| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
#151
|
|||||||
|
|||||||
Re: X-Cart 4.6 released
there is bug that the register.php do not lockpad because there are insecured url like css and script in var/cache, they can be found in register.php:
<link rel="stylesheet" type="text/css" href="http://www.iphonecasestudio.com/var/cache/1.5be5c1dcd7369459527c2673274386b9.css" /> <script type="text/javascript" src="http://www.iphonecasestudio.com/var/cache/1.009217382cf016b48187804a6b8782e0.js"></script> when i turn off in Optimization settings: Use speed-up tool for Javascript & Use speed-up tool for CSS then it gone and only leave the favicon and canonical the insecured http: do not exist, so please fix the bug thanks albert
__________________
X-Cart Gold 4.6 |
|||||||
#152
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
UPDATE TO MY POST #150: My host said their server is doing fine. It is the latest Apache and I don't need that device urandom! It is integrated in kernel. They suggested to contact Qualiteam to update their code from old dev/urandom to our days code (I don't understand what this really means).
About dev/urandom versus dev/random I read many web resources. Here are a few: - http://linux.about.com/library/cmd/blcmdl4_urandom.htm - http://en.wikipedia.org/wiki//dev/random For sure I need a point of view from Qualiteam about this issue. Interesting in Windows there is other procedure to get random numbers generated.
__________________
X-Cart Next: Business 5.2 (learning and testing) X-Cart Classic: Gold and Gold Plus 4.7 Lots of Modules and Customizations OS in use: Red Hat Enterprise, Fedora, CentOS, Debian, Ubuntu, Linux Mint, Kali Linux Ideas for Server configuration (basicaly): Nginx/Pound (reverse proxy), Apache/Nginx (webserver), Squid/Varnish (cache server), HHVM or (PHP-FPM + PHP 5.6 + opcache), MariaDB/Percona MySQL Server, Redis (storing sessions) You can catch my ideas here: http://ideas.x-cart.com |
|||||||||
#153
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
Quote:
First of all, you're referring to a file which is not used directly. We use function from extended class, which code is Code:
Generally, this function is used to create random numbers used to in cryptographic hashes for sensitive data. Usual random numbers are not actually "random" and are not suitable for such operations, so we need to use special commands to get cryptographic random numbers. One of them (and preferred) is an "openssl_random_pseudo_bytes" - seems that your host doesn't allow it. Alternative for it is reading from "dev/urandom" - and it seems that your host doesn't allow it as well. Third - is a PHP 5.3 wrapper for dev/urandom (we still support 5.2 version, so we first check that device directly). Probably this is the only one thing which can be revised - change priority to check 5.3 function first, because all users should be on 5.3 host at least (but unforuntately, they don't). So, if your host doesn't allow to access these cryptographic numbers - then you should be warned that your store is more vulnerable to hacker attacks.
__________________
Sincerely yours, Vladimir Petrov Senior X-Payments Developer |
|||||||||
#154
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
Thank you Vladimir. A well documented post which helps me to approach the host owner.
If you can revised what you mentioned at the end it will be great.
__________________
X-Cart Next: Business 5.2 (learning and testing) X-Cart Classic: Gold and Gold Plus 4.7 Lots of Modules and Customizations OS in use: Red Hat Enterprise, Fedora, CentOS, Debian, Ubuntu, Linux Mint, Kali Linux Ideas for Server configuration (basicaly): Nginx/Pound (reverse proxy), Apache/Nginx (webserver), Squid/Varnish (cache server), HHVM or (PHP-FPM + PHP 5.6 + opcache), MariaDB/Percona MySQL Server, Redis (storing sessions) You can catch my ideas here: http://ideas.x-cart.com |
|||||||||
#155
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
ABOUT SPEED.
There is no doubt X-Cart 4.6 is faster than previous versions. Everything is loading immediately, no delays (my localhost is a monster in characteristics). but ... Back-end still remains very lazy, like an old man using sticks. Pages are loading in seconds. Not good at all. You improved the Front-end, but left the Back-end the same. I don't want to upset you with my statement, but this must be redesign. Magento still has a faster Back-end than X-Cart. 1 - entering Admin interface: 12.43 seconds 2 - accessing General Settings: 10.12 seconds 3 - accessing Products: 9.43 seconds 4 - searching Products: 8.37 seconds 5 - accesing product Acer TravelMate 212T: 9.12 seconds 6 - saving changes to product Acer TravelMate 212T: 10.32 seconds So let's do some mathematics: sum for 1 - 3 - 4 - 5 - 6 about 13 + 10 + 8 + 9 + 11 = 51 seconds ~ 1 minute - not goot at all. Doing some tests with different shopping carts I can say for sure X-Cart has the laziest Back-End interface! Comparing X-Cart's Front-End versus Back-End is like comparing a car with a cart. Do you have plans to improve this?
