In case anyone is interested, please use this thread to post support questions / thoughts for the 'Register Globals' contribution.
The contribution can be found here...
http://www.oscommerce.com/community/contributions,2097
Comments / abuse / vacuous indifference (delete as you see fit - if you can be bothered) welcomed.
regards,
Rich.
Latest News: (loading..)
0
280 replies to this topic
#2
Posted 20 May 2004, 20:14
Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.
If someone is interested in the changes, i can post the changed files.
Thanks and Greetings
Alex
Sorry for my bad english
If someone is interested in the changes, i can post the changed files.
Thanks and Greetings
Alex
Sorry for my bad english
#3
Posted 21 May 2004, 18:24
MasterEmit, on May 20 2004, 08:14 PM, said:
Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.
If someone is interested in the changes, i can post the changed files.
Thanks and Greetings
Alex
Sorry for my bad english
If someone is interested in the changes, i can post the changed files.
Thanks and Greetings
Alex
Sorry for my bad english
#4
Posted 21 May 2004, 19:12
i'm also getting these two warnings:
Warning: First argument to array_keys() should be an array in /httpdocs/shop/includes/functions/sessions.php on line 74
Warning: Invalid argument supplied for foreach() in /httpdocs/shop/includes/functions/sessions.php on line 75
what to do with these?
Warning: First argument to array_keys() should be an array in /httpdocs/shop/includes/functions/sessions.php on line 74
Warning: Invalid argument supplied for foreach() in /httpdocs/shop/includes/functions/sessions.php on line 75
what to do with these?
#5
Posted 21 May 2004, 22:23
I added the changed files to http://www.oscommerce.com/community/contributions,2097.
Can you add the part of the code, where these warnings occured? Just some lines and in which function.
Alex
Can you add the part of the code, where these warnings occured? Just some lines and in which function.
Alex
#7
Posted 22 May 2004, 14:27
This contribution from Richard Bentley is for the case, that Register_Globals is turned off. For security-reasons, this should be allways turned off. But oscommerce is currently not prepared for this case, so that oscommerce without this contribution and without Register_Globals turned on is unable to work.
It seems to be, that i still have some problems in the admin at product attributes. I try to find out, where this problem is located. Currently i can not page through the attributes.
Alex
It seems to be, that i still have some problems in the admin at product attributes. I try to find out, where this problem is located. Currently i can not page through the attributes.
Alex
#8
Posted 22 May 2004, 14:54
I fixed this problem in admin/products_attributes.php. But i do not know, at which places the same problem could occure.
Following changes are necessary:
Following changes are necessary:
//BOF - RegisterGlobals
// if (!isset($option_page)) {
// $option_page = 1;
// }
if (!isset($option_page)) {
if (isset($HTTP_GET_VARS['option_page']))
{
$option_page = $HTTP_GET_VARS['option_page'];
}
else
{
$option_page = 1;
}
}
// EOF - RegisterGlobals
//BOF - RegisterGlobals
// if (!isset($value_page)) {
// $value_page = 1;
// }
if (!isset($value_page)) {
if (isset($HTTP_GET_VARS['value_page']))
{
$value_page = $HTTP_GET_VARS['value_page'];
}
else
{
$value_page = 1;
}
}
// EOF - RegisterGlobals
//BOF - RegisterGlobals
// if (!isset($attribute_page)) {
// $attribute_page = 1;
// }
if (!isset($attribute_page)) {
if (isset($HTTP_GET_VARS['attribute_page']))
{
$attribute_page = $HTTP_GET_VARS['attribute_page'];
}
else
{
$attribute_page = 1;
}
}
// EOF - RegisterGlobals
#9
Posted 22 May 2004, 17:02
Just a quick note to say thanks for the feedback - clearly I need to keep a better eye on the message board...
...and improve my coding ! Sorry for the problems you all seem to be having - be assured that I shall suitably chastise myself for causing such grief. I'll look at what you've all posted in depth after I've written this.
Oh well, at least it's good to know that other people are interested in this.
regards,
Rich.
...and improve my coding ! Sorry for the problems you all seem to be having - be assured that I shall suitably chastise myself for causing such grief. I'll look at what you've all posted in depth after I've written this.
Oh well, at least it's good to know that other people are interested in this.
regards,
Rich.
