JigoShop cart and BPS Pro

[giovotek]

Hi,   I just installed BPS Pro on my wordpress ecommerce site as i have had issue with malware in the passed and need to secure the site. Since installing i keep receiving this PHP error in my log:

[13-Nov-2012 11:48:35] PHP Warning:  Invalid argument supplied for foreach() in /home/admin/public_html/wp-content/plugins/jigoshop/admin/jigoshop-admin-settings-api.php on line 91

When i try to make changes to the Jigoshop settings i receive similar errors with different line items and the changes to not take effect Anyone know how i can address this? i’m not the best with this sort of thing and could use some help

[AITpro Admin]

First off, I want to add some general info here and a link to a help post regarding what php errors are and how to handle them so that folks do not get the wrong idea about what the BPS Pro php error log is and does.  I will break my answers up into 3 parts and for part 3 i need more information from you.  Thanks.

Part 1

Source:  http://www.ait-pro.com/aitpro-blog/3576/bulletproof-security-pro/custom-php-ini-faq/#php-errors

BPS is alerting you that php errors have occurred on your website and logging these errors. BPS is not generating these php errors. In general php errors are a natural thing that will occur on every website intermittently. What is not natural or normal is to see the same php error happening repetitively and continuously. Logged PHP errors should be considered as helpful. PHP errors very accurately display exactly where coding issues or problems are occurring on your website that need to be either looked into or fixed. Fatal php errors need your immediate attention and should be fixed right away.

PHP Error Types/Levels/Severity

Strict – PHP will suggest making changes to the code which will ensure the best interoperability and forward compatibility of the code.
Notice – Run-time notices. Indicate that the script encountered something that could indicate an error, but could also happen in the normal course of running a script.
Parse – Compile-time parse errors. Parse errors should only be generated by the parser. Indicates a syntax error in the code.
Warning – Run-time warnings (non-fatal errors). Execution of the script is not halted.
Fatal – Fatal run-time errors. These indicate errors that cannot be recovered from, such as a memory allocation problem. Execution of the script is halted.

Part 2

Normally you would want to check with the author of the plugin, or Google for the solution or just fix the code (if you’re decent with coding) and then notify the plugin author and send your coding fix you created to the plugin author.  I decided to go through the process of actually adding a coding solution for this issue and downloaded Jigoshop and looked at jigoshop-admin-settings-api.php on line 91.  This type of foreach php error is pretty common and typically you just need to add a check for what you are passing to foreach – Example:  if (is_array($variable)) { You would of course want to notify the plugin author so that the next version of the Jigoshop plugin has this coding fix in it.

$slug = $this->get_current_tab_slug();
$options = $this->our_parser->tabs[$slug];

// Edit by Ed >>> check if the $options variable is an array
if (is_array($options)) {

foreach ( $options as $index => $option ) {
 switch ( $option['type'] ) {
 case 'title':
 add_settings_section( $option['section'], $option['name'], array( $this, 'display_section' ), JIGOSHOP_OPTIONS );
 break;
default:
 $this->create_setting( $index, $option );
 break;
 }
 }
}

Part 3

Quoted Question:  “When i try to make changes to the Jigoshop settings i receive similar errors with different line items and the changes to not take effect Anyone know how i can address this?”

Please describe step by step what you are clicking on in the Jigoshop settings.  Please post the exact errors.  I have downloaded the Jigoshop plugin so i can test it, but i need to know what to test first.  Please provide as exact and as specific details as possible so that i know exactly where and what to look at and test.  Thanks.

[giovotek]

Hi,
Thank you for your prompt response and detailed explanation. The extra info on the PHP errors has been very helpful.
I decided to troubleshoot further by configuring a new site install and tested the Jigoshop plugin on its own and i still intermittently encountered the issue on the fresh install. When i tried to change the base country code in the settings or the currency it would intermittently default back to UK and Pounds. 
I will raise a case with JigoShop support as i don’t want to take up anymore of your time with this.
Thanks again for the great support, you’ve provided more information than you really need to in this instance it’s a testament to the professionalism of this plugin and your support.
Gio

[AITpro Admin]

I do not mind testing JigoShop at all and actually consider it my full responsibility to test this plugin if BPS is interfering with functionality of the plugin.  So I will test trying to change the base country code in the settings and currency settings to see if I find issues/problems that BPS is causing.  If there are other specific settings that are not working then please list those too.  I will test the plugin right now.  Thanks.

