opencart-logo

OpenCart is reviewed by PledgedPlugins

Have you met OpenCart?

OpenCart is a free open source PHP based e-commerce platform licensed for both commercial and individual use. We have been following this platform for a long time and have seen it develop over the years in to a very pretty looking and powerful shopping cart. One of the first things that we loved about OpenCart is of course that it is open source. Secondly, we like that it is PHP and mySQL based.

Some features that will make OpenCart stand out from the competition:

  • Templates – Easily switch out templates to change the way your store looks.
  • Languages – OpenCart is multilingual right out of the box! OK, so there is no box.
  • MultiStore – OpenCart allows you to run multiple stores within one platform. This is a feature seen in only enterprise level shopping cart platforms like Magento.
  • Multiple Tax Rates – Flexible tax options so you can make sure the right amount of taxes are being charged based on customers location, etc.
  • Payment Gateways – There are a ton of payment gateways available to the new OpenCart user immediately after install. OpenCart also has a lot of payment gateways available on their extensions page. Pledged Plugins has made their share of OpenCart Payment Gateways as well.
  • Modules / Extensions – Like many other shopping cart platforms there are a lot of extensions available for download. We think this area is a little weak for the platform as we are not thoroughly impressed with the third party extension community.
  • Back end – OpenCart has a nice looking and very powerful Back end for even the most picky ecommerce store owners.
  • Fully SEO Optimized – This is a big deal for those of you who understand SEO.  OpenCart even has solid default SEO settings.
  • Sales Reports – OpenCart comes with effective sales reporting tools.
  • Business to Business (B2B) Functions – Another very powerful function that is typically only seen in enterprise level e-commerce platforms. You can set up customer groups, login in to display prices (great for wholesalers), and bulk discounting.
  • Guest checkout – Often frowned upon by shop owners, this is an option available within OpenCart. Guest checkout does have its applications and it is foolish for an e-commerce platform to disallow it as some do.

What are the requirements to run OpenCart? These are pretty standard requirements for any eCommerce platform — not too much to ask for here.

  • Web Server – Apache is highly recommended
  • PHP – 5.2+
  • Make sure CURL is enabled
  • Database – MySQLi is highly recommended

Overall, we are impressed with OpenCart as it is feature rich and performs well. The database it runs on stays pretty well maintained and does not slow down over time like a lot of the very popular shopping cart platforms.

 

XSS_Hackem

XSS Vulnerability affects many popular WordPress plugins

Sucuri recently released an article identifying an XSS vulnerability found in many popular WordPress plugins. The functions were add_query_arg() and remove_query_arg() which are popular functions used by developers as a way to add and modify strings / URLs within WordPress. The documentation found within WordPress Codex was rather misleading and unclear which may have caused the dangerous use of these functions.

Some common plugins which have been affected:

  • JetPack
  • WordPress SEO
  • All In One SEO
  • Gravity Forms
  • WP E-Commerce
  • WPT0uch
  • Download Monitor
  • Related Posts
  • Ninja Forms

There are sure to be many more that are not listed as Sucuri only listed from the top 300 downloaded plugins. It is highly recommended that you ensure that your WordPress platform and plugins are updated immediately.

Some other helpful hints to reduce your risk of exposure and exploitation:

  • Updates – Keep your plugins and all software updated.
  • Access Control – Protect your WP-Admin folder. Do not over use the administrative roles on your site. Be sure to use the appropriate user role. For instance, if you are not making administrative changes, do not use the administrative role.
  • Review – Review your (All of them) security logs.

 

WooThemes Coupon

WooThemes Coupon

It is February 2015 and time to really start working on some of our WordPress and WooCommerce projects. WooThemes has so many excellent extensions, plugins, and themes available that they are certainly a choice destination for purchasing things for our WooCommerce stores. The only problem is that a lot of these WooCommerce extensions and themes can get pretty costly. This is why millions of people are searching for WooCommerce coupon codes and WooThemes coupons every month. People are unknowingly typing in codes hoping to see some sort of discount on their cart in hopes of saving some money. This is very practical because WooThemes can be a very expensive place to shop.

Our only question is why would you just receive a small discount from WooThemes when you can get the same software with unlimited updates for only $5/month? By joining the Pledged Premium WordPress Club you will have unlimited access to all of the WooThemes products for only $5/month! That’s right – For a small signup fee and the ridiculously low price of $5/month you will have unlimited access to all of WooThemes themes as well as nearly all of their WooCommerce extensions.

PLEDGED-PREMIUM-SIDE

If you insist on paying a lot more money for WooThemes products, or if you need the support from them, then feel free to try the following WooThemes coupon codes. The following WooThemes coupon codes have been discovered and may work for your needs:

[box]Coupon Codes

20% Off: moz201401

30% Off: JOLLYGOOD

50% Off Flash Sale On All WooCommerce Extensions: WC500K

75% Off – Canvas for 75% off the price: standardtheme092013

40% Off 2012 Strategy: RETIRED

Save $25-$40 – 20% Discount on all standard and developers club licenses: 4E910B8

30% Off: WCSUB

30% Off Site Wide: HALLOWOON

50% Off Any Themes: WCEU

20% Off All WooThemes Products & Membership: 4EB0816

25% Off Sitewide: PEPPY

10% Off Sitewide: woo-g3

[/box]

Again, feel free to try these WooThemes coupons as some of them have been reported to have a decent success rate. As mentioned before, the only thing better than saving money on woothemes extensions using an woothemes extension coupon is saving using our WordPress club. People who have received a WooThemes discount are happy with the savings; however, the average savings is significantly less than our WordPress club which is contract free (meaning you can cancel whenever you wish).

