New 
Biancoblu
-
Posts
740 -
Joined
-
Last visited
-
Days Won
10
Posts posted by Biancoblu
-
-
Thanks so much Robert, that fixed it :)
-
Thanks for the great addon first of all.
Everything works well and as described in your instructions.
I have a question which is probably a stupid one but anyway: I was trying to call the errors folder from the browser to check that it would be blocked and was expecting a 403 Access Forbidden error, instead I got a 500 internal server error.
Is that normal?
-
-
I'm probably missing something obvious and I'm sorry for asking, but my foreign characters get cleansed in the search box, they disappear. For example "für ihn" becomes "fr ihn".
So I have disabled sec pro until I find a fix.
-
First of all thanks for making it compatible with 2.3.2, it's much appreciated. :)
I'd like to know where exactly in the new file do I add the following function to allow foreign characters?
function spro_cleanse_get_recursive( $get ) { /** * IMPORTANT - DO NOT use the below to gimp the whitelist, this should be used for valid language special characters only * * @[member='Example Member'] $lang_additions = 'åÅäÄöÖ'; * @var string - Valid language special characters to be added to the whitelist */ $lang_additions = ''; // Special language characters go here - see the example above if ( !is_array( $get ) ) { $banned_string_pattern = '@GLOBALS|_REQUEST|base64_encode|UNION|%3C|%3E@i'; // Apply the whitelist $pattern = "/[^\s{}a-z0-9_\.\-" . $lang_additions . "]/i"; $cleansed = preg_replace( $pattern, "", urldecode( $get ) ); // Remove banned words $cleansed = preg_replace( $banned_string_pattern, '', $cleansed ); // Ensure that a clever hacker hasn't gained himself a naughty double hyphen -- after our cleansing return preg_replace( '@[-]+@', '-', $cleansed ); } // Add the preg_replace to every element. return array_map( 'spro_cleanse_get_recursive', $get ); }And another question, are we also meant to apply the following to the new version?
Modifying the product url code for Security Pro
As standard osCommerce allows a link in product info which includes a URI with forward slashes. This is stripped by Security Pro so below is revised code to restore the functionality without compromising the white list or excluding redirect.php.
catalog/product_info.php
Find ..
<td class="main"><?php echo sprintf(TEXT_MORE_INFORMATION, tep_href_link(FILENAME_REDIRECT, 'action=url&goto=' . urlencode($product_info['products_url']), 'NONSSL', true, false)); ?></td>
Change to ..
<td class="main"><?php echo sprintf(TEXT_MORE_INFORMATION, tep_href_link(FILENAME_REDIRECT, 'action=url&goto=product&products_id=' . (int)$HTTP_GET_VARS['products_id'], 'NONSSL', true, false)); ?></td>
catalog/redirect.php
Find ..
case 'url': if (isset($HTTP_GET_VARS['goto']) && tep_not_null($HTTP_GET_VARS['goto'])) { $check_query = tep_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_url = '" . tep_db_input($HTTP_GET_VARS['goto']) . "' limit 1"); if (tep_db_num_rows($check_query)) { tep_redirect('http://' . $HTTP_GET_VARS['goto']); } } break;Change to ...
case 'url': if ( ( isset( $HTTP_GET_VARS['goto'] ) && ( $HTTP_GET_VARS['goto'] == 'product' ) ) && ( isset( $HTTP_GET_VARS['products_id'] ) && is_numeric( $HTTP_GET_VARS['products_id'] ) ) ) { $url_query = tep_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_id = '" . (int)$HTTP_GET_VARS['products_id'] . "'"); if (tep_db_num_rows($url_query)) { $row = tep_db_fetch_array( $url_query ); tep_db_free_result( $url_query ); if ( tep_not_null( $row['products_url'] ) ) { tep_redirect('http://' . $row['products_url']); } } } elseif (isset($HTTP_GET_VARS['goto']) && tep_not_null($HTTP_GET_VARS['goto'])) { $check_query = tep_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_url = '" . tep_db_input($HTTP_GET_VARS['goto']) . "' limit 1"); if (tep_db_num_rows($check_query)) { tep_redirect('http://' . $HTTP_GET_VARS['goto']); } } break;Excuse the lack of formatting and indentation but the forum currently breaks it.
-
"Implying" means "suggesting, indicating by a hint", so what ICO are saying is confusing, in fact first they say that "implied consent" is sufficient and then they state "You should not rely on the fact that users might have read a privacy policy that is perhaps hard to find or difficult to understand."
If "implied consent" is sufficient, it means that by visiting a site people know that the setting of cookies is a logical consequence. If you need to have an opt out and a warning regarding the setting of cookies, that is not implied anymore.
I would have a clear and unequivocal section about cookies in the privacy page, as for having a text on top of all pages, I guess that's the best way to protect yourself, but it does detract from the general look and feel of a site.
