0ethos0

Members
  • Content count

    9
  • Joined

  • Last visited

Community Reputation

0 Neutral

About 0ethos0

Profile Information

  • Real Name
    Derek-Paul
  • Gender
    Male
  • Location
    Grand Rapids, MI USA

Contact Methods

  • Website
  • Skype
    Derek-Paul_eth0s
  1. Willing to pay someone by paypal for this fix.
  2. Installed this mod and it works fine, had to remove the left and right column reference but all the images for the manufactures images are HUGE. I searched and searched and found an old reference to editing manufacturers_info.php but that did not work. does anyone know how to edit this so the thumbs would be a same width?
  3. Makes sense about 755 but for some reason it throws an error saying that header_tags.php needs to be writeable at 777. So I am to gather that is okay until I need to make changes, then change it back to 755? Thanks Jack
  4. It appears the Header Tags files are being flagged from our server because they use the base64_decode function, a function which is used VERY often by exploit scripts to hide what the file is doing. Since your instructions ask for 777 permissions on files, this makes apache vulnerable. From our data center regarding this contribution: When you execute PHP code, it runs as a user, just like every other program in Linux. Because you are running your PHP as DSO, it runs as a part of Apache, and runs as the same user. Giving your files 777 permissions gives everyone the ability to read, write, and execute the file. In particular for your situation, this gives Apache and PHP both the ability to read and write. PHP generally is not an issue - the code had to be on your server to execute, so people from the outside cannot just upload PHP code through anything in PHP unless something is written to allow this. Apache is an issue, anyone can try to put a file on your server by using a http command to send it to the server, and if Apache has write permissions to that directory, Apache will save it on the server. If the file was a PHP file, and then someone visits the location of that file, they are now running code on your server and can do quite a bit. 777 permissions are bad. If the author mentions that this plugin needs them, I would recommend finding another plugin. While this plugin may not be malicious, it opens dangerous doors. Any suggestions?
  5. Can we upload a fixed zip file http://addons.oscommerce.com/info/7820/v,23 or at least unlock it so others can...
  6. Corrected this and uploaded it to contribution adds on section. Still trying to figure out the ajax part of it Derek-Paul
  7. Anyone? I tried to fix the path but cannot get it to stop giving these errors
  8. Here's from the server error log for domain: PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 35, referer: http://site.com/admin/backup.php?selected_box=tools PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 58, referer: http://site.com/admin/backup.php?selected_box=tools PHP Fatal error: Call to undefined function get_http_headers() in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 367, referer: http://site.com/admin/backup.php?selected_box=tools PHP Warning: Call-time pass-by-reference has been deprecated - argument passed by value; If you would like to pass it by reference, modify the declaration of xml_set_object(). If you would like to enable call-time pass-by-reference, you can set allow_call_time_pass_reference to true in your INI file. However, future versions may not support this any longer. in /var/www/vhosts/site.com/httpdocs/admin/includes/classes/rdf_class.php on line 343, referer: http://site.com/admin/contrib_tracker.php Using PHP Version 5.1.6
  9. Strange... everything seems to work but the original post from the sql does not show up in contrib tracker. My store is not in catalog directory its in root, would that make a diff? I have tried everything, seems that it give success mesasge, but won't send email when uncommented and won't actually update anything. Tried changing fs as suggested, but that did not work. - curl installed and working. - using latest ver of osc.