Updating CB 1.9.1 to 4.0.12 and CBSubs 3.0.0 to 4.1.0

Thanks for the suggestion. I can see where you are aiming at. Unfortunately the subscriptions tab does not work for me in this case. I have some exclusive plans that do not allow the merchandise plans to be displayed.

There must be a way. It was so nice in CBSubs 3.0.0. The ACLs are set in the plans and they were taken into account.

Right now I am lacking an idea how to work around this. Can you help me out? I was digging around in the CBSubs code, but I made no progress.

If I change line 32 in cbpaidControllerUI.php to

it takes into account the user. The functionality is all there... Maybe a second variable could be added, like $plansacl or so?

Or I can add a new function in that file like below, but is this a good solution?

Remember my problem with the payment options page in a previous post?
www.joomlapolis.com/forum/255-developer-members-support/234051-updating-cb-1-9-1-to-4-0-12-and-cbsubs-3-0-0-to-4-1-0?start=24#283516

I thought about your suggestions and the menu items. It seems that everything works fine if I use the Joomla menu items, but my own code does not work.

So maybe the url has changed somewhere and I am not using the proper one?

In my code I use the following url and a form to submit the basket (of a new user):

If I use this, then I see the payment options, but when I click on one of the options I get redirected to the registration page.

For an existing user I use this and the same form
But then I get an error message:
"Session expired or cookies are not enabled in your browser. Please press "reload page" in your browser, and enable cookies in your browser. Please refresh/reload page before filling-in."

Under CBSubs 3.0.0 everything was working fine, maybe I am using the wrong URLs in CBSubs 4.1.0?

The latter one, does it have to do with usage of cbGetSpoofInputTag? Did something change here?

Hm... My code still seems to work.

Is there something new? A new security feature that I have to take into account?

EDIT: Ah, it seems that the secret is "plugin" now?

EDIT2: So, with this I could test the code for an existing user, and my form works fine with the URL.
Now I need to understand why I get redirected whem I am a new user?

EDIT3: It seems that also the "new user" works with this url:

The API previously provided is the correct API for outputting the plans. Please note registration view of plans ignores the access checks during registration. If you don't want a plan shown to a public user during registration then set the plan to not show on registration.

So maybe the url has changed somewhere and I am not using the proper one?

Your URL API usages are not correct. You specially should never hardcode relative URLs (SEFed). Below is the API for outputting a view URL in CB.


CBSubs Plans Display URL is as follows.

index.php?option=com_comprofiler&task=pluginclass&plugin=cbpaidsubscriptions&do=displayplans

With API this is as follows for plugin view URLs.


CB API needs to be loaded and the $_CB_framework global declared for the above to work. Review existing plugins for further usage examples (they're all using this API).

I've no idea what you're trying to do with the spoof string.

I think the suggestion with the subscription tab will not work for me because of the exclusive plans. So far the only solution I found is to add another function to cbpaidControllerUI.php .

I will try to understand your suggestions from your last post.

I've no idea what you're trying to do with the spoof string.

Well, it gives me the cbsecuritym3 value, otherwise I cannot proceed as a logged in user.

I think the suggestion with the subscription tab will not work for me because of the exclusive plans. So far the only solution I found is to add another function to cbpaidControllerUI.php .

Do not modify core files. We do not provide support for installs with core modifications. Don't understand how this affects exclusive plans. If you've a plan set to Registered access under the Access tab for example it's ignored for registration as the display on registration parameter has priority. To prevent this you simply set the plan to not display on registration under the Workflows tab. This solves the issue of plans displaying during registration that you don't want displaying. The API usage you're wanting doesn't make sense to the configuration.

Well, it gives me the cbsecuritym3 value, otherwise I cannot proceed as a logged in user.

We have several spoof string functions. 1 outputs the completed input. Another gives you the spoof input name and another gives you its value.

cbGetSpoofInputTag() = Input
cbSpoofField() = Name
cbSpoofString( null, $secret ) = Value

Secret in most cases is "plugin".