__________________
X-Cart Next: Business 5.2 (learning and testing) X-Cart Classic: Gold and Gold Plus 4.7 Lots of Modules and Customizations OS in use: Red Hat Enterprise, Fedora, CentOS, Debian, Ubuntu, Linux Mint, Kali Linux Ideas for Server configuration (basicaly): Nginx/Pound (reverse proxy), Apache/Nginx (webserver), Squid/Varnish (cache server), HHVM or (PHP-FPM + PHP 5.6 + opcache), MariaDB/Percona MySQL Server, Redis (storing sessions) You can catch my ideas here: http://ideas.x-cart.com |
|||||||||
#156
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
Quote:
Thank you for you report, however, admin area is as fast as a customer front end actually. I guess an origin of the problem is in the fact that you run it on a localhost (no matter how powerful it is). The thing is that a stock X-Cart store makes requests to external resources to get news feed, information about available security patches and etc. (the feed that you can see on admin home page). Thus, if external connections are closed on your server you might encounter such delays in X-Cart admin area responses (it constantly tries to connect and it slows down the page loading). This issue is already under consideration of our maintenance team and it will be fixed in future versions so that X-Cart could work on localhosts as fast as on external servers. Meanwhile, I've PM'ed you a patch which turns off this callbacks. Don't forget to revert the changes back if you move your site to the live server. Thank you.
__________________
Alexander Dyachkov, Director of Customer Success |
|||||||||
|
#157
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
Thank you Rocky. I will use the patch you sent me and let you know my impression.
__________________
X-Cart Next: Business 5.2 (learning and testing) X-Cart Classic: Gold and Gold Plus 4.7 Lots of Modules and Customizations OS in use: Red Hat Enterprise, Fedora, CentOS, Debian, Ubuntu, Linux Mint, Kali Linux Ideas for Server configuration (basicaly): Nginx/Pound (reverse proxy), Apache/Nginx (webserver), Squid/Varnish (cache server), HHVM or (PHP-FPM + PHP 5.6 + opcache), MariaDB/Percona MySQL Server, Redis (storing sessions) You can catch my ideas here: http://ideas.x-cart.com |
|||||||||
#158
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
Quote:
Deal, I'll be waiting for you report.
__________________
Alexander Dyachkov, Director of Customer Success |
|||||||||
#159
|
|||||||
|
|||||||
Re: X-Cart 4.6 released
I feel I need to upgrade my sites. I'm still on 4.4.3, with the "Smart Template" from X-cart mods UK.
I am fine with the functionality of my sites, but I think the cleaner code of 4.6 & the "Reboot template", will be much better for SEO. Reading through this complete thread on 4.6, am I crazy to go to 4.6 so soon? Or is 4.5.5 a better option? I would appreciate advice from anyone, but would especially be interested in what cflsystems, ADDISON, carpeperdiem & cherie think. Thanks for any help! PS. I would agree with everyone else. I feel XC should concentrate more on fixing bugs, rather than on more features. I've been using XC for 3 years and updates seem to be way too frequent & still have too many bugs. And yes, the upgrade process for XC is daunting!
__________________
X-Cart Business 5.4.1.49 |
|||||||
#160
|
|||||||||
|
|||||||||
Re: X-Cart 4.6 released
You should wait for October when v4.6.1 will become available. Definitely version 4.6 is a step forward in speed. I had the chance to test 4.5.4 and 4.6.0 and I can say there is a solid improvement in this direction.
Also, looking over Bugtracker the number of issues are decreasing. Qualiteam engineers are doing a great job I never seen before. It could be much better than that. More bugs will be solved with 4.6.1. I do not contest presence of new features. I like them because the visitors ask for them. A solid company with good programming engineers could deal with both bugs and features. It is not normal to call stop adding features but solve the bugs. Qualiteam is not an apartment company with 5 employees doing a titanic work. Believe me, if they will be more interested to hear our needs this shopping cart will put a shadow over other shopping carts. I hate to see features in other shopping cart, basic ones, XC doesn't have. Especially when Qualiteam has so talented programmers.
__________________
X-Cart Next: Business 5.2 (learning and testing) X-Cart Classic: Gold and Gold Plus 4.7 Lots of Modules and Customizations OS in use: Red Hat Enterprise, Fedora, CentOS, Debian, Ubuntu, Linux Mint, Kali Linux Ideas for Server configuration (basicaly): Nginx/Pound (reverse proxy), Apache/Nginx (webserver), Squid/Varnish (cache server), HHVM or (PHP-FPM + PHP 5.6 + opcache), MariaDB/Percona MySQL Server, Redis (storing sessions) You can catch my ideas here: http://ideas.x-cart.com |
|||||||||
|
|||
X-Cart forums © 2001-2020
|