AGORA.CGI History Log (Newest to oldest)
***************************************************************************
Version 4.0
(10-Nov-2001)
Changes to manager database import/export routines and updates to the
agora flatfile database library.
Added the 'relay' form item check to enhance ragora.cgi wrapper
alternative program.
Fixed the agora order lib to display names on text of cart properly.
Changed the major gateway order libs so the email return address for
'admin' emails is the 'site admin' email (to hopefully make mailing the
actual order to multiple emails work better.)
Moved a few procedures out of agora.cgi and into the order lib. Changed
much of the code so that is is only compiled on demand, and if the code
generates a compilation error then it is logged with agora instead of just
in the 'server logs'.
Added a new email library that uses the more modern "Mail::Sendmail" perl
module that may be optionally used in the event that sendmail is not
available on your system.
Cart now only adds 'one' of anything, if a second addition is made then
the quantity is adjusted. Also, the cart is now sorted when written to
disk (and thus when displayed) by the cart row fields between the quantity
and unique identifier.
Updated load_cart_copy routine and added save_cart_copy routine.
Shims have been updated for use of 4.0 routines and libraries.
All manager 'ext' files should be compatable with 3.3j or earlier with the
proper shim(s) loaded.
***************************************************************************
Version 3.3j
(18-Sep-2001)
Changes to sample store -- search in header now searches on word
boundaries using exact_match=on, and the category agorascript on the
frontpage uses it as well (xm= same as exact_match.)
Updated Offline gateway to fix check processing.
Added manager support for large databases. Flatfile database library
updated to sort results of searches by key id.
Gateway management removed from inside the manager code and agora.cgi
itself, execution is now via code hooks. Upgrades to gateways are
simplified. Also, many manager functions are now in extension files.
A 'shim' is being made available to pro forum members to bring 3.3d-3.3i
managers up to 3.3j specs if someone does not want to simply update the
entire manager. New manager extensions will operate on the older managers
with the shim loaded. A shim for the main program is also available to
pro forum members.
Item options are now shown in a sorted order on the screen, and are
placed in the cart that way. If you have more than 9 options, consider
using numbers with leading zero(s) and a fixed length (say 2 characters)
so the sort order will be preserved.
The value of each box in the SBW module is now tracked in the 'shipping
thing' string.
Added %%eval()%% to html pages.
There are now 'virtual fields' routines! They are used for display of
shopping cart items in email and the web, but can be used in other places
as well.
Added @db and @cart arrays that describe the data field names, similar to
the %db and %cart variables.
***************************************************************************
Version 3.3i (h,g were pre-release test versions)
(23-APR-2001)
Updated manager to default to single login mode if cookies are not enabled
in the manager.cgi program or the cookie settings are incorrect.
Scrambling of the CC info on local disk is now configureable from the
manager (Offline lib is the only standard lib that uses it at this time).
Added umask 0077 code to upgrade security on files being written to by the
cart and manager, force umask 0022 for writing of .htaccess and
manager.access files.
Fixed the manager bug whereby the '*' was accidently incorporated into new
products.
***************************************************************************
Version 3.3f
(20-JAN-2001)
Manager was updated to allow multiple simultaneous users from different IP
addresses. The "*" char is now used to denote that a record ID should
determined once editing has been submitted byt the web browser. This is
used for "add" as well as "edit" of product database records. The "*" can
be used by itself as the only part of the ID, or at the end of the ID.
Clearing the order log does not check for simultaneous persons viewing and
clearing the log, be careful!
Various speed enhancements, no bug fixes from 3.3e. Some routines were
moved into the order lib from the html lib so that the cart runs faster.
***************************************************************************
Version 3.3e
(08-JAN-2001)
Added IP tracking and "reload protection" on order forms.
***************************************************************************
Version 3.3d
(07-JAN-2001)
Added the %%eval()%% token for product page inc files.
Changed the manager so that the agora_user_lib.pl has sections to it. The
old cart and pgp user libs are no longer required as separate files. It
is now much easier to manage smaller sections of the configuration, and
there is less startup IO with less files.