How about getting the opinion of an internet lawyer?
-
Thanks Gary :)
-
If I understand this correctly, this law applies to EU registered companies/businesses, whilst server location where the site is hosted is irrelevant?
My business is registered outside of the EU, but my site is hosted on a UK server, to my understanding this law doesn't apply to me. Please correct me if I'm wrong?
-
Thanks very much :)
-
Jack
is this addon OK to use on 2.3.1?
-
Keep in mind the point of having this discussion up under this section is for the development of this script, which means it will have bugs in it since it has not been tested in the wild nor have we had any of the htaccess people come in here and pull it apart, which I hope will happen sooner than later.
I have had a bit of a play with it yesterday and found a number of issues and will be pasting an update in a day or so. But that gives you some idea about why it is not ready for production use yet.
I see your point, I will first try it on my test server and see what happens. Anyway I think you're doing a terrific job so thanks for coming up with this .hataccess. :)
-
Hi Taipo
thanks for this addon.
I have a couple of questions, when you say "If any 500 internal errors occur, try commenting out parts of the code.", which parts exactly? how do you determine which parts would cause the 500 errors?
Also, regarding the rewritecond, my rewrite engine is already ON due to the url rewrite addon, so do I add your rewritecond codes AFTER my other rewritecond codes? I ask because I have read somewhere that you can't put this code twice in .htaccess. So I'm guessing I can't just paste the whole of your .htaccess to the bottom of mine. Hope I make sense.
RewriteEngine On RewriteBase /
-
Haha, of course, I'm the bad ungrateful dummy that quarrels with the experts, sure, a classic.
The fact that I had to explain to you the difference between a browser's cache and the google cached pages says it all on your knowledge.
Lastly, please stop copying what is being said on other threads, will you. For your information, I have always seen, and still see, a broken cached page both on FF and IE, here today in Switzerland.
-
Sighs
thank you for explaining!
-
Rude and unprofessional? don't be ridiculous!
You asked me to look into a "possible" flaw in USU5 PRO which I happily looked into for you in keeping with this support thread and found no problem with USU5 PRO at all.
I therefore stated ..
If you or anyone else identifies an issue with USU5 I will look into it. If there is an issue I will solve it as I want the contribution to be as solid as possible for the users, if not a USU5 issue that's where support here ends.
I started posting about this problem on 20th April, eventually you told me
Yes it is the use of base href so this is a valid point.The language needs to be removed from the base href as Google is taking it as a true path.
Base href was always a daft idea .. relative paths are all that's needed.
today you came back saying that I had confused you, that my configuration files must surely be wrong even if you never saw them, and when I begged you to look at my cached page, you jumped on your high horse accusing me of posting personal issues.
Anyone reading this thread will see that I have never been ridiculous, confusing, or even personal.
I have posted about a problem which you first acknowledged then refuted.
I would have liked to have your opinion on my cached page, but for some odd reason you kept refusing to comment on it, that is fine, it's your right not to reply.
I will make sure not to bother you again.
-
Isabella
This is a support topic for USU5 PRO.
You thought USU5 PRO may have a problem but it doesn't.
Please don't fill this thread with personal issues as it will make it hard for others to find support.
Personal issues? are you for real Robert???
how can you accuse me of posting personal issues on your thread when all I asked was for you to look at my cached page because it *may* have something to do with the way your addon treats languages?
btw this is not my saying, it's my developer's opinion!
Your way of blatantly refusing to even comment on the link I posted is unprofessional and your way of addressing me is frankly rude when I have always been nothing but courteous to you!
-
can you do me a favour and look at the link of my cached page please? does it render correctly to you? to me, it doesn't.
in the source code google writes
which is wrong.<base href="http://www.site.com/index.php/fr"> -
Base href has nothing to do with it. above is the post that confused me.
If base href in osCommerce is made up of: -
HTTP_SERVER . DIR_WS_CATALOG
Then it is IMPOSSIBLE that base href produces your scenario of h t t p://w w w.mysite.com/index.php/fr
Unless . .your configuration files are entirely wrong .. it is not an issue of USU5 in any case which is what this support topic covers. The gaps/whitespace could be the use of an incapable editor .. dreamweaver perhaps.
The gaps/whitespaces were a TYPO from my part, apologies. My configuration files are correct. My base href is http://www.site.com/ which is correct.
I've been trying to tell you Robert, if you could please listen to me, that I really believe this issue is created by USU5Pro because your addon creates directories for languages, when google caches my page it takes the actual foreign language page's url for the TRUE path, it takes http://www.site.com/index.php/fr for TRUE path, it ignores the base href code, so it looks for css, images, etc in the /fr directory, obviously it can't find them there, so it gives a broken page.
Please look at my cached page for the french language, I see it all broken, what do you see?
