Ecommerce software home
Shopping Cart Software Forum for Ecommerce Templates
Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?



Find us on Facebook

Follow us on Twitter

View our YouTube channel


 All Forums
 Technical
 ASP (Windows server) versions
 New Error Popping up since last week - cookies?
 New Topic  Reply to Topic
 Printer Friendly
Previous Page
Author  Topic 
Page: of 2

stevep
Advanced Member

USA
167 Posts

Posted - 08/23/2019 :  05:16:14  
Here is what Trustwave is asking me to confirm with regard to my dispute: "Can your organization confirm that "ectcartcookie" is not a session cookie but rather a tracking cookie that has nothing to do with authentication to this system?" Vince stated above that this is in fact a session cookie so chances are they won't approve it.

This is what I stated in my dispute: "No sensitive or cardholder data is held using the session cookie" per my software developer."

Is it in fact a session cookie, and can it be stated that it has nothing to do with authentication? They either ignored "sensitive or cardholder data" or don't consider that a satisfactory response.

Steve

Vince
Administrator

37929 Posts

Posted - 08/23/2019 :  08:22:27  
The ectcartcookie is just a tracking cookie and is just used to track the cart items that customers put in their shopping basket.

Vince

Click Here for Shopping Cart Software
Click Here to sign up for our newsletter
Click Here for the latest updater

insight
ECT Moderator

USA
4044 Posts

Posted - 08/23/2019 :  17:00:39  
For what it's worth I threw together an ASP test site using the latest version 7.1.3 (build: 7.1.3.003) and it sets the ectcartcookie securely exactly as expected, so it all looks to be correct on the ECT side. If you get something different then either you don't have the correct/latest vsadmin/inc/incfunctions.asp file up there, you have a hosting problem or Trustwave are just plain wrong in their assessment (this is not uncommon). So while they might grant you an exception for this, you don't actually need it.

Peter


Professional ecommerce web hosting services
Shared hosting Windows & Linux | Dedicated servers | Domains | SSL
Ecommerce Templates specialists since 2003
https://servelink.com

stevep
Advanced Member

USA
167 Posts

Posted - 08/28/2019 :  13:24:15  
Trustwave approved the dispute, they appear to have gone onto the site and processed a null order to check it. My problem now is my cart.asp page is broken, it is not possible to "buy now" any products and clicking "Cart" produces a 500 - internal server error.

I don't know if the v7.1.3 update has a new version of cart.asp, apparently not. Please advise what could have caused this to break.

Thank you,
Steve

dbdave
ECT Moderator

USA
8023 Posts

Posted - 08/28/2019 :  14:04:48  
Hi, you should get the actual error. That "500 error" is a generic error.
You could check your site logs, ask your host, or turn off friendly error messages, but that error will reveal the issue.

stevep
Advanced Member

USA
167 Posts

Posted - 08/29/2019 :  05:28:08  
The problem related to what I had posted on p. 1 of this thread: "Instructions for custompayproc are incomplete and conflict with prior instructions. I have deleted old versions from vsadmin/inc folder, which then makes it match the updater in number of files and total size."

The fact that these two files were missing was the cause of the problem - I don't have my own payment processor therefore didn't update them at any time, but deleted them when I was trying to troubleshoot the PCI scan failure problem so I could compare file and directory sizes. Instructions are included in the readme file in that directory as follows:
"The 2 files contained in this folder are to help those who wish to implement their own payment processor. They need to be copied to your vsadmin/inc directory BUT ONLY IF they are not already present in that directory. If you already have these files in your vsadmin/inc directory then do not overwrite them."

The copy above indicates that they may not be present, but as I found out the hard way, they are needed so this should be made clear.

Topic is not mentioned here https://www.ecommercetemplates.com/updater_info.asp. I did a search for custompayproc in the 7.0 user manual and did not get any results, though I do see the topic discussed on p. 43.

Steve

dbdave
ECT Moderator

USA
8023 Posts

Posted - 08/29/2019 :  06:54:35  
Hi, the software does look for those file, in case they are needed.
I sounds like your 500 error was simply a file not found error.
The db_conn_open, includes, and those two files are not part of the updater.
You can also create a custom css file for the admin.
In the end, you should never "wipe out" the vsadmin when installing an update, but rather use the update instructions and overwrite any files in the update package.

It sounds like you are all set now, and being that your know more about the update installation process, it sounds like you have it all set going forward.

stevep
Advanced Member

USA
167 Posts

Posted - 08/30/2019 :  06:27:13  
Just one more quick comment - I did not wipe out anything, just deleted the two files in question since I was troubleshooting based on suggestions that the updater did not complete fully. The two files in question are not included in the vsadmin\inc folder on the updater, so deleting them allowed me to compare the two directories, with particular attention to incfunctions.asp as had been suggested. I stick by my suggestions.
Steve
Page: of 2  Topic   
Previous Page
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Shopping Cart Software Forum for Ecommerce Templates © 2002-2019 ecommercetemplates.com
This page was generated in 0.02 seconds. Snitz Forums 2000