[AITpro Admin]

Ok the first coding problem I have come across in JigoShop is that this plugin is incorrectly using this WordPress function –  flush_rewrite_rules( );  This particular WordPress function is very misunderstood and very commonly abused and misused by plugin and theme authors.  The flush_rewrite_rules(); WordPress function is only supposed to be used in a plugin activation and deactivation function and NOWHERE ELSE.  The JigoShop plugin completely wipes out all of your security filters in your root .htaccess file because it is incorrectly using this WordPress function.  This not only causes problems for BPS and BPS Pro, it would also cause problems for W3TC, WP Super Cache and any other WordPress plugin that creates .htaccess code.  Please notify JigoShop about this coding misuse/mistake.

Accessing the JigoShop plugin’s admin/settings pages will wipe out/replace your root .htaccess file code if your root .htaccess file is not locked.

I put BPS Pro in Default Mode and tried to change these Shop Options:
Base Country/Region
Currency
Allowed Countries

The result was exactly the same problem you are having.  None of these settings are being saved.  BPS Pro Root BulletProof Mode is deactivated so BPS Pro is not causing this problem.  I am not sure what is wrong with the JigoShop plugin, but i was unable to save any settings on a XAMPP testing site.  Maybe this plugin does not work correctly on XAMPP, but due to nature of the few coding mistakes I found in this plugin it does not qualify for Live site testing with BPS Pro.

At this point you should try these steps on your website. Keep in mind that after you have set up JigoShop you will need to check your root .htaccess file to see if JigoShop is creating .htaccess code in your root .htaccess file.  Make a copy of that .htaccess file if this is the case and send it to me – info[at]ait-pro[dot]com.

1. On the Security Modes page, click the Root Folder BulletProof Mode Deactivate button. See Custom Code Note if doing this step works.
2. On the Security Modes page, click the wp-admin Folder BulletProof Mode Deactivate button.  See Custom Code Note if doing this step works.

FYI
The fix i posted above does in fact work to remove the php errors.  And for the error that is occurring at code line 372/374 i added this coding check before the foreach statement – if (is_array($tab)) { and closed the tag after the end of the switch.

[AITpro Admin]

Another option that i would be willing to do is to log into your site and test from your site.  If this works for you then create a temporary WordPress Admin login account for me and send that login info to edward[at]ait-pro[dot]com.  Thanks.

[AITpro Admin]

As it turns out this has nothing at all to do with BPS and explains why i could not get the settings to save either.  There is a bug in the latest version of the JigoShop plugin that does not allow you to save any settings and they will be releasing a new version to fix the problem.  See this jigoshop forum post >>> http://forum.jigoshop.com/discussions/problems/7077-cannot-make-jigoshop-settings-stick

[giovotek]

Hi Ed,
Thanks again for your help here. You have gone above and beyond the call of duty in this instance. I’ve sent your info off to the Jigoshop authors and I’ll try now to implement the coding fix you suggest above.
I’m concerned about the security issue with the WordPress function –  flush_rewrite_rules, hopefully Jigoshop can address this with their next update. As you have suggested i’ve locked the  root .htaccess file.
I’ve sent you a temp login to the site as well in case it helps.
 
Thanks

[AITpro Admin]

The JigoShop issue is actually a bug in the current version of that plugin and the plugin authors are aware of it and will be releasing a new version soon.  Please see the link i posted in my previous reply.  You will see that there are dozens of people reporting the same problem in that Forum post on the JigoShop website.

Yeah the flush_rewrite_rules boo boo is a bit of a concern, but not much because as soon as JigoShop wipes out your BPS Security filters then BPS immediately alerts you about the problem. 😉  It is more of a nuisance thing since you will have reactivate BulletProof Modes again if the root .htaccess file is not locked.  But if the root .htaccess file is locked then BPS will block JigoShop from wiping out your security filters.  😉

[Author]

Posts