WordPress.org

Ready to get started?Download WordPress

Forums

Store Locator Plus
[resolved] My Store Locator Plus locations are not showing on map (19 posts)

  1. reydesign
    Member
    Posted 1 year ago #

    My locations are not showing Immediately on map, and search is not finding my locations. Any help or recommendations will be greatly appreciated.

    The page link with Store Locator Plus is below:

    href="http://worldstanduppaddleboardassociation.com/?page_id=329">

    http://wordpress.org/extend/plugins/store-locator-le/

  2. kjester
    Member
    Posted 1 year ago #

    Same with me, just started today after the upgrade.

  3. kjester
    Member
    Posted 1 year ago #

    i fixed mine like this: I had reinstalled the plugin and then imported the table of locations into the database with phpmyadmin, but nothing was showing up. So then I added a fake location through the WP Admin page and somehow that triggered the plugin to see everything. Then I deleted the fake location. All good.

  4. reydesign
    Member
    Posted 1 year ago #

    I like to try that, but when you added the fake location through the WP admin.
    Do you mean adding a new location in the Store Locator Plus plugin or somewhere else in the WP admin?

    Let me know.

    Thank you

  5. Charleston Software Associates
    Member
    Plugin Author

    Posted 1 year ago #

    What version did you update from? To?

    This should not happen and did not appear on my test sites (VeryNearHere.com and EatCharleston.com) which are my final "production tests" for SLP.

    VNH is on SLP 3.7.1 using the regular WordPress update, no special "trickery" on this end.

  6. lbyleveld
    Member
    Posted 1 year ago #

    My store locator has suddenly stopped displaying search results after the upgrade BUT I am running WP-Members as well and if you are logged in it works but if you are NOT logged in it does not work... the page is NOT restricted and worked perfectly before upgrading to 3.7.3 - any clues what I should do? the site is http://www.twinimages.com.au/store-locator
    Thanks!

  7. balroggamer
    Member
    Posted 1 year ago #

    Location markers are not showing on the map immediately, or after a search on map. Being logged in or not makes no difference.

  8. balroggamer
    Member
    Posted 1 year ago #

    UPDATE: Got it working - check to make sure the home and destination icon folder locations are correct. I migrated my site from a development server, and the locations still pointed there. When I changed them to the correct server and folder, the location markers popped right back up.

  9. Charleston Software Associates
    Member
    Plugin Author

    Posted 1 year ago #

    @lbyleveld - you have a security issue on your WordPress installation or on the server itself. This has nothing to do with the SLP plugin.

    "NetworkError: 403 Forbidden - http://www.twinimages.com.au/wp-admin/admin-ajax.php"

    The upgrade to 3.7.3 would not have changed this other than the fact that the system-level file permissions would revert back to their default setting. My guess is someone enabled access to the plugin files when you first installed. Either that or your system security has changed between the initial install and your recent update to 3.7.3.

  10. lbyleveld
    Member
    Posted 1 year ago #

    thanks for the quick response _ I really appreciate it, I will look at the permissions...

  11. auth1299
    Member
    Posted 1 year ago #

    The following fixed my issue. It took me a while to figure out.

    Make sure you can access http://your-domain.com/wp-admin/admin-ajax.php from a browser. Replace (your-domain.com) with your website domain address. If you get denied access to this file, you need to enable access to this one file under the wp-admin folder. Check your .htaccess file or web.config file if hosting on windows and or directory authentication for the /wp-admin/ folder. The map uses client side ajax calls to this file to download the map locations.

  12. Charleston Software Associates
    Member
    Plugin Author

    Posted 1 year ago #

    @auth1299 - thanks for sharing. I didn't realize you could have access to the main site but have the built-in WordPress AJAX handler restricted.

    The plugin specifically uses JSONP (v. XML) to reduce possible cross-domain and other security issues, but I guess there must be another level of security we need to know about.

    What did you do to fix your problem? Change permissions on the PHP file at the file access level? A HTTP config change? An .htaccess change?

