Jump to content

jfkafka

Members
  • Content count

    161
  • Joined

  • Last visited

Everything posted by jfkafka

  1. jfkafka

    jQuery Banner Rotator

    well, it was lookin good til i tried internet explorer now get this: object doesn't support this property or method prototype.js the code executes, however, when the banner changes, the page height expands downward (doubles) basically "dribbles" whatever is underneath (the rest of the page) i reckon by putting it in the header, it isn't getting some code that appears maybe in index.php? any insight? jk
  2. jfkafka

    jQuery Banner Rotator

    follow-up: status: resolved solution: added rotator to header.php and removed conflicting mootools slideshow benefit: yours is superior having (cept for thumbnails) all mootools functionality plus click feature quite a spectacular enhancement Thanks, jk
  3. jfkafka

    jQuery Banner Rotator

    Thanks for the swift reply. I checked out the page, thanks, and understand the concept, it's that danged execution that's bedeviling me. Did get it to work on another page (very impressive!) so it seems like the place to concentrate is index.php (I was kinda bouncing in and out of modules/ and functions/ too trying to "crack the combination" or "get lucky") Well, I'll follow up when I stumble on the solution, it's definitely worth the effort, Thanks again, jk
  4. jfkafka

    jQuery Banner Rotator

    Hi kymation, Hope all is excellent with you and thanks for the snazzy mod Re Post #11 Problem completely solved with: jQuery.noConflict(); Having similar symptoms - seeing dots (well, one large black one) Not sure how to implement the cure (jQuery.noConflict();) This didn't work: <?php // Start Banner Rotator 1.2.1 20100628 Kymation 7641 ?> <script type="text/javascript" src="includes/functions/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="includes/functions/bannerRotator.js"></script> <script type="text/javascript"> jQuery.noConflict(); $(document).ready(function(){ bannerRotator('#bannerRotator', 500, 1000); }); </script> <?php // End Banner Rotator 1.2.1 20100628 Kymation 7641 ?> Tried several variations, including: (in index.php) var $j = jQuery.noConflict(); // Use jQuery via $j(...) $j(document).ready(function(){ bannerRotator('#bannerRotator', 500, 1000); }); along with renaming all the $( instances in bannerRotator.js to $j( (yes, the desperation is running thick and heavy) This caused the page to stop loading and no dot (with both the original bannerRotator.js $( and the modified $j( version) There are 3 banners in the rotator group and I put breakpoints in the function/banners.php to make sure the queries are populated, (which the black dot might be confirming?) Could you please elaborate on how to use: jQuery.noConflict(); Thanks for your insight (and mercy) jk
  5. jfkafka

    ULTIMATE Seo Urls 5 - by FWR Media

    Hi Robert, Happy Holidays. I see we've both been busy updating your esteemed contributions, thanks for all. have 3 questions (PRO_r197) re: public_html/includes/modules/ultimate_seo_urls5/database_install/ installer_class.php 1. Should that be deleted after completing installation? (I hope this question doesn't cause chortling) re: (from Upgrade from Ultimate Seo Urls 5 by FWR Media) 2) Uploads directory Upload the files and directories in the "uploads" directory to your server maintaining the directory structure of osCommerce. Please note that "catalog" refers to the root of your osCommerce install and probably won't actually exist. Important: now ensure that the following two directories are writable. Dependent on your server this may be 0755 or 0777. * catalog/includes/ultimate_seo_urls5/cache_system/cache/ * catalog/includes/ultimate_seo_urls5/cache_system/sqlite/ 2. That should be: * catalog/includes/modules/ultimate_seo_urls5/cache_system/cache/ * catalog/includes/modules/ultimate_seo_urls5/cache_system/sqlite/ Correct? Updated page_modules.php (Randy's bug) Another change was recently discussed (.htaccess) # 500 RewriteRule ^([a-z0-9-/]+).html$ product_info.php [NC,L,QSA] # Works RewriteRule ^([a-z0-9/-]+).html$ product_info.php [NC,L,QSA] Either way, received no errors (localhost, xxamp, php5.3) 3. Was that change global/generic or specific to a certain situation? Thanks for your illumination, jk
  6. jfkafka

