

Milierkovic
Members-
Content count
10 -
Joined
-
Last visited
Profile Information
-
Real Name
Vincent
-
Gender
Male
-
Location
Netherlands
-
The [TiM's] Safer Database Input Method contribution
Milierkovic posted a topic in General Add-Ons Support
I cant figure out what the last part of this contribution means, and how to install/integrate it Link to contribution is HERE WHAT DO I NEED TO THINK OF? If you for any reason want to store HTML in the database, make sure you manipulate the tep_db_input() command with the third optional parameter like the following. This... $example_query = tep_db_query("update myTable set column='". tep_db_input($var) ."' where this='that' limit 1;"); Becomes... $example_query = tep_db_query("update myTable set column='". tep_db_input($var, 'db_link', true) ."' where this='that' limit 1;"); Does this mean that when i use HTML in the product descriptions that i can use this code to prevent it from XSS attacks? And how and where should i put this code (also in database.php ?), or what do i need to modify to make it work on my shop? -
Dear members, I have a question regarding the contribution named Backup of all store files in zip format / Backup em formato zip de todos os arquivos de sua loja Which can be found here: http://addons.oscommerce.com/info/6986 I want to install this contribution, but it is unclear to me. It does not say anything about what to do with the index.php that is included in this package. Should i add the code in this file to my index.php in my /catalog/ directory or in the /catalog/admin/ directory, or do i have to replace this file with my original one? (which seems very unlikely) And if i have to add the code to my index.php file do i have to add it in the end before the final ?> It also states: open admin/includes/boxes/tools.php find : $contents[] = array('text' => '<a href="' . tep_href_link(FILENAME_BACKUP) . '" class="menuBoxContentLink">' . BOX_TOOLS_BACKUP . '</a><br>' . Add: '<a href="../fullbackup" class="menuBoxContentLink" target="_blank">Backup all Files</a><br>' . Where do i add it? immediately after this line (a new line) or make it one line? I am sorry i am not very good in php, and i am trying to do my best to understand this. I did a search on the forum but could not find an answer. Thanks
-
[Contribution] Database Manager
Milierkovic replied to Jan Zonjee's topic in General Add-Ons Support
Thanks for your quick answers, I asked this question just to be sure, but now i see it cant do any damage, it works good, i tested it. better safe then sorry :) -
[Contribution] Database Manager
Milierkovic replied to Jan Zonjee's topic in General Add-Ons Support
Hello Jan Zonjee, First of all thanks for your contribution. I have a question, i am following the "How to secure your site" thread: http://forums.oscommerce.com/topic/313323-how-to-secure-your-site/ It states here and i quote "I recommend you use AutoBackup Database in Admin AND Database backup manager also Backup of all store files in zip format. " Now i happen to have installed Auto Backup Install V3.0 and in this contribution i had to edit "admin/includes/languages/english/backup.php" 5. In /admin/includes/languages/english/backup.php find: define('ERROR_BACKUP_DIRECTORY_DOES_NOT_EXIST', 'Error: Backup directory does not exist. Please set this in configure.php.'); replace with: define('ERROR_BACKUP_DIRECTORY_DOES_NOT_EXIST','Error, Backup Directory Does Not Exist, please create it or run "auto_backup_setup.php"'); Now in your contribution i have to upload a new admin/includes/languages/english/backup.php file, but this does not have the change in it anymore for the Auto Backup Install V3.0 to work. Is it safe just to change this line again after i uploaded your admin/includes/languages/english/backup.php file? Or can this cause mailfunctioning? Thanks