[ic] Problems/bugs with admin interface 4.8.1

Level 1 System Administrator interchange-users@interchange.redhat.com
Sat Sep 15 01:22:00 2001


	Hi everyone,

	We've been working on Interchange to provide it as part of an ecommerce
	package for our customers.

	We've run into some little problems with the admin interface.

	Here's a test installation:

	http://216.65.43.10/interchange_sample/

	The demo works just fine. No problems there. However, there are some minor
	URL problems on the admin interface.

	If you click on "admin interface", you are taken to:

	http://www.thisisatestfrompeter.com/cgi-bin/ic/admin/login?mv_session_id=skRrRg2w&mv_pc=7&destination=admin%2findex, 
http://www.thisisatestfrompeter.com/cgi-bin/ic/admin/login.html

	If you check the URL, you'll see a blank space before the final URL. On 
IE, that's no problem,
	as IE replaces it with a %25 code. On other browsers, like Netscape, it 
will go to the URL with the
	blank space, which will cause a server error. Eliminating the blank space 
solves the problem.
	
	If you go the right URL, you can obviously see a problem with the images. 
They point to
	/interchange/en_US/, which, well, don't exist. It wasn't set up 
(variable.txt points to /ic/images, not
	/interchange/en_US/).

	If you try to log in, with user "thisis03" and pass "pass", you get the 
following error:

Sorry, the page 
(admin/index,http://www.thisisatestfrompeter.com/cgi-bin/ic/admin/login.html) 
was not found

The requested page 
(admin/index,http://www.thisisatestfrompeter.com/cgi-bin/ic/admin/login.html) 
was not found. You can return to browsing our catalog, if you wish.

	http://www.thisisatestfrompeter.com/cgi-bin/ic/admin/login.html does exist.

	Here's some details on how I installed Interchange and this specific "store":

	- using source code: ./configure
	- then, to create a initial store so that interchange can run, I used 
makecat with default info.
	- started interchange su -f -c "/usr/sbin/interchange/bin/interchange -r 
-u" interch
	- then dir another makecat:
		./makecat thisis03
		--servername=www.thisisatestfrompeter.com
		--demotype=foundation
		--permtype=M
		--catuser=thisis03
		--interchangeuser=interch
		--mailorderto=orders@thisisatestfrompeter.com
		--catroot=/home/ct/catalogs/thisisatestfrompeter_com_125092
		--cgidir=/home/users/t/thisisatestfrompeter.com-28513/public_html/cgi-bin
		--cgiurl=/cgi-bin/ic
		--documentroot=/home/users/t/thisisatestfrompeter.com-28513/public_html
		--samplehtml=/home/users/t/thisisatestfrompeter.com-28513/public_html/ic
		--imagedir=/home/users/t/thisisatestfrompeter.com-28513/public_html/ic/images
		--imageurl=/ic/images
		--linkmode=unix
		INET or UNIX mode? unix
		Do you use CGIWRAP or SUEXEC? n
		Your company name: ...............................My Store
		Sample data type?: ...............................reports
		Set to 1 if you want to use MySQL, PostgreSQL, Oracle, or DB2: ..
		Account name that will control this catalog: .....thisis03
		Administrative password: .........................pass
		Set to 1 to display demo helper features in your store: ..1
		run "sh /home/ct/catalogs/thisisatestfrompeter_com_125092/config/makedirs"? y
		run "sh 
/home/ct/catalogs/thisisatestfrompeter_com_125092/config/installsample"? y
		Add catalog to interchange.cfg? y
		Add catalog to server running on PID 18149? y

	And that's it... I've included catalog.cfg at the bottom. A but? Or 
perhaps something
	that I just haven't yet discovered...?

	Any help will be greatly appreciated... if a developer helps, I'll make 
sure something
	ends up in your tip jar. :)

	Peter

	p.s.: thisisatestfrompeter.com is not real... it's IP is 216.65.43.10

	catalog.cfg:

#==========================================================================#

# catalog.cfg
# See the 'icconfig' document for details.

#==========================================================================#

# Read in initial variables from a database.
VariableDatabase variable

#==========================================================================#

# Allow a template to drop in some beginning config.
include etc/before.cfg

#==========================================================================#

# Warn if any important modules or usertags are missing.

Require module Digest::MD5    "Need %s %s for better cache keys."
Require module Safe::Hole
Require module SQL::Statement
Require module LWP::Simple

Require UserTag   email email_raw var loc table_editor button

#==========================================================================#

# Can send various files outside the catalog directory, for disk partition
# reasons, for example.

ParseVariables  Yes

ifdef LOGDIR
ErrorFile       __LOGDIR__/error.log
AsciiTrack      __LOGDIR__/tracking.asc
TrackFile       __LOGDIR__/usertrack
endif

ifndef LOGDIR
AsciiTrack      logs/tracking.asc
TrackFile       logs/usertrack
endif

ifdef CACHEDIR
SessionDatabase __CACHEDIR__/session
ScratchDir      __CACHEDIR__/tmp
endif

ifndef CACHEDIR
SessionDatabase session
ScratchDir      tmp
endif

#==========================================================================#

# Database setup

ParseVariables  Yes

ifndef SQLDSN
Variable  SQLDSN
endif

ifdef MYSQL
include dbconf/mysql/mysql.cfg
endif

ifdef PGSQL
include dbconf/pgsql/pgsql.cfg
endif

ifdef ORACLE
include dbconf/oracle/oracle.cfg
endif

# Default DBM if nothing else defined
ifndef SOME_DATABASE
include dbconf/default_db/default_db.cfg
endif

ProductFiles   products

#==========================================================================#

# The URLs which are written to refer back to our catalog.

ParseVariables  Yes

VendURL    http://__SERVER_NAME____CGI_URL__
SecureURL  __SECURE_SERVER____CGI_URL__

ifndef SECURE_ENABLE
SecureURL  http://__SERVER_NAME____CGI_URL__
endif

# Set the image path for relative images
ImageDir          __IMAGE_DIR__/
ImageDirInternal  http://__SERVER_NAME____IMAGE_DIR__/

#==========================================================================#

# Here we set up the catalog theme.

ParseVariables Yes

ifndef STYLE
Variable STYLE default
endif
include templates/__STYLE__/theme.cfg

#==========================================================================#

# Last locale specified is the default.
Locale          en_US LC_CTYPE C
LocaleDatabase  locale

#==========================================================================#

# Various catalog settings.

ScratchDefault  mv_add_dot_html   1
ScratchDefault  mv_no_session_id  1
ScratchDefault  mv_no_count       1

SpecialPage  catalog  index
SpecialPage  report   ../etc/report
SpecialPage  receipt  ../etc/receipt

# Allow others in our group to read/write files by default
ReadPermission  group
WritePermission group

# If a specific user session accesses our catalog more than this many times
# in a 30-second time period. If the limit is exceeded, the LockoutCommand
# (if set) is executed. Set this to 0 if you're getting links to 127.0.0.1
# during your testing.
RobotLimit  100

# Sets Interchange to not parse <BODY MV="body 1"> and other tags within
# HTML tags. Use [pragma no_html_parse 0] to enable on an individual page.
Pragma  no_html_parse

# Strip whitespace from top of pages so you don't have to scroll down
# before the HTML starts when doing 'view source' in a browser.
Pragma  strip_white

#==========================================================================#

# User session related settings.

# Whether to encrypt passwords in UserDB
# We usually don't for users, so we can mail them their password
# We DO in admin, that is set in catalog_after.cfg
UserDB    default    crypt         0

# Change a field to something that doesn't conflict in MySQL
UserDB    default    time_field    mod_time

# Don't want people setting their credit limit or dealer status directly
UserDB    default    scratch       "dealer price_level credit_limit"

# minimal login stuff for affiliate
UserDB    affiliate  user_field    affiliate
UserDB    affiliate  database      affiliate
UserDB    affiliate  time_field    none
UserDB    affiliate  crypt         0

# Set this to No if you don't want auto-login capability for users
CookieLogin  Yes

#==========================================================================#

# Cart, order, and route settings.

ParseVariables  Yes

ValuesDefault   country      __SHIP_DEFAULT_COUNTRY__
ValuesDefault   mv_shipmode  __SHIP_DEFAULT_MODE__
DefaultShipping __SHIP_DEFAULT_MODE__

MailOrderTo     __ORDERS_TO__

AlwaysSecure    ord/checkout login change_password

## Set this if you have a different secure server
#AlwaysSecure   order ord/checkout ord/basket login change_password process

PriceField      0
CommonAdjust    :sale_price, ;:price, ;$, ==:options

EncryptKey  __PGP_KEY__

# This prevents a user from setting this value, you may want to unset
# this if you have user-selectable handling charges like insurance
FormIgnore   mv_handling
#
#

# Along these lines further, for better integrity and less chance of a
# user screwing up your order routes:
# Note that __ORDER_ROUTES__ is empty by default, default Route "default"
# is used with cascades
FormIgnore      mv_order_route

## This route places the order entry in the database. If you don't
## have an inventory table (or a userdb table for that matter) make
## sure you remove it from the list of "transactions" tables.

Route log  <<EOF
         empty        1
         encrypt      0
         increment    0
         report       etc/log_transaction
         supplant     0
         track        logs/log
EOF

## This route places the order entry in the database when you are
## entering an order from the admin. See above.
Route log_entry  <<EOF
         empty        1
         encrypt      0
         report       etc/log_entry
         supplant     0
         track        logs/log
EOF

ifdef TRANSACTION_TABLES
Route log       transactions '__TRANSACTION_TABLES__'
Route log_entry transactions '__TRANSACTION_TABLES__'
endif

## This route copies the user if they requested that. We don't
## care (much) if it fails, so error_ok is set and failure will
## not cause the order to fail
Route copy_user  <<EOF
         empty        1
         error_ok     1
         encrypt      0
         increment    0
         report       etc/mail_receipt
         supplant     0
         track        logs/log
EOF