    Kiss

    I'm immensely grateful for your considerate and thoughtful explanation. At the same time, I'm reminded of that line from an old western where one cowboy turns to the other and drawls, "You know, Clem, you're like an owl, the more light is shined on something, the less you see". (In this scene, I'm Clem) For the sake of expedience and distillation, Here is how I "see" it: Multi-Phase Objective: Allow the site to be toured, while monitoring/restricting access to sensitive areas/preventing vandalism/discouraging theft, bugging, redirection, offensive conduct, in general, behaving in any manner deemed dishonorable/unethical/low down varmints htaccess Strategy: in writable directories Install htaccess 403 Forbidden (a No Trespassing sign?) that must be fortified with two additional supplements to wit, your inclusion of additional code in the htaccess: 1. php_flag engine off 2. <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> So now, I'm drawing the conclusion that somehow, like a No Trespassing sign, 403 Forbidden alone is insufficient to deter the determined OK, maybe I shouldn't underestimate the resourcefulness of those hellbent on havoc and further buttress the writable directories by disabling the php engine: php_flag engine off as well as, making certain file extensions inaccessible/tamperproof: <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> This seems like not only do we turn the php engine off, we also "unplug" php*|s from the receptacle, so to speak Am I on the right track with this synopsis of the htaccess's additional dual purpose? Then, in a desperate googling effort to find some answers on my own, I came across this, "Note that when PHP is disabled then the end user will get the source code of the PHP script in their browser." Which strikes me as being analogous to protecting the secret of how to make a bomb by putting it on public display behind bulletproof glass (or am I just being shy) Suddenly, I realize it's disrespectful and lazy of me to keep bothering you when I should be familiarizing myself with the information you've already painstakingly provided, except for one last question, How would someone add you to their Christmas List? jk
  7. jfkafka

    Kiss

    Thank you, Robert, for that thought provoking answer, in fact, I'm struggling diligently, translating it into my native language (something called english) to say your answer was a little over my head would be akin to saying the ocean is slightly damp and yet... I sense the urgent prudence of minimizing "exposure" within writable directories as an integral part of any strategic defense, to be candid, I was under the impression that 403 Forbidden was ample to thwart any unwelcome stunts, that's where I'm stumbling, Is turning the engine off because it's possible to penetrate beyond 403 Forbidden? Sorry if this post appears to be anything but genuine admiration for your guidance. jk
  8. jfkafka

    SiteMonitor

    Unless, of course, an if then conditional could be added for those two folders only that ignored the comma, thus still providing notification of any other signs of infiltration. Or maybe I'm just being overly cautious or is that naive? jk
  9. jfkafka

    SiteMonitor

    So busy reading the response, I failed to notice the author, dunce that I am. Thanks, altoid. It is puzzling how those .ser file values are changing when creating a fresh reference file from an empty reference file, and then immediately hitting the 3rd button while on localhost. Oh wait, those PHPIDS files have commas in the file name and coincidently (in the case of one mismatch) Currently set to "0" was set to "327" the 327 happened to be the file size so those mismatches might not be because of changing values, so much as, site monitor readings being sidetracked by unexpected punctuation. And Jack mentioned those file names were invalid (comma-tose?) so maybe, just maybe, this explains the anomaly. Which in turn would certainly reduce my paranoia about ghosts in the machine. jk
  10. jfkafka

    Kiss

    in lieu of php_flag engine off The hosting rep suggested using different command/s.: "For example you can use a local .htaccess file with directives like the below ones: # disable all CGI here Options -ExecCGI AddHandler text/html .php AddHandler text/html .cgi AddHandler text/html .pl AddHandler text/html .htm AddHandler text/html .html AddHandler text/html .shtml ----- end quote ------- Hopefully that is a different route (from php_flag engine off) to the same destination. Would you put a stamp of approval on that recommendation? Thanks for your inimitable insight, jk
  11. jfkafka

    Kiss

    hmmm apparently ini_set('php_flag engine', 'off'); Is NOT a directive at all (according to the hosting rep) so it probably makes both earlier questions moot What he recommended was use different command/s.: "For example you can use a local .htaccess file with directives like the below ones: # disable all CGI here Options -ExecCGI AddHandler text/html .php AddHandler text/html .cgi AddHandler text/html .pl AddHandler text/html .htm AddHandler text/html .html AddHandler text/html .shtml ----- end quote ------- Hopefully this is a different route (from php_flag engine off) to the same destination. Thanks for bearing with me during this period of uncertainty, jk
  12. jfkafka

    SiteMonitor

    Wow, you are just too incredible! One last question How do I add you to my Christmas List? jk
  13. jfkafka