#12
Posted 24 May 2004, 08:39
CMOTD, on May 22 2004, 10:53 PM, said:
I've put up v1.1.1.
This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004.
regards,
Rich.
This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004.
regards,
Rich.
#13
Posted 24 May 2004, 11:20
ok seems to work.. I only have another problem, i have a multilanguage shop.
Case:
Default language is dutch. Everything shows in dutch ( that's good) when selecting english ( as customer) the page where you are at that moment displays in english and all the links to other parts of the shop are also english.
But, when clicking a link to an other part of the shop the language switches back to ( default) dutch again.
So i think the variable which containts the languagesetting is not available on other pages or something..
Case:
Default language is dutch. Everything shows in dutch ( that's good) when selecting english ( as customer) the page where you are at that moment displays in english and all the links to other parts of the shop are also english.
But, when clicking a link to an other part of the shop the language switches back to ( default) dutch again.
So i think the variable which containts the languagesetting is not available on other pages or something..
#14
Posted 24 May 2004, 11:32
addition: ( why can't i edit my own message?)
In the administration menu there's also a problem with a variable i think...
when going to the catalogus section en clicking one category of that section it switches to the Configuration menu ( and closes the catalogus menu)
In the administration menu there's also a problem with a variable i think...
when going to the catalogus section en clicking one category of that section it switches to the Configuration menu ( and closes the catalogus menu)
#15
Posted 24 May 2004, 12:14
Mmmm....
I'm not able to look at this right now, but I'll look into it this evening - I'm sure it's nothing difficult to fix (feel free to remind me I said this when I still haven't got a solution in a week's time !)
In response to CC's question - download and look at the contribution!
The answer is 'not many' - I think it's 4 files in admin and 3 files in catalog (or something like that - I don't have the code in front of me). The changes are actually very small.
Also, I have specifically written the change instructions in a way that is less likely to interfere with other modifications. But if you read the contribution, you'd know this already :-)
regards,
Rich.
I'm not able to look at this right now, but I'll look into it this evening - I'm sure it's nothing difficult to fix (feel free to remind me I said this when I still haven't got a solution in a week's time !)
In response to CC's question - download and look at the contribution!
The answer is 'not many' - I think it's 4 files in admin and 3 files in catalog (or something like that - I don't have the code in front of me). The changes are actually very small.
Also, I have specifically written the change instructions in a way that is less likely to interfere with other modifications. But if you read the contribution, you'd know this already :-)
regards,
Rich.
Edited by CMOTD, 24 May 2004, 12:16.
#16
Posted 24 May 2004, 19:04
Hello again,
I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.
Re The problem with admin category selection switching back to Configuration....
What setting do you have for 'variables_order' in php.ini ?
The default value for this is "EGPCS"
I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.
In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.
puzzled....
regards,
Rich.
I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.
Re The problem with admin category selection switching back to Configuration....
What setting do you have for 'variables_order' in php.ini ?
The default value for this is "EGPCS"
I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.
In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.
puzzled....
regards,
Rich.
Edited by CMOTD, 24 May 2004, 19:05.
#17
Posted 24 May 2004, 19:19
CMOTD, on May 24 2004, 07:04 PM, said:
Hello again,
I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.
Re The problem with admin category selection switching back to Configuration....
What setting do you have for 'variables_order' in php.ini ?
The default value for this is "EGPCS"
I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.
In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.
puzzled....
regards,
Rich.
I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.
Re The problem with admin category selection switching back to Configuration....
What setting do you have for 'variables_order' in php.ini ?
The default value for this is "EGPCS"
I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.
In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.
puzzled....
regards,
Rich.
thanks for looking at the problem
about the PHP.ini setting: i'm running this thing on a host so i can't look at the php.ini
about he language thing i send you a PM
#18
Posted 24 May 2004, 21:12
Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.
Any idea what's happening?
Thanks!
Rob Z.
Any idea what's happening?
Thanks!
Rob Z.
#19
Posted 24 May 2004, 21:16
rzazueta, on May 24 2004, 09:12 PM, said:
Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.
Any idea what's happening?
Thanks!
Rob Z.
Any idea what's happening?
Thanks!
Rob Z.
i solved this by commenting the register_globals check in application.php in your /install/includes