To add a custom, user managed settings section in the agora_user_lib.pl
file you should name your section starting with the letter X and put it at
the bottom of the file just above the 1; part. For example, until the
manager handles custom taxes you may want to edit them yourself:
#:#:#: start XCUSTOM_TAX settings
$sc_extra_tax1_logic='(0.04)*$subtotal';
$sc_extra_tax1_name='Philly Tax';
#:#:#: end XCUSTOM_TAX settings
1;
Each time the agora_user_lib.pl file is updated by the manager the section
names will be "upcased" and sorted in alphabetical order.
Added verification to the option files.
Added ability to view the order log in the manager. If an order comes in
after "view order log" but before "clear order log", then the new order
will still be in the log.
***************************************************************************
Version 3.3c
(19-DEC-2000)
Added the $eform_xxx and $eform{xxx} style vales to complement the
$vform_xxx and $vform{xxx} vars (xxx is any form data variable). The
eform vars have single and double quotes escaped to " for display on
web pages. The vform vars should always be used for data processing.
Updated the agorascript processing. Cart footers processing updated.
Added 5 new fields to the cart itself (i.e. old carts in the shopping
carts directory are obsolete!) The numbers of the options ordered are
maintained, and there are three user fields in the cart itself. There
is also a flag that can be used for special shipping calculations,
eventually it will be integrated with the SBW module.
Fixed pad length in the manager. Set it to 4 for 1000-9999 products in
the catalog, or 5 for 10000 to 99999 products, etc. A safe number is
probably 4 or 5. Set it to 0 to not pad the product id #'s with leading
zeros.
Removed support for PayPal. Their support and interface were too
unreliable for inclusion here. There are plenty of hacks out there for
use with PayPal, check commerce.cgi support forum in addition to the
commerce.cgi and agoracgi.com mailing list archives.
Added the ability to clear the order form _VERIFY file and re-display a
blank order form. Upon a "reload" of an order form page the CC info is
now blanked out.
Added serveral more code hooks for optional modules or custom libraries.
Added another DOC on having taxes computed for only selected items in the
catalog.
***************************************************************************
Version 3.3b
(13-DEC-2000)
Added a few touches to the options agorascript, added a few more code
hooks for use with the cart's construction. After items are added to the
cart then a custom library and/or agorascript within the option(s)
file(s) can be used to change the cart navigation, handle inventory
control, or perform other functions.
For options files, in addition to the standard "pre" and "post"
agorascript, you may also choose "add-to-cart" (if that item is added to
the cart it is activated) or "add-to-cart-opt-#" (if option number # was
selected the agorascript code is run.)
***************************************************************************
Version 3.3a
(08-DEC-2000)
Changes to the order libraries, and the database library. Minor bug
fixes to Offline library, additional security features installed.
Added "pickup" setting for UPS in the manager instead of forcing folks
to modify the script directly. (Note: UPS code still does not add extra
insurance for expensive packages.)
Any fields on the order form that have _XCOMMENT_ as part of the name,
such as
Ecom_XCOMMENT_Special_Notes
will be included at the bottom of the emails. The field name part after
_XCOMMENT_ is parsed such that the appropriate section of the email will
be marked as "Special Notes". To ensure that the come out in the order
since they are sorted you could call them things like:
Ecom_a_XCOMMENT_Special_Notes
Ecom_b_XCOMMENT_Gift_Card_Note
And the first one, Ecom_a_XCOMMENT_Special_Notes, would come out first
since it will sort first.
Added a new kind of agorascript for the order forms. Before the order
form has any processing done at all, the agorascript of type "orderform"
can be used (in addition to the usual "pre" and "post" style), as in:
Agorascript has also been added for options files.
***************************************************************************
Version 3.2r
(04-OCT-2000)
Minor changes. Modified the Offline module to not cache order form pages.
***************************************************************************
Version 3.2q
(27-SEP-2000)
Minor additions, forces the die routines to do a &call_exit if possible
to cleanup things such as open files.
Changes the emtpy cart mechanism, now centralized and functional too.
Fixed CC EXP print in Offline library.
Fixed agora's built-in picture serving routine to add a leading slash
if the image name needs one.
***************************************************************************
Version 3.2p (3.2o was limited test release)
(26-SEP-2000)
Small fixes and additional codehooks. Linkpoint fix (delete "cart" HTML
HIDDEN tag.)
Added small change to the manager code for image name processing so it is
centralized. It now uses a template string which may be easily modified
without changing the script. The string is $sc_image_string_template found
in the agora.setup.db file. It tells the manager how to re-format the
image name added via the manager for proper display at runtime by
substituting the image name for the %%image%% token. For example, to make
an image point to a larger image in the same directory (the name of the
larger file starts with lg_ followed by the name of this smaller file,
such as lg_0001.gif and 0001.gif):
$sc_image_string_template =
'' .
'
';
Cookies now last longer, cart expiration is independent of cookie
expiration (cart is emptied if it expired even if cookie identifies them
as owning the cart.) This is important for customer recognition module
that could be added later on.
Custom libraries now must end in .pl or they will not be loaded (case
insensitive.)
To make it easier to use the manager's image upload option, it is
suggested to use the product number as the basis for the image name, and
use the name of the standard file as the basis for larger and smaller
versions of that image. Something like this might work well:
0001.gif (Standard)
lg_0001.gif (larger view)
sm_0001.gif (small view)
Only the standard one is "required" so to speak, although you really never
have to display any images. The smaller one is a suggestion, if desired,
for the display on the cart view pages. The larger one is used by some
customers as well for clicking on the image display on the product display
pages to view a larger version. By keeping all image files in the same
directory the manager image upload works well for multiple images.
The agorascript in the sample store no longer shows the cart contents upon
return from a payment gateway.
Payment gateway responses now routinely prevent re-direct mechanism from
acting.
Required additional database routines added.
***************************************************************************
Version 3.2n
(23-AUG-2000)
"Bug fix" (enhancement) of 3.2m, handles old-style order form validation.
Added option in PGP to convert newlines.
***************************************************************************
Version 3.2m
(22-AUG-2000)
Fixed some static page code, added %%item_ordered_msg%% token to the
header/footer routine. Split out the $sc vars in the agora.setup.db
library for that token as well.
Changed Order libraries so that they do not each have the "redundant" sub
display_calculations. Enabled agorascript on the order form. Enabled the
possibility of secondary payment gateways with a hidden field on the order
forms called "gateway", and the codehook "printSubmitPage".
Fixed the cart id code in the event that a static page is loaded first.
NOTE: Due to extensive changes in gateway libraries, it might be a good
idea to be ready to restore old files easily as there is a chance things
may not work perfectly ;)
You may now change settings other than the "primary" gateway by invoking
the manager's gateway settings screen with the gateway= parameter using a
URL such as:
.../protected/manager.cgi?gateway_screen=yes&gateway=PayPal
(where ... is the rest of the path to your manager's protected directory.)
If you have previously written custom gateway code then you probably
should add the hidden field "gateway" to both the order form and the
gateway settings update screen form.
To enable secondary payment gateways: see the "combo" sample order form
in the html/main directory, and make the HTML you develop follow that
format. It is OK to use image buttons here if you know how. The order
form of your "primary" gateway is the default order form loaded, put your
"combo" order form HTML code there. Then place your secondary gateway
"order" lib file(s) in the store/custom directory so they will be
auto-loaded.
***************************************************************************
Version 3.2l
(19-AUG-2000)
Fixup of LWP call in USPS API. PayPal update. Now caches the productpage
.inc files, less I/O. Can optionally not replace the FORM tags on the
order form, allows multiple gateways coding to go a little smoother.
Two new HIDDEN fields in Offline library that save vals without monetary
symbol:
PLAINAMOUNT (grandtotal)
SUBTOTALAMT (subtotal)
***************************************************************************
Version 3.2k
(12-AUG-2000)
Changed the FORM and CENTER tags on orders to be in the right order.
Fixed the iTransact lib to close out the FORM tag. Also added the
sub "call_exit" instead of just using "exit" so that various closes
and lock releases can be done automatically upon exit.
3.2k is the first version that allows for the addition of other payment
gateways without the need to modify any standard code. Just by using
manager "custom" and standard "-order_lib" libraries agora can
recognize the library and add it to the standard list of available
gateways.
***************************************************************************
Version 3.2j,3.2ja:
(08-AUG-2000)
Updated the UPS code for the new (Jan 2000) API. Also, removed the USPS
"free" code as it cannot be used reliably. FEDEX still doesn't work
right, that is next on the list.
The manager reminds somebody who is upgrading the manager to use to a
gatewy not previously offered that there are example order forms and user
libraries available.
Fixed bug in PayPal setup in manager.cgi.
3.2ja: FEDEX fix and addition of codehooks.
***************************************************************************
Version 3.2i:
(06-AUG-2000)
PayPal now sends admin eamil before going to PayPal site.
***************************************************************************
Version 3.2h:
(05-AUG-2000)
Added codehooks and changed "process_Order" sub names for gateways to
help allow multiple gateways. Fixed the unlink of capture files bug.
***************************************************************************
Version 3.2g:
(04-AUG-2000)
Added PayPal payment option.
***************************************************************************
Version 3.2f:
(03-AUG-2000)
Fixed AuthorizeNet problem with tainted variables on return, plus made
the code use the Secure Store Header and Footer routines so that secure
images may be displayed more easily.
***************************************************************************
Version 3.2e:
(02-AUG-2000)
Bugfix on shipping info, SBW module was broken if shipping field was
not displayed on the cart! Previously reported but elusive until now.
Added ability to take checks on Offline Processing Mode (experimental!)
***************************************************************************
Version 3.2d:
(31-JUL-2000)
Added a few codehooks for future use. (Not a bugfix)
***************************************************************************
Version 3.2c:
(21-JUL-2000)
Fixed FORM tags in Offline library.
***************************************************************************
Version 3.2b:
(15-JUL-2000)
Added the %%StoreHeader%% and %%StoreFooter%% tokens for static pages.
Also added the %%item_ordered_msg%% token for controled placement in
static pages. Recursive nature of agorascript enhanced by making
&capture_STDOUT and &uncapture_STDOUT recursive.
Database search routine now returns just the keys to the items to be
displayed. This will help implementation of databases other than the
flatfile currently in use.
***************************************************************************
Version 3.2a:
(05-JUL-2000)
Minor cosmetic changes, plus the cart "fakes it" on page reloads. Added
the $sc_standard_head_info variable to allow HTML HEAD info added
throughout the store "fly" generated pages. (Loaded HTML pages are not
changed by this vaiable.)
***************************************************************************
Version 3.2:
(04-JUL-2000)
As of version 3.2, there is a new way to display cart contents. If the
system detects display_cart=1 (or dc=1) in the URL or in POST form data
then the cart will be displayed. Formerly syntax such as
View Cart
was used to view the cart. With the simplified view cart code it becomes
View Cart
This simplifies the HTML and prevents false error messages about reloaded
pages.
--
Added code for USPS (login id required) and FedEx cost lookups.
Changed the totals display to be tabular instead of "unaligned/centered."
Added response code checking in AuthorizeNet library. The cart contents
are dumped if card is rejected, left alone if an error occured such as
"try back later" and normal processing for normal orders. (UNTESTED!)
Changed code to further the efforts to place unique cart modifiers for
each link generated.
Moved more messages to the agora.setup.db file.
Changed the sample store to have "select list" for shipping instead of
radio buttons.
***************************************************************************
Version 3.1c:
(23-JUN-2000)
Fixed a couple bugs with carts and with Linkpoint. Added code to attempt
to check if a page is re-loaded inappropriately. Updated the database
routines to allow non-numeric item keys. Put the file "commando.ok" in
by default.
***************************************************************************
Version 3.1b:
(19-JUN-2000)
Disabled COMMANDO option by default, the file commando.ok must be present
in the "protected" directory in order for this option to be turned on.
***************************************************************************
Version 3.1:
(15-JUN-2000)
Added ability to load custom libraries of arbitrary names in the custom
directories of agora.cgi and manager.cgi.
Added Linkpoint gateway library and order form.
Changed the wrapper programs to be more user friendly, in the event that
they may be needed.
Added the "commando" function in the manager that allows non-interactive
Unix commands to be executed from the manager program. This command
opens things up a bit, it is very important to keep your ./protected
directory password protected!
Re-vamped the manager screens for entry/edit of products.
The database routines have been moved to the agora_db_lib.pl and the
database-lib.pl libraries and out of the manager for the most part.
Hopefully this will make it easier to implement mySQL or another database
engine. Previously, the manager and it's libraries had a lot of code for
adding, editing, deleting entries.
The manager now allows saving of database records as a new ID as well as
setting the ID number for new records.
