Return to previous page

Duplicate Credit Card Fields at checkout

This topic has 22 replies, 3 voices, and was last updated 1 weeks, 6 days ago ago by Jack Richardson

finleydesign

Participant

August 14, 2023 at 12:48

We have seen this a number of times now, and the issue goes away if there is an xstore update, but we are seeing two credit card fields being displayed at checkout

I thought something else was causing an issue, but we get a complaint from customers of the client, we then jump on admin, normally there is an xstore update, once we update the theme, the issues goes away

Please, contact administrator
for this information.

#364490 Copied Theme version: 9.1.13

21 Answers

Rose Tyler

Support staff

August 14, 2023 at 13:11

Hello, Finleydesign,

Thank you for contacting us and for using XStore.

Could you please record a video of the problem?

We can’t log in, unfortunately. Just loader and that’s all. Please check. Do you have restrictions by ip or a plugin that may cause this issue?

Kind Regards,
8theme team

#364498 Copied

finleydesign

Participant

August 14, 2023 at 13:18

ironically we have do have a monitor, which just told us someone from Ukraine did just login

Video in private, it’s also been documented elsewhere in regards to theme issues, I tried their fix but it didn’t make a difference

https://stackoverflow.com/questions/28627839/duplicated-payment-methods-field-on-checkout-page-woocommerce

Please contact administrator
for this information.

#364500 Copied

Rose Tyler

Support staff

August 14, 2023 at 13:37

Hello, Finleydesign,

We appreciate your prompt response.

At first sight, we do not see anything from our theme side that may affect your checkout fields.
Please check how it works with the default WooCommerce theme – Storefront activated on your site (go to Appearance > Themes > Install and activate the official WooCommerce theme Storefront for a few mins and check if your issue appears with our theme only or with the default WooCommerce theme too).
Let us know the result. In case you get the same result independently of the activated theme, it means there is really no XStore fault.

Thank you for your cooperation and we look forward to hearing from you soon.

Kind Regards,
8theme team

#364503 Copied

finleydesign

Participant

September 8, 2023 at 10:20

I need to re-open this ticket as this issue continues, interestingly it’s targeting the form-billing.php file within the Xstore theme, it replaces this file with it’s own and creates a double card entry, it appears to look like it’s scraping card details.

I can replace the file with a back up version, but 5-6 days later, it’s been replaced again

#366962 Copied

Rose Tyler

Support staff

September 8, 2023 at 14:25

Hello, Finleydesign,

In this case, since you have determined that the plugin is fully rewriting the file, it is necessary for you to contact the author of the plugin to resolve this issue. This is because the rewriting of plugin files by another plugin is not a good practice, especially considering that the main plugin is named WooCommerce.

Alternatively, we can suggest copying the default file form-billing.php (the one you identified as being triggered) from the WooCommerce plugin to the child theme with the same file path. Then, the file will essentially be original, and this solution may also be suitable for you.

Kind Regards,
8theme team

#366988 Copied

finleydesign

Participant

September 8, 2023 at 15:29

Its not re-writing plugin files, it’s your theme which is having it’s file re-written.

I’ve already copied the original file from woocommerce and replaced the one in your theme, which I have to do in order to remove the issue.

Do I actually need this in the to Xstore folder?

I’ll try the child theme route and see if that makes a difference, but just to confirm you understand there is only one file within the Xstore theme that is being replaced

#366994 Copied

Rose Tyler

Support staff

September 8, 2023 at 20:21

Hello, Finleydesign,

Thank you for the information provided. We would like to propose that you test the attached file https://we.tl/t-hpCZn51McR to see if it works properly. If it does, we will include it in the update.

Kind Regards,
8theme team

#367003 Copied

finleydesign

Participant

September 10, 2023 at 14:05

Hi, Ok but where am I putting this? in the child theme or the xstore theme?

And when you say test, i assume you mean it will work, but i am to test if it gets overwritten?

#367139 Copied

Rose Tyler

Support staff

September 10, 2023 at 19:20

Hello, Finleydesign,

Yes, you can even upload the file to the child theme and check.
However, if the problem persists, you may upload the one that was there (i.e., from the default WooCommerce).

