :) if you are here it means you want to know a little about those communities, ok then wait :).. Well definitely I would start with the larger communities, so I will pick the hot name swish-db, not becuase I am admin there, but becuase the stats rock and the staff team is extra ordinary.. here you go..
 
This is the largest swish community site on the internet today with more than 90,000 registered members ,  more than 650 tutorials and about 1500 files to download and learn. This is not only me who say that the staff is extremely helpful but they alwasy willing to share their knowledge and reply instantly to your questions, well I will stop here you can see by visiting the link and  you will find I have said.

SwishTalk
http://www.swishtalk.com/

Swishtalk is the second largets community for the swish users, and once it was teh largest when its name was swish-tutorials and Brian was the Admin, was extremely active, helpful and useful. Now, since its renamed and owned by another company it still has a lot in their forums, useful topics but its not that much active.

13Dots

http://www.13dots.com/

This is yet another swish community, this community do not concentrate mainly on swish, but they have expanded their forum to everything on internet, designing, legal documents, contests and much more. The good thing is that its agian very freindly community where you can find a lot of useful information.

DesignsXchange
http://www.designsxchange.com/

This is another siwsh user community with very useful forum and downlaod center, I guess they have tons of useful files in their downloads area, William has provided tons of FREE templates to use.

Flashkit Swish Forum
http://board.flashkit.com/board/forumdisplay.php?f=17

This used the be the first swish help forum, tons of information, not much active but still worth visiting.

Swishzone Swish forum
http://forums.swishzone.com/

This is official help forum by the owner company, its worth visiting and browsing, tons of useful information here.

SWISHscript dictionary
http://www.swishtutor.com

It is a personal project by Eduard Boka, intended to help swishers all around the globe. Here you will find all the SWISHscript terms you ever wanted to know about. To use a sample from the dictionary, simply copy and paste it in SWISHmax and test your movie. So stop searching for answers, you have them all here

 
Swish Tutorials
http://www.swish-tutorials.com

This was one of the first swish communities, but then it was sold and merged with swishtalk. But ST still has tons of free useful files and tutorials to read, there is no forum, but it can help you with a lot of helpful information

ok that for now, I will keep updating this thread soon as I find other good communities, if you know some of which I missed, please do send me the link, and I will update my article.

Pages (14): « First ... « 6 7 8 9 10 11 12 » ... Last »

Clixint Technologies

© 2012 Ali’s Web Blog
Wordpress Theme designed by DT Website Templates