how could I find the application/plug-in which send order information to a website called easypost.com

Jason Yu
Jason Yu used Ask the Experts™
on
I have an internal website written in php and java. its main function is collecting order information from online stores on ebay and Amazon. After it collect orders, it will send the order information to a third party website called www.easypost.com to print shipping labels.

since the company changed their office recently, they have to update the ship from address printed in the label. I have contacted the technical support in easypost.com and their tech said the "ship from " addres is in my website or in my plugin.

here is his reply:"Hi Jason,

You change this in the from_address you're sending us OR in your plugin.

Best,"

Dear support:

I have a label created from your website. We moved our office recently and want to change the "ship from" address which is "AA ECD…." On the label. Could you please advise where I can change it.

Thanks.

http://assets.geteasypost.com/postage_labels/labels/20160103/dd1ccce815bb4305bdb37988568ac1ab.png
"


I have full access to the hosted virtual server, here is the folder structure on the server.  The first folder "public_html" is the folder saving all php and java files. Dear experts here, please help me out. Thanks in advance.

root@server.ergbox.com [ergboxco]# ls -alth
total 65M
drwxr-xr-x  11 ergboxco nobody   4.0K Jan  5 16:19 public_html
drwx--x--x  19 ergboxco ergboxco 4.0K Jan  5 15:37 .
drwx------   6 ergboxco ergboxco 4.0K Jan  5 00:09 .cpanel
-rw-------   1 ergboxco ergboxco  229 Jan  5 00:09 .lastlogin
drwxr-xr-x   8 ergboxco ergboxco 4.0K Jan  1 11:15 tmp
-rw-------   1 ergboxco ergboxco   15 Jan  1 07:40 .ftpquota
drwx------   2 ergboxco ergboxco 4.0K Jan  1 04:04 logs
drwxr-xr-x   3 ergboxco ergboxco 4.0K Dec 30 21:38 perl
drwxrwxr-x   4 ergboxco ergboxco 4.0K Dec 30 20:38 perl5
drwxr-x---   3 ergboxco mail     4.0K Dec 30 20:37 etc
drwx--x--x.  9 root     root     4.0K Dec 21 09:38 ..
-rw-------   1 ergboxco ergboxco  28M Dec 21 09:38 backup-12.21.2015_09-37-49_ergboxco.tar.gz
drwxr-xr-x  16 ergboxco ergboxco 4.0K Dec 18 15:12 testerr
drwx------   6 ergboxco root     4.0K Nov 20 04:16 ssl
drwx------   4 ergboxco ergboxco 4.0K Nov 19 09:13 .cphorde
drwxr-xr-x   2 ergboxco ergboxco 4.0K Nov 19 09:12 cache
drwx------   2 ergboxco ergboxco 4.0K Oct  7 15:58 .ssh
drwxr-xr-x   2 ergboxco ergboxco 4.0K Oct  1 13:12 .cpan
-rw-------   1 ergboxco ergboxco  37M Sep  9 21:53 backup-9.9.2015_21-53-18_ergboxco.tar.gz
-rw-------   1 ergboxco ergboxco   15 Sep  8 20:19 .contactemail
drwx------   2 ergboxco ergboxco 4.0K Sep  8 19:55 .trash
drwxr-x--x   9 ergboxco ergboxco 4.0K Sep  8 17:57 mail
-rw-r--r--   1 root     root     4.5K Jun 12  2015 localhost_access_log.2015-06-12.txt
-rw-r--r--   1 ergboxco ergboxco  334 Mar 26  2015 2015-03-26 15:19:11.txt
-rw-r--r--   1 ergboxco ergboxco  339 Mar 26  2015 2015-03-26 15:19:10.txt
-rw-r--r--   1 ergboxco ergboxco  339 Mar 26  2015 2015-03-26 15:18:37.txt
-rw-r--r--   1 ergboxco ergboxco  339 Mar 26  2015 2015-03-26 15:18:25.txt
-rw-r--r--   1 ergboxco ergboxco  334 Mar 26  2015 2015-03-26 15:18:03.txt
-rw-r--r--   1 ergboxco ergboxco  339 Mar 26  2015 2015-03-26 15:17:30.txt
-rw-r--r--   1 root     root      29K Mar 20  2015 printed-abnormal-print.php
drwxr-xr-x   3 ergboxco ergboxco 4.0K Mar  8  2015 public_ftp
-rw-r-----   1 ergboxco ergboxco    1 Feb 27  2015 cpbackup-exclude.conf
lrwxrwxrwx   1 ergboxco ergboxco   34 Feb 27  2015 access-logs -> /usr/local/apache/domlogs/ergboxco
lrwxrwxrwx   1 ergboxco ergboxco   11 Feb 27  2015 www -> public_html
drwxr-x---   2 ergboxco nobody   4.0K Feb 27  2015 .htpasswds
-rw-r--r--   1 ergboxco ergboxco  321 Feb 27  2015 .bashrc
-rw-r--r--   1 ergboxco ergboxco  658 Nov  5  2014 .zshrc
-rw-r--r--   1 ergboxco ergboxco   18 Oct 16  2014 .bash_logout
-rw-r--r--   1 ergboxco ergboxco  176 Oct 16  2014 .bash_profile
root@server.ergbox.com [ergboxco]#

Open in new window

2016-01-05_15-58-44.png
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2011
Top Expert 2016
Commented:
You might be able to find this by using a text editor "find in files" capability.  TextPad has this, and I am sure that other editors have it, too.  With TextPad you can point the program at the root directory, set "search subfolders" and tell it to scan for text.  You might look for "AA ECD" or "91733-1551" to see where that ZIP code is stored.

You might also look in examples/shipment.php (from_address shows up in Github).

Author

Commented:
hI, Ray:

Thank you for your kind reply, I used ultraedit to search the whole folder and couldn't find any file containing the above two strings. Is it possible the order information was sent from ebay and amazon account directly.

I was able to make a short call to the original developer, he said it is in java code, but which folder contains the java applications.

I also found a php file named account-shops.php, could you please take a look?

I checked the sql database too and indeed found a table called "shops". all the addresses in this table have been updated to the current one.

Thanks.
account-shops.php
Most Valuable Expert 2011
Top Expert 2016

Commented:
You might want to lookout for cache versions of the information.  In a well-written application, the cache will be invalidated when an update to a corresponding data element occurs.  

But if the PHP code you posted is part of the application, you would not want to call it a well-written application.  I recommend you stop using that code and have it rewritten ASAP.  I did not go very far into it, but here is what I saw at the top.
$op = $_GET["op"];
if ($op != null) {
	if ($op == "delete") {
		$sql = "delete from shops where id=" . $_GET["id"];
        CommonDef::doSql($sql);
		header("location: account-shops.php");
		return;
	}

Open in new window

Why this matters... Anyone can take the URL, add "?op=delete&id=1%20OR1=1" to it, and the script will run the delete query, deleting all of the rows from the shops table.  This is dangerously bad code, and should be refactored by an experienced programmer.  Forewarned is forearmed!

In the course of rewriting the PHP to bring it up to standard, your developer will undoubtedly be able to find the address information (possibly in the database).

Best of luck, ~Ray

Author

Commented:
HI, Ray:

Thank you very much for your help. I will take your advice to rewrite the code.

Also, I found the source code about the address, it's in some part of java application. From the java source code I found this address. The java application send the address information to a third party company to print the labels.

Thank you again for help, your advise is valuable.
Most Valuable Expert 2011
Top Expert 2016

Commented:
Hi, Jason and thanks for the points (and for using E-E).  Best of luck with the project! ~Ray

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial