If you are have permissions problems and your store is giving you a persissions error, the wrappers help solve this problem in 99.9% of the cases we have seen.

If you are not sure what ID your hosting account runs under, you may download the test_id.cgi (testid.zip) script. Un-zip (uncompress) it and follow the instructions within the file.

The wrappers are designed to help keep AgoraCart running more safely. Hopefully your web hosting company has things setup on your Unix/Linux host such that scripts run under your user ID instead of a generic account. many other companies using Cpanel with AgoraCart pre-installed have the wrappers pre-compiled and installed for you (if they don't already allow the script to run under your user ID). If the not, and you want to run scripts under your id, you will need the wrappers. It may also prove useful in "Offline" mode to solve file permissions problems when using a different user id for https:// calls (often happens if you are running under what is called a "borrowed" or "shared" SSL server certificate ... usually provided by your hosting company).

If you are installing the wrappers because your scripts do not run under your own id normally and the SUID bit cannot be set for scripts on your OS, you will need to install for both agora and the manager. If you are just solving https:// problems, you may not need the manager wrapper if you won't run the manager from the https:// address.

The provided wrappers were tested under Linux and FreeBSD. Some OS's allow scripts to have their SUID bit set (Solaris for example) and do not need a wrapper. Some other OS's are "broken" and perl complains loudly, hence the need for the wrappers.

Optimally, you will be running on a system that runs scripts under your ID or from within an scgi-bin (allows scripts within that directory to run under your ID) and will have no need for a wrapper. Many people do run web store type programs under generic user ID's without incident, but since file permissions need to be "loosened" to allow this, it is inherently less secure. Many other cart programs use these unsecure settings but don't let you know they are doing it!

If you you do not have TELNET or SSH type access, cannot get it, commando (from the store manager screens) does not work, and your SUID bit does not run under your ID, then you will need to ask your server administrator to install the wrappers for you. If they are unwilling to perform this for you, we recommend that that you check out the AgoraCart Web Hosting ASPPs and get a better and/or more responsive hosting solution.

The latest version wrapper programs available are 3.0a. There was a vulnerability with 2.0a and earlier wrappers in that a symbolic link could be used to gain access to your web site. By using the Version 2.0b Wrappers (wrappers20b.zip) or the newer 3.0a Wrapper (wrapper30a.zip), this vulnerability is eliminated. Installed versions from Cpanel Hosts, as well as downloaded copies for the last couple of years have the updated wrappers available and/or installed.