ParseVariables Yes
## This route emails the order to you unless email is set to "",
## and failsafe-logs the order report a couple of places
Route main  <<EOF
         attach            0
         credit_card       1
         default           1
         email             '__ORDERS_TO__'
         encrypt           0
         errors_to         '__ORDERS_TO__'
         pgp_cc_key        "__PGP_KEY__"
         pgp_key           "__PGP_KEY__"
         receipt           etc/receipt.html
         report            etc/report
         supplant          1
         individual_track  orders
         track             logs/tracking.asc
EOF

# Order routes can be maintained in a database
# CHANGES TO THIS WILL OVERRIDE THE ROUTES ABOVE.
RouteDatabase   route

# Default route is run if no routes set, this should be last Route
# always
Route   default   master          1
Route   default   cascade         "log main copy_user"
Route   default   empty           1
Route   default   supplant        1
Route   default   email           '__ORDERS_TO__'

## Uncomment this if you want Routes read dynamically from DB
#Route   default   dynamic_routes  1
## Uncomment this if you want ITL allowed in routes
#Route   default   expandable      1

## These routes are not order routes, but payment routes
Route  authorizenet  id           "__AUTHNET_ID__"
Route  authorizenet  secret       "__AUTHNET_SECRET__"
Route  authorizenet  host         "__AUTHNET_HOST__"
Route  authorizenet  referer      "__AUTHNET_REFERER__"

Route  cybercash     configfile   "__CYBER_CONFIGFILE__"

Route  itransact     id           "__ITRANSACT_ID__"

Route  signio        id           "__SIGNIO_ID__"
Route  signio        secret       "__SIGNIO_SECRET__"
Route  signio        partner      "__SIGNIO_PARTNER__"
Route  signio        vendor       "__SIGNIO_VENDOR__"
Route  signio        host         "__SIGNIO_SERVER__"

Route  skipjack      id           "__SKIPJACK_ID__"
Route  skipjack      partner      "__SKIPJACK_PARTNER__"


SalesTax        __TAXFIELD__
TaxShipping     __TAXSHIPPING__
SeparateItems   Yes

OrderCounter    etc/order.number
OrderLineLimit  200
OrderProfile    etc/profiles.order etc/profiles.login etc/profiles.misc

#==========================================================================#

# Static page build settings.

NoCache  <<EOF
         admin
         login
         account
         logout
         config
         multi
         ord/basket
         ord/checkout
         query
         reconfig
         special
EOF

Static        __CATALOG_STATIC__
StaticLogged  __LOGGED_STATIC__
StaticAll     Yes
StaticDBM     static
StaticDepth   2
StaticDir     __SAMPLEHTML__/pages
StaticFly     Yes
StaticPath    __SAMPLEURL__/pages

#==========================================================================#

ifdef UI_TRAFFIC_STATS
TrackFile __UI_TRAFFIC_STATS__
endif

# Deal with customer click history. For example, after adding an item to
# the cart, the user can return to a specific search results page.
History 10
UserTag history-scan Order find exclude default
UserTag history-scan addAttr
UserTag history-scan Routine <<EOR
my %var_exclude = ( qw/
         mv_credit_card_number 1
         mv_pc                 1
         mv_session_id         1
/);
sub {
         my ($find, $exclude, $default) = @_;
         my $ref = $Vend::Session->{History}
                 or return $Tag->area($default || 
$Config->{SpecialPage}{catalog});
         my ($hist, $href, $cgi);
         $exclude = qr/$exclude/ if $exclude;
         for(my $i = $#$ref; $i >= 0; $i--) {
                 #Log("checking $ref->[$i][0] for $exclude");
                 next if $ref->[$i][0] eq 'expired';
                 if ($exclude and $ref->[$i][0] =~ $exclude) {
                         next;
                 }
                 if($find) {
                         next unless $ref->[$i][0] =~ /$find/;
                 }
                 ($href, $cgi) = @{$ref->[$i]};
                 last;
         }
         return $Tag->area($default || $Config->{SpecialPage}{catalog})
                 if ! $href;
         my $form = '';
         for(grep !$var_exclude{$_}, keys %$cgi) {
                 $form .= "\n$_=";
                 $form .= join("\n$_=", split /\0/, $cgi->{$_});
         }
         return $Tag->area( { href => $href, form => $form} );
}
EOR

# Allow delivery of soft goods (downloadable files).
ActionMap  deliver   <<EOR
sub {
         my $deliverable = shift;
         $Scratch->{deliverable} = $CGI->{mv_arg};
         $CGI->{mv_nextpage} = 'deliver';
         if(! $Session->{username} and $CGI->{mv_username}) {
                 $Tag->userdb('login');
         }
         return 1;
}
EOR

# Allow customers to have their passwords emailed to them.
ActionMap  get_password   <<EOR
sub {
         $Config->{NoSearch} = '';
         $CGI->{mv_nextpage} = $CGI->{mv_search_page} = 'action/get_password';
         $CGI->{mv_todo} = 'search';
         $Tag->update('process');
         return 1;
}
EOR

#==========================================================================#

# Allow a template to drop in some ending config.
include etc/after.cfg

#==========================================================================#