    Kiss

    Thank you for pointing this out. I re-contacted them and they suggested putting a php.ini file into each writable directory. So I put a php.ini: ini_set('php_flag engine', 'off'); into the cache directory Browsed to it and got the 403 Forbidden (which I also got without the php.ini) just not certain: 1. ini_set('php_flag engine', 'off'); Is the correct directive? 2. Does it need to be turned back ON elsewhere? Thanks for your expert assistance, jk
  14. jfkafka

    SiteMonitor

    Appreciate your blazing fast response. well, that may explain the mismatches. Also noticed that ser file had all the boxes checked for permissions and trying to set it to 644 was futile (at least it was from ftp). Any advice regarding ser files and permissions? Thanks, jk
  15. jfkafka

    SiteMonitor

    Thanks for your response. Using localhost, unable to send emails at present, so used 3rd button for display. It seems there's something about those phpids/files that may explain the reset messages. I'm just unclear why on a fresh reference file there would be anything to compare ie. Currently set to "0" was set to "327". I'm presuming this indicates the reference file is otherwise working properly for the other 6000+ files. Ran the 3rd button again: Sitemonitor ran on December 19, 2010, 9:22 am Total mismatches found were 18 Total files being monitored is 6762 Email sent to shop owner. Checked the first flagged file: Difference found: New-> includes/phpids/lib/IDS/tmp/CSS/4.1.1 Original-> 801ad73acbcf9d3127e1d01768d26453 Navigated to the file (includes/phpids/lib/IDS/tmp/CSS/4.1.1) Name of file: 4.1.1,801ad73acbcf9d3127e1d01768d26453,1.ser Is that comma between 4.1.1 and 8 causing this file to be listed? If so, what is the remedy? Thanks for your invaluable input, jk
  16. jfkafka

    SiteMonitor

    Hi Jack, v2.7 Hope all is excellent with you. When using the 3rd Update button (Manually Execute Sitemonitor) getting numerous (36) messages like: (all in the phpids folder, btw) permissions Mismatch on includes/phpids/lib/IDS/tmp/URI/4.1.1 Currently set to "0" was set to "327" permissions Mismatch on includes/phpids/lib/IDS/vendors/htmlpurifier/HTMLPurifier/DefinitionCache/Serializer/CSS/4.1.0 Currently set to "0" was set to "22628" not sure how to decipher Currently set to "0" was set to "327" (or the variations) since I deleted the contents of the reference file and created a new one with the top button prior to clicking the 3rd button so what is being compared 1. What is causing it to be set to 0? 2. Should it be reset to the original value? 3. Is this a sign of some skullduggery? Thanks for helping me better understand, jk
  17. jfkafka

    Kiss

    Hi Robert. Thanks for your reply. After googling and trying different modifications, what did elicit a 403 response was commenting out # php_flag engine off <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> Also contacted the hosting help desk who replied: Thank you for contacting our Support Team. Please delete the following code from the .htaccess file: php_flag engine off After that save the file and the issue should be resolved. -------- end ------------- 1. What functionality is sacrificed when php_flag engine off is not executed? 2. If php_flag engine had been set to off, does it need to later be set to on? Thanks for all your invaluable input. jk
  18. jfkafka