 

woocommerce-logo

WordPress 4.0 and WooCommerce 2.2.2

We have updated our payment gateways for WordPress 4.0 and WooCommerce 2.2.2

WordPress has recently been updated to version 4.0 and of course WooCommerce quickly followed up with their newest version 2.2.2. Pledged Plugins is happy to announce that we have updated all of our payment gateways for WooCommerce to match the new WordPress and WooCommerce versions. All of our WooCommerce payment gateways are now WC 2.2.2 and WP 4.0 compliant. We have recommended that all customers please update by downloading the new version from their Pledged Plugins account when they have a moment. As always, the updates will be provided free of charge for the lifetime of the product purchased. Unlike most developers, we offer free unlimited updates and support. Please log in to your account today to download the latest version. Please note that older versions will still be available to download within your account should you need them. Please visit our support page should you have any questions or concerns.

authorize-net-logo

Authorize.net Gateway Errors

Authorize.net Payment Gateway Errors

There is a ton of resources available at the Authorize.net Developer Center for developers like us. If you have spent hours developing payment gateways like us you know the frustration that it can cause. We develop payment gateways for many different companies and various e-commerce platforms. We recently completed our Authorize.net Payment Gateway for WooCommerce and decided to share some information for other developers out there. Everything you find on this page is available on the web and specifically on the Authorize.net Developer Center website.  We will not get in to specific coding methods here — simply identify some of the more common programmatic errors you can encounter when developing a payment integration for Authorize.net.

Firstly, it is worth mentioning that there are a ton of pre-made integrations for many different platforms available. We always recommend looking for available plugins and extensions before coding your own custom one as that method is certainly always going to be cheaper. For instance, we offer the Authorize.net for WooCommerce plugin for only $29. This simple $30 plugin will save you 100s of hours developing a plugin for WooCommerce.

Responses from Authorize.net

Response Code 1: Approved
Response Code 2: Declined
Response Code 3: Error
Response Code 4: Held for Review

Response Subcode: Internal tracking only. Obsolete.

Basic Responses
Response Reason Code 1: Approved transaction
Response Reason Code 2, 3: Declined Transaction
Response Reason Code 4: Declined Transaction – Pick up card

Validation Errors
If you are getting errors at this level you may need to further develop your validation techniques. Validation errors at this level should not be getting ‘caught’ by any payment gateway.
Response Reason Code 5: Valid amount required — usually this means you submitted the wrong format
Response Reason Code 6: Invalid credit card number. If you are getting these you definitely have a validation error in your code. Typically you want to have a card fully validated prior to sending for approval.
Response Reason Code 7: Invalid expiration date. Again, definitely a validation error within your code. You should always validate this prior to submitting to Authorize.net
Response Reason Code 8: Expired Card. Again, validation errors like this can all be prevented by validating prior to submission.

Common (Validated) Errors:
Response Reason Code 13: The merchant API login is not valid. This one is important because if your script worked in the past but no longer works than it could be because your account is no longer valid.
Response Reason Code 14: Relay Response / Referrer URL does not match. This is a very common programming issue especially with poorly configured shopping carts / payment gateways. It is important that the x_relay field is properly configured to match your shopping cart / payment integration method.

vulnerable

Thousands of WordPress websites affected by MailPoet vulnerability.

A recent vulnerability was identified within the popular MailPoet WordPress Plugin. The security group Sucuri.net identified the exploit that allows an attacker to remotely upload any file to the vulnerable website with no authentication in place to prevent it. This is threatening vulnerability by a very popular WordPress plugin (over 1,700,000 downloads). See article.

This is a major threat because an attacker would be able to upload any kind of executable file which he or she could use for any purposes. It has been reported that servers were sending SPAM, hosting malware, phishing for passwords, and also infecting other hosting customers on shared servers.

The security group’s team discovered this vulnerability when performing services and disclosed it to the MailPoet team who then responded by immediately releasing a patch for the popular software. The security group recommends that developers do not use the admin_init() or is_admin() functions as an authentication method. More details can be found on the WordPress Codex website.

While simple counter measures could be used to prevent this from happening with any software, most webmasters just don’t protect themselves. For instance, something as simple as setting the most basic file permissions across your website directories could prevent vulnerabilities like these from being a threat. If you run this plugin on your website it is very important that you upgrade immediately. At the time of this writing 2.6.7 is the only known version to be safe for use.

This is another reminder of why it is important to always make sure your websites are buttoned down and to be mindful of the plugins that you download and install for your websites. Please be reminded that all Pledged Plugins products follow the best practices for various web applications and we always develop our software with a security first mindset.

woocommerce-logo

WooCommerce Payment Gateways

The amazing developers over at WooCommerce, like any other product development team, have a lot on their plates. They are constantly developing this amazing product so that it can be used (mostly, free of charge) by many. Kudos to the developers, as always. In this industry there are a lot of ways to accept credit cards online since it is such a crucial part of the business. There are a lot of companies that provide merchant account services and lots of companies that provide payment gateway services. Since developing a shopping cart platform involves so much other work, it is impossible to ensure that the platform accepts every single payment gateway available.

Over the years, we have had a lot of our clients request custom payment gateway integration for this platform or that platform with this gateway or that gateway. We learned quickly that there is deifnitely a need for this service. A major part of Pledged Plugins business is to provide this integration for our customers. We make it easy for customers to install the payment gateway integration they need for their shopping cart platform of choice by simply making a plugin for it.

Go ahead and visit our payment gateway plugin page and see what plugins we have available for your WooCommerce or other shopping cart platform. If you do not see a plugin for your payment gateway / e-commerce platform please put in a request so we can produce one for you.