The database now "pads" the keys with leading zeros. This is helpful for
sorting purposes. If you do not like this feature, then set padding to
zero in the agora.setup.db file. To pad the current entries, use the
"update tags" feature in the manager database functions. By default,
padding is set to 4 (great for 0 - 9999 products.)
Agorascript is now recursive. If you use it to load a file that has
agorascript within, that script will be run as well! (Formerly, if
a -pre agorascript loaded a -post agorascript, that would be run.)
Extra Tax routines have been added, but not yet placed in the manager.
They are only useful for Offline processing at this point, not added to
the other libraries.
Fixed searching with multiple words.
Fixed %%gateway_username%% substitution bug.
May now enter a zero quantity to delete an item. If a negative or plus
sign is used, then then "math" is done so that number is added to old qty
value.
***************************************************************************
Version 3.0v:
(01-MAY-2000)
Bug fix for 3.0u
***************************************************************************
Version 3.0u:
(30-APR-2000)
Added these tags to AuthorizeNet Library:
Added ability to view and clear error log in the manager.
Fixed-up the custom shipping logic processing to have better error
handling.
Updated and patched cgi-lib.pl to hopefully fix an MSIE 5.01 bug.
***************************************************************************
Version 3.0t:
(21-APR-2000)
Added ./custom directory and auto-loading code for the custom library
./custom/custom-lib.pl if it is present at startup.
Installed "custom shipping logic" mechanism that may optionally be
coupled to libraries in the ./custom directory.
***************************************************************************
Version 3.0s:
(14-MAR-2000)
Added diagnostic message for PGP library, if it returns no data the
message is placed in the error log (or displayed in debug mode).
***************************************************************************
Version 3.0r:
(09-MAR-2000)
Fixes the ".htaccess" bug in manager.cgi and changed code to format
prices of options a little better. Minor fixes to iTransact library
and "handling charge" in the manager.
***************************************************************************
Version 3.0q:
(07-MAR-2000)
Security update, verifies PGP signatures from iTransact responses.
***************************************************************************
Version 3.0p:
(05-MAR-2000)
Added code to allow browsers that NEVER check for an updated page to be
forced to do so for our code.
***************************************************************************
Version 3.0o:
(02-MAR-2000)
Minor bugfixes. Added a "searchpage.html" page that comes up if a search
is requested but no fields are filled in. If the page is not there, then
all items are displayed.
***************************************************************************
Version 3.0n:
(02-MAR-2000)
Fixed bug in "verification" file checking. Also, added options for
specifying whether to multiply by quantity on "Cart Display". Be sure to
re-run the manager and setup "Cart Display" to be the way you want it!
***************************************************************************
Version 3.0m: (3.0l not released)
(25-FEB-2000)
Added file html/empty_cart_footer.inc, if the file is there and qty is
zero it will be used instead of html/cart_footer.inc file.
Auto-redirect does not happen if ordering is in progress (bugfix).
Fixed pointers to www.agoracgi.com, the script's new home!
***************************************************************************
Version 3.0k:
(24-FEB-2000)
Minor diagnostics added.
***************************************************************************
Version 3.0j:
(23-FEB-2000)
Automatic redirection to the "correct" server address, helps with cookies
and the HTTP_REFERRER code.
Added META tags to prevent cart display from being cached at the browser.
Added a verification file to prevent accidental re-submission of orders as
well as verify the prices, hackers now have a MUCH harder time defeating
the system. (Only implemented for Offline orders at the moment.)
Added a hack so that "blank" searches return the entire database by
preserving "search_request_button" in state routines.
***************************************************************************
Version 3.0h,i:
(20-FEB-2000)
Minor agorascript additions to assist with debugging and error recovery.
Also, now the Bill-to zip is used if the Ship-to zip is not filled out for
UPS calculations. Changed the Offline order form state fields to default
to blank to help with this as well.
***************************************************************************
Version 3.0g:
(20-FEB-2000)
Minor changes, put the --cut here--<\/h3> tokens in the header,
footer, and productPage.inc routines. Fixed the cart name error.
***************************************************************************
Version 3.0f:
(20-FEB-2000)
Minor changes.
