Latest News: (loading..)

bkellum's Photo

bkellum

Member Since 20 Feb 2006
Offline Last Active Oct 23 2011, 12:53

Find content

About Me

I spend a lot of time providing free support for the Simple Template System add-on in the forums. If you need STS support, please ask in the following thread:

http://forums.oscomm...ost__p__1452989

osC Freelancer: soundsgoodpro.com
Have a great day!

Community Stats

Group Community Member
Active Posts 4,855 (2.23 per day)
Most Active In Templates and Images (3024 posts)
Profile Views 30,730
Age Age Unknown
Birthday December 29
Real Name
Bill Kellum
Gender
Male
Location
Chicago

Contact Information

Website URL http://www.soundsgoodpro.com
MSN bkellum

31 Excellent

Friends

Latest Visitors

14steve14
08 Nov 2011, 17:33
daone
23 Oct 2011, 20:30
EvieBPat
08 Oct 2011, 05:14
kurt1
15 Sep 2011, 18:00
MarkA.Stevens
26 Aug 2011, 17:58

Posts I've Made

In Topic: Oscommerce Security - Osc_Sec.php

30 April 2011, 15:22

lisapeden, on 30 April 2011, 09:34, said:

Hi Taipo & Bill,

I tried changing $arbitrarysession_block to zero. I also checked and re-checked the application_top.php files I modified--but I couldln't find any discrepancies. My store is running on OsC 2.2-MS2 and I have a security certificate. When I go to lisasstitchingpost.com/admin, I am still on http. When I try to log in using https://etc., the URL changes back to http://etc. Is it possible I'm receiving that warning message because I'm not using a secure connection?

I also should've mentioned my browser is IE9. Could that be causing this issue?

Thank you again,
Lisa

Lisa,

This doesn't have anything to do with osc_sec but it still needs to be done: Change the name of your admin folder to something other than admin!! Most of the osCommerce exploits are looking for the admin folder. Keep in mind, that once you rename the admin folder, you will also need to change the admin references in both of the configure.php files.

Regarding the header not sent error message, look for any white space that occures after the very last ?> in any of the php files that you may have altered.

In Topic: Oscommerce Security - Osc_Sec.php

29 April 2011, 13:39

lisapeden, on 29 April 2011, 12:36, said:

Also, is it possible there are still malicious files in my directories?

Sincerely,

Lisa

Yes, it is possible. Unless you check all of your files and database, you won't know for sure.

In Topic: Oscommerce Security - Osc_Sec.php

29 April 2011, 13:37

lisapeden, on 28 April 2011, 13:47, said:

Hello Taipo,

I just installed Osc_Sec.php. Now, when I log in to my admin, I receive a page with the following on it: "Warning: Cannot modify header information - headers already sent by (output started at /home/lisassti/public_html/admin/includes/application_top.php:469) in /home/lisassti/public_html/admin/includes/functions/general.php on line 156"

After I click on the left arrow (back) button, I am taken back to the log-in page. If I click on, "Administration," I am then taken to the page where I'm able to "choose an action" and proceed with working on my store.

My question for you is this: Did I install your add-on incorrectly?

My store is also using STS (Simple Template System)--if that helps.

I've been so stressed out by malicious files constantly being added to my images folder; I was going to dissolve my business--until I found your posts and contribution this morning. Thank you very, very much for sharing this with the rest of us.

Kindest Regards,

Lisa

Lisa,

This is most likely due to an installation issue. Check each of the files that you modified to be sure you did not add an extra "space" at the beginning or end of the file.

In Topic: STS is working for v2.3.x ?

22 March 2011, 23:58

kuolung1, on 21 March 2011, 07:52, said:

How do I do , let the STS 4.6_1 can work on Oscommerce 2.3.x

It can be done but you need to remove the current template system that was introduced in Osc v.2.3. It really isn't that serious of a modification if you follow the upgrade path from Osc v.2.2 to Osc v.2.3 (leaving out the changes that apply to the template system of course).

I would love to submit my (incomplete) work for STSv5 that would be compatible with Osc v.2.3.1 but now that Osc v3 will be available, it really isn't worth it at this time. I'll wait to see how everything works with Osc v.3 first and then go from there.

Here is the link with details on how to make STSv4.6 compatible with Osc v2.3

In Topic: STSv4.6_1 and OsCommerce 2.3.1

22 March 2011, 23:54

SLiCK_303, on 22 March 2011, 22:05, said:

how many times does this need to be covered? STS and 2.3.1 are NOT compatible without SERIOUS modification to 2.3.1, as the newer version uses an incompatible theme system

Thanks Mark.

It can be done but you need to remove the current template system that was introduced in Osc v.2.3. It really isn't that serious of a modification if you follow the upgrade path from Osc v.2.2 to Osc v.2.3 (leaving out the changes that apply to the template system of course).

I would love to submit my (incomplete) work for STSv5 that would be compatible with Osc v.2.3.1 but now that Osc v3 will be available, it really isn't worth it at this time. I'll wait to see how everything works with Osc v.3 first and then go from there.