    Kiss

    Hi Robert, RE: KISS_FileSafe_version_1.0_r12 7564 I added the .htaccess file to cache directory as recommended then browsed to it and received this: 500 - Internal Server Error This is a temporary server error. Please try to reload the webpage later. If you are the webmaster of this site please log in to Cpanel and check the Error Logs. You will find the exact reason for this error there. Common reasons for this error are: * Incorrect file/directory permissions: Above 755. In order files to be processed by the webserver, their permissions have to be equal or below 755. You can update file permissions with a FTP client or through cPanel's File Manager. * Incorrect Apache directives inside .htaccess file. Make sure you have not specified unsupported directives inside the local .htaccess file. Such include PHP settings and Apache module settings. ------------ end ----------------- Is this the correct behavior for the .htaccess code: php_flag engine off <Files ~ "\.(php*|s?p?html|cgi|pl|ini)$"> deny from all </Files> You really make installation a breeze by the way, Thanks for your support, jk
  19. Hi, Thanks for your rapid response. Have rechecked Step B. All is in accordance with instructions. Make sure your 'banned_ip' db table has the fields 'reason' and 'ip_status'. Affirmative and is being written to with your original code, as well as, my slightly altered version. I then put your original banned_ip.php back in admin Tried to insert new IP Result: (same as before) Notice: Undefined variable: ipInfo in public_html\RENAMED ADMIN FOLDER\banned_ip.php on line 153 Notice: Trying to get property of non-object in public_html\RENAMED ADMIN FOLDER\banned_ip.php on line 153 IP Address Date & Time Reason 555.555.555.555 2010-12-16 07:15:36 testing insert Next tried to Update IP Result: same as before - white page (not finishing the page refresh) Notice: Undefined variable: ip_status in public_html/RENAMED ADMIN FOLDER/banned_ip.php on line 51 Warning: Cannot modify header information - headers already sent by (output started at public_html/RENAMED ADMIN FOLDER/banned_ip.php:51) in public_html/RENAMED ADMIN FOLDER/includes/functions/general.php on line 265 I had to hit browser Back arrow to get back to admin page (banned_ip.php?ipID=12&action=edit) Result: update was saved but generated error caused the above Notice & Warning on white page IP Address Date & Time Reason 555.555.555.555 2010-12-16 07:15:36 testing update Conclusion: With error_reporting(E_ALL); ini_set('display_errors', '1'); Insert and Edit/Update DO WORK (save info) but cause Error Notices: Undefined variable: ipInfo ($ipInfo->reason) [for Insert] Undefined variable: ip_status [for Update] Please forgive me for being so obtuse, but Are you saying when PHPIDS_for_osCommerce_1_6 is correctly installed/configured: a. These error/notices should not be invoked With error_reporting(E_ALL); ini_set('display_errors', '1'); b. It's ok to ignore Error/Notice because the data is being saved, turn off error reporting, ini_set('display_errors', '0') c. These variables are supposed to be initialized, my copy of banned_ip.php (original download of PHPIDS_for_osCommerce_1_6) may be defective d. None of the above Thank you for helping me understand, jk
  20. Hi Celextel, During testing, had 2 "situations" 1. Trying to Insert a new IP (in admin/PHPIDS) and getting this: Notice: Undefined variable: ipInfo in public_html\RENAMED ADMIN FOLDER\banned_ip.php on line 153 Notice: Trying to get property of non-object in public_html\RENAMED ADMIN FOLDER\banned_ip.php on line 153 The code referenced was: $contents[] = array('text' => '<br />' . TABLE_HEADING_REASON . '<br />' . tep_draw_textarea_field('reason', 'soft', '40', '6', $ipInfo->reason)); CHANGED TO: (replaced $ipInfo->reason with '' because there IS no reason yet - it's a new insert) $contents[] = array('text' => '<br />' . TABLE_HEADING_REASON . '<br />' . tep_draw_textarea_field('reason', 'soft', '40', '6', '')); Result: No more error/Notice for Insert new IP 2. Trying to Edit/Update existing IP (in admin/PHPIDS) and getting this: Notice: Undefined variable: ip_status in public_html\RENAMED ADMIN FOLDER\banned_ip.php on line 53 The code referenced was: if (tep_not_null($ip_status)) { CHANGED: commented out /* if (tep_not_null($ip_status)) { tep_db_query("update " . TABLE_BANNED_IP . " set ip_status = '0' where id = '" . (int)$_GET['ipID'] . "'"); } */ Reasoning for commenting out: The IP status can be toggled (not really part of the Update process in the right side box) Result: No more error/Notice for Update IP Having learned the hard way not to ASSume Is there a reason for NOT changing the code that I'm unaware of? jk
  21. jfkafka

    ULTIMATE Seo Urls 5 - by FWR Media

    At least I got the Author right! Thanks for pointing me in the right direction. jk
  22. jfkafka

    ULTIMATE Seo Urls 5 - by FWR Media

    Hi FWR, Hope all is excellent with you. This contribution is world class, appreciate your generosity in sharing it. I believe someone else was having a problem with the @ sign being removed from the email address (in my case it happens when unsubscribing to newletters) Tried using the upper right search (@ sign missing from email) but was unsuccessful Can you recommend a method to search through this thread to find this particular topic? Thanks for your support, jk
  23. Hi again, RE: Grant write access [chmod 777] to the "tmp" folder [phpids/lib/IDS/tmp] and also to phpids_log.txt log file which is inside the "tmp" folder. My hosting has the "tmp" folder set to 755 and the phpids_log.txt log file set to 644. It seems to be working fine with these settings. (writes to log file) 1. Should they be changed to 777? Also regarding exclusions: REQUEST.__utmz, COOKIE.__utmz 2. What are these for? Thanks, jk
  24. Found the problem It was the nut behind the wheel! Thanks for your patience and support, Celextel jk
×