Kind Regards,
8theme team

#367154 Copied

finleydesign

Participant

September 13, 2023 at 10:50

Ok so it’s been replaced again, this time, the one in the Xstore theme and the one in the child theme got replaced, the main one in Woocommerce didn’t

Are these specific to Xstore as it’s seem to be a vulnerability within the xstore theme

#367371 Copied

Rose Tyler

Support staff

September 13, 2023 at 15:38

Hello, Finleydesign,

We have not encountered any issues and are unable to reproduce the bug you reported. Therefore, we propose the following solutions:

1. Please try to upload the file again, which you can download from the link provided ( https://we.tl/t-yPMt4L69Hz ). Upload it to the child theme according to the path described earlier.

2. If this solution does not help, please apply the changes you initially implemented (download the file from WooCommerce to your child theme).

Kind Regards,
8theme team

#367404 Copied

finleydesign

Participant

September 20, 2023 at 12:59

Ok so thinking it was working, but last night it got replaced again from the child theme

I’ve got a copy of the corrupt file if you want to see it?

#368005 Copied

Rose Tyler

Support staff

September 20, 2023 at 14:24

Hello, Finleydesign,

Please send the files that are working and those that are not.

Also, we are curious to know who is replacing the files in the child-theme, as we are certainly not doing it.

Kind Regards,
8theme team

#368021 Copied

finleydesign

Participant

September 20, 2023 at 14:30

Hi, the file that works is either the original or the one you sent, this is then replaced with a scrapper type version.

It only appears to effect the child theme of xstore

how do I send you files, wetransfer won’t let me upload it

#368025 Copied

Rose Tyler

Support staff

September 20, 2023 at 14:39

Hello, Finleydesign,

You may use any other online filesharing service, and provide us with URL.

Kind Regards,
8theme team

#368027 Copied

finleydesign

Participant

September 20, 2023 at 14:49

In private, the file thats works is the one you sent me

Please contact administrator
for this information.

#368028 Copied

Rose Tyler

Support staff

September 21, 2023 at 08:12

Hello, Finleydesign,

Thank you for your response.

We would like to inquire about the reason why your child theme is experiencing periodic changes? We assure you that we are not influencing it.

We are trying to explain that if you have uploaded a file that works in the child theme and everything is fine, then there is no need to worry about it anymore. However, if someone in your child theme is overwriting/deleting that file, then it is a matter for you to resolve. You will need to deal with this and in principle, there will be nothing required from us.

Kind Regards,
8theme team

#368095 Copied

finleydesign

Participant

September 21, 2023 at 10:24

Ok so what seems to be confusing here is, that the file always did work, I thought the file you sent, had some sort of different code etc, but the original one has always worked.

What appears to be happening is the file is being replaced with the one I sent you, if you review the file you should be able to see the malicious code that is scraping additional card details.

What I’m trying to say is, it only changes either xstore or xstore child themes, so is there an unknown vulnrability in the theme that is allowing a malicious code to be added

I initially noticed that the the double card fields disappeared everytime we updated the theme.

Is the permmisions on that file correct? can it be changed to still operate but to prevent outside amends? I don’t know if the file is being replaced or the malicious code is being injected into the file.

#368115 Copied

Rose Tyler

Support staff

September 21, 2023 at 11:15

Hello, Finleydesign,

We found that these HTML lines were inserted into your file – https://prnt.sc/RBmSrD_xNVop
By default, there is no such html code there.
Permissions for all files are set correctly in our theme package but could be modified on your server so you should check it there.
By default, we set 644 permissions for files (https://prnt.sc/QztIAZWqu-dF) so please, check if your child-theme files have the same ones.

Maybe your hosting provider will be able to assist you in this situation.

Kind Regards,
8theme team

#368122 Copied
Tagged: best selling themes, checkout customization, duplicate credit card fields, ecommerce theme features, online store optimization, secure payment options, woocommerce themes
1 2

Viewing 20 results - 1 through 20 (of 22 total)