-
Just hardcode it, it has no need to be dynamic ( no need to be there at all actually ).
like <base href="http://www.mysite.com/might be a directory here/">
Needs to end in a trailing forward slash.
I'm not clear on this at all....the only place I can find the base href code is in includes/template_top.php where it states:
<base href="<?php echo (($request_type == 'SSL') ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>" />
how do I remove the language from base href in that line?
The problem is my live site does have the right base href, here's the source:
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="fr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>site title</title> <meta name="description" content="site decription."> <meta name="keywords" content="keywords"> <link rel="canonical" href="http://www.mysite.com/index.php/fr"> <base href="http://www.mysite.com/" />
BUT ONLY the google cached pages pick up a different source, like here:
<base href="http://www.mysite.com/index.php/fr"><div style="margin:-1px -1px 0;padding:0;border:1px solid #999;background:#fff"><div style="margin:12px;padding:8px;border:1px solid #999;background:#ddd;font:13px arial,sans-serif;color:#000;font-weight:normal;text-align:left">This is Google's cache of <a href="http://www.mysite.com/index.php/fr" style="text-decoration:underline;color:#00c">http://www.mysite.com/index.php/fr</a></div> <div> </div></div></div><div style="position:relative"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="fr"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>site title</title> <meta name="description" content="description"> <meta name="keywords" content="keywords"> <link rel="canonical" href="http://www.mysite.com/index.php/fr"> <base href="http://www.arlisa-bijoux.com/" />
please bear with me, I'm not a coder, this is hard for me. :'(
-
The language needs to be removed from the base href as Google is taking it as a true path.
Base href was always a daft idea .. relative paths are all that's needed.
Could you explain how I would go about removing the language from the base href? I'm not sure how to proceed.
-
Hi Gary
regarding error:
[27-Apr-2011 20:37:42] PHP Warning: SQLiteDatabase::query() [<a href='sqlitedatabase.query'>sqlitedatabase.query</a>]: column cache_name is not unique in /home/XYZ/public_html/includes/modules/ultimate_seo_urls5/cache_system/sqlite.php on line 101I had the same error, Robert made available another sqlite.php file in this post which fixed it for me, perhaps you could try it:
-
I don't understand the spaces in h t tp://w w w.mysite.com and RewriteBase /. Shouldn't it be http://www.mysite.com and RewriteBase/ ?
The spaces are just a typo from my part, of course the site is accessed as http://www.mysite.com, and I confirm my rewrite base rule is correct.
I'm sorry, I don't understand. I don't know anything about google cache.
What I'm referring to is the cache link Google adds to its search results page. When a site page is indexed, Google lists its url as well as a link to its cached version (ie a previous version of the same page that Google made a copy of). With my site, Google caches it the wrong way, it only shows the text, not the images nor the css, because it determines (wrongly) that base href is http://www.mysite.com/index.php/fr when in fact its real base href is http://www.mysite.com
Indeed, changes are to be made in the database.
All those insertions are done automatically.
exactly as I said.
-
I've spent hours on this now and really haven’t achieved anything for a simple 5 minute Job, I seriously don't understand where I’ve gone wrong,
Please anyone who can help, I'm dying to get this too work!!
Cheers,
Jonathan S.
Hi Jonathan
first of all I don't have the pretention of being able to sort out your problem, as you can see I too have issues with this and obviously can't find a solution, but reading your posts I can say that yes there should be tables installed in the database, namely "SEO urls 5" into "configuration group", which would give you a link to the configuration of this addon within your shop's admin. This should have been installed automatically by uploading the package to your server and by making the changes to the required files. The parts relating to the admin are described in points 7 and 8 of the documentation.
What I would do in your place is wipe out the entire addon and start over, make sure the WHOLE uploads directory in the package has been uploaded to the server, and really go through the documentation step by step, make sure you read the explanations on .htaccess, and also, depending on your needs, check the "extras" and "additional_uploads" directories in the package.
Sorry I can't be of more help....I hope you manage to solve your issues, good luck! :thumbsup:
-
Consult the quite excellent documentation in the package!
Changing the file .htaccess is required to correct the rewrite base.
Thanks for the info, btw are you supporting this addon in place of FWRMedia now?
To get back to your point, my site is accessed as h t tp://w w w.mysite.com therefore rewrite rule is = RewriteBase / which is correct.
Furthermore, you didn't quite get what I said:
it is ONLY the Google cache that sees the page differently, ONLY the Google cache!
This is my actual french index
and this is its cached version.
ckeditor
in General Add-Ons Support
Posted
I don't know what osc version you are on, but you could try this http://www.clubosc.com/easiest-install-ever-fck-editor.html
I'm using it myself, it installs very quickly and works as it should.
Should it not work for you, try posting on that blog, it's worth it. :thumbsup: