Yesterday I came across a very strange zen cart failure. What happened was that on a dev site the payment options JavaScript validation was broken and the payment selection form was submitted without any checking.

Now, that is not that bad – I am sure that will happen in real live quite often. However, the page I was redirected to was completely broken (blank).

The url looked something like this:

index.php?main_page=checkout_payment&payment_error=usaepay_api&error=The+credit+card+number+starting+with++was+not+entered+correctly,+or+we+do+not+accept+that+kind+of+card.+Please+try+again+or+use+another+credit+card.&usaepay_api_cc_owner=me&usaepay_api_cc_expires_month=01&usaepay_api_cc_expires_year=10


As you can easily see from the url, the selected payment module was USA ePay but other modules will be affected too.  After some digging I noticed a strange response header: 406 Not Acceptable.

And soon enough I found that in application_top.php a very long list of $GET parameters is checked for urls and also length. Turns out that the allowed max. length is not 42 or 44, but exactly 43. Not sure why 43 is more secure than 44, but that is beside the point.

Does this mean it is not advisable to use those parameters as all? I don’t know, but on the other hand putting error messages into the url is not really necessary anyway.

Either way, something to be aware of and keep in mind should you ever have unexpected blank pages after a redirect…

Somehow, today, I started experimenting with integrating zen cart admin pages into the new ZenMagick admin UI.

While the master plan is to re-implement all required features rather than reuse, it would still be nice to have a complete interface without having to switch back and forth.

Instead of trying to describe what it looks like, check for yourself:

Seeing that I have missed a couple update reports lately I figured it doesn’t really matter when exactly I do write this one

The last couple of days have been rather unproductive, in particular since having zenmagick.org down meant that chat was also down. Let’s hope this never happens again. The status of the domain changed back to active, so I hope it will be over really soon.

Before going downhill things have been exceptionally good. Most of the visible (not right now, of course) progress can be seen on the wiki. Lots of new pages and especially two pages about:

• Blocks
  Blocks are kind of supercharged sideboxes. However, the concept goes far beyond that. Eventually it will be possible to place blocks anywhere on the page with either a simple custom HTML tag (kinda), or a simple method call. Once the wiki is back up, details may be found here: http://wiki.zenmagick.org/index.php/Dev::Template_Blocks
• Improved support for including/referencing css/js resources. There are plans to extend the current system with dependency checks, potentially support for versions (for example jquery version 1.42, etc)

Perhaps the best news is that a lot of this design work has been done as a discussion (of three people). Yes, that’s right. It looks like finally help is on the way

As far as actual work is invovled, a new admin page to manage templates has been added. This is the (extended) replacement of the current Zen Cart ‘Template Selection’ page. A positive side effect of this work is that there has also been a lot of cleanup around themes and how/where things are handled.

Right, so a few of you might have noticed that all zenmagick.org sites are currently down.

Some painful interruption of services, but hopefully things should be back to normal soon. Partly my fault, I guess, but also a combination of price increases on the side of the ISP and domain renewal. Add some not automatic payment (I think, all payments are normally done automatically) and you have a whole set of sites down, just because of about NZ$10.

Additionally, no word on when the domain will be restored. In fact, no response at all so far. I think should traffic increase some more I will have to seriously consider moving hosting again – sigh.

Not sure if everyone is following wiki changes, so I’ll just repeat here the last entry that has been made to the reference sites list (been a few weeks already):

Party Market Online
Party supplies/costumes – simple deployment of ZM, but stress-tests ZM code on a over-19,000 item catalog with 1000+ categories.

I have to admit that I am quite pleased with the final performance of this store. There are a number of levels of caching (page/template) using memcached and also a number of improvements/fixes to the category related code to make this work properly.