***************************************************************************
Version 3.0e:
(20-FEB-2000)
Added a feature to allow multiple instances of keywords= or product=
in URL or FORM data. Also, added shortcut of p= and k= to represent
product= and keyword=, respectively.
Fixed a lil manager.cgi bug with incorrectly saying there is no .htaccess
file when there actually is one!
Added the &capture_STDOUT and &uncapture_STDOUT routines for use in
agorascript (PERL inside your HTML and .inc files). See the file
agorascript.txt in the DOCS directory for more information on using it.
Changed the shopping cart names so they now say _cart at the end instead
of just having a number. The orginal code attached ".cart" at the end,
then stripped it off using regular expressions.
Untainted $cart_id and fixed a potential problem with accidently using
cart_id= more than once in a form.
***************************************************************************
Version 3.0d:
(19-FEB-2000)
Patch applied to prevent the program from reaching a lock-up condition
if the Socket.pm module is not present with PERL. The http-lib uses
it, and would failed to load, thus disabling the manager and agora.cgi
programs.
Fixed what seemd to be a bug with showing exactly what was in the
agora_user_lib.pl immediately after an update.
***************************************************************************
Version 3.0c:
(18-FEB-2000)
Disabled the browsing of pages outside the specific directory for product
pages. With "agorascript" and other files, it is important to only
execute and display pages exactly where they are located. Version 3.0b
has only been released for a few hours and not yet announced to the
mailing list, but since it was there for download we have assigend a new
version number.
Fixed bug from 3.0a, in agora_html_lib.pl, there is a stray semicolon
after the variable $sc_product_display_footer (it only appears once in
that file, easy to file without upgrading if so desired.)
Anyone running 3.0b should upgrade to 3.0c if:
1) running agorascript or
2) using an HTML-based store without valid database entries to verify the
processing of product orders
Otherwise, no compelling reason to upgrade.
Finished reorganizing the libraries, eliminating several and instead
placing their contents in other directories. The libraries removed form
the /library directory are:
database-lib.pl (moved to /protected directory
store_admin_actions.pl (moved to /protected directory
store_admin_html.pl (moved to /protected directory
special_library.pl (mostly moved to agora_html_lib.pl)
agora_subs.pl (mostly moved to agora_html_lib.pl)
The define_shipping_logic routine was moved to the shipping_lib.pl
The manager was changed so that descriptions were on the left, and the
variables/textboxes are on the right. In the add/edit of products, the
description was moved up so it is before the user defined fields.
There is an agorascript example in the hmtl-templates directory called
productPage-agorascript_example.inc and displays the database contents in
a somewhat raw form. To see it work in the sample store, type in:
agoracgi?keywords=html&ppinc=agorascript_example
The contents of productPage-agorascript_example.inc are:
|
|
Notice the PERL is enclosed in the ""
delimiters. The value of $str is incorporated into the HTML in place of
the script at run time.
***************************************************************************
Version 3.0b:
(17-FEB-2000)
On-The-Fly Page Generation:
---------------------------
New features in 3.0b include multiple levels of on-the-fly page
generation. If there is a field named "ppinc", then the value is used
to search for the proper productPage.inc file. If the syntax used is:
In that script, the string returned is the token %%cart_id%%, not its
value, because it was executed before the substitutions were made (the
-pre part of the script header specifies that.) However, after the script
has run, the token %%cart_id%% is not embedded in the working version of
the HTML. The token will be substituted for it's actual value for display
purposes in the next step of processing. So, if need the value of the
cart, product number, category, etc. inside the script, you would want to
run the script after the substitution. Also, the global values of
$my_string and $test_val were altered. To have your own local variables,
it is easy enough to declare them as local.
Now consider this example:
The -post part of the script header tells agora.cgi to run it after
substitution of %% tokens. This script will return the value of the
$my_string, which is the actual value of the cart_id for this session. Of
course this is a lot of work to get just the cart_id, but the
possibilities for customization are almost unlimited.
For safety, if you need global variables to store information between
invocations of such scripts, it is suggested that you use variables that
begin with $ags_ (such as $ags_been_here) simply because no variables
appear in the agora.cgi package that begin that way.
***************************************************************************
Version 3.0a
(12-FEB-2000)
First RELEASE of the renamed agora.cgi software. Previously it was
known as Commerce.cgi 2 beta UPS "Deluxe" version.