Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

0ethos0

Pioneers
  • Posts

    9
  • Joined

  • Last visited

Posts posted by 0ethos0

  1. Installed this mod and it works fine, had to remove the left and right column reference but all the images for the manufactures images are HUGE. I searched and searched and found an old reference to editing manufacturers_info.php but that did not work.

     

    does anyone know how to edit this so the thumbs would be a same width?

  2. It appears the Header Tags files are being flagged from our server because they use the base64_decode function, a function which is used VERY often by exploit scripts to hide what the file is doing. Since your instructions ask for 777 permissions on files, this makes apache vulnerable.

     

    From our data center regarding this contribution:

     

    When you execute PHP code, it runs as a user, just like every other program in

    Linux. Because you are running your PHP as DSO, it runs as a part of Apache,

    and runs as the same user.

     

    Giving your files 777 permissions gives everyone the ability to read, write,

    and execute the file. In particular for your situation, this gives Apache and

    PHP