  13. auth1299
    Member
    Posted 1 year ago #

    Here is the issue. It's best practice to protect your wp-admin directory with OS authentication (windows or linux). This way you have to authenticate to the OS before even being able to get to the admin logon screen. The wp-admin-ajax.php file needs client access to it. This is a bad design flaw in wordpress. Why would wordpress put a client access file in the admin directory? I'm going to avoid long discussion on this cause it doesn't make sense. It should have been put in the root of the site in my opinion.

    Solutions:

    * plugin developer: put your own wp-admin-ajax.php file with in the plugin directory and point your java or ajax scripts to this directory instead if possible.

    * Hosting Admin: Allow anonymous authentication to this one file in the wp-admin directory that is other wise protected with OS authentication access.

    You can also block access to the wp-admin directory using the .htaccess file on linux hosting and the web.config file in windows hosting. If that's the case you will need to exclude this file so end users accessing the site can gain access to this poorly placed file.

  14. auth1299
    Member
    Posted 1 year ago #

    The only people having this issue are smart enough to protect the admin folder on there wordpress site.

  15. auth1299
    Member
    Posted 1 year ago #

    For Plugin Author:

    By the way I can passivly detect your plugin on all wordpress sites. Your plugin should not show any trace until you get to the page that shows the map. You may want to look into that. It may just be some sloppy coding. This gives hackers an edge when vulnerabilities are found in your code.

  16. Charleston Software Associates
    Member
    Plugin Author

    Posted 1 year ago #

    @auth1299 - turn off Force Load JavaScript. That setting is on be default and is, sadly, required because I have found over 20% of the themes out there are NOT WordPress 3.3 compliant or do not follow best practices for loading JavaScript.

    I don't like having SLP pre-load, but if I don't then 20% of the users thing the plugin doesn't work. In the current mode less than 5% of the sites have problems.

    The BEST way to use SLP is to turn OFF Force Load JavaScript. That will prevent the scripts from loading unless needed (when the SLP shortcode has been rendered).

    As far as making a copy of our own version of the AJAX listener, that is NOT a good idea. There are a TON of threads about not doing stuff like that, including your own copies of jQuery, and a whole slew of other bad practices. Yes, WordPress has security holes but it is much tighter than most other web apps and the core team works hard to close those holes where possible.

    As for securing the login I've recently been adding Google Authenticator to all my client sites and my own sites. Not perfect but much better than a wide-open password based access. Especially when you have to leave the AJAX listener open.

    BTW, if you REALLY want to get creative with security, create a list of valid plugins in the header of the AJAX listener and filter it through active plugins. If the plugin is not on the approved list, drop to a 404. That is way beyond the scope of this plugin but may be a cool idea for a "harden WP" plugin. That along with moving wp-config.php and making sure ALL references to the *thumb php files have been updated (there is a well published exploit out there that lets hackers get into your command line if you have the older *thumb code).

    Thanks for sharing the info.

  17. skybaselisa
    Member
    Posted 11 months ago #

    Hi,

    I installed Store Locator Plus a few weeks ago, and it was running perfectly. No issues until today.

    All of my locations are not showing and nothing is appearing in search. On the backend all of my locations are still there. I am not hugely literate on the technical side and have been teaching myself through trial and error. Is this something to do with the recent update, or perhaps another plugin I have installed that is affecting it.
    http://skybasesolutions.ca/where-to-buy/
    Any help would be appreciated...Pulling out my hair! Thanks!

  18. skybaselisa
    Member
    Posted 11 months ago #

    Please ignore...I have answered my own question.

  19. Charleston Software Associates
    Member
    Plugin Author

    Posted 11 months ago #

    All support for SLP has moved to the CSA website. Visit the new support forum here:
    http://www.charlestonsw.com/forums/forum/support-2/

    Immediately Show Locations has a new radius setting that applies ONLY to that, make sure it is set. In SLP 3.11 (coming soon) that value will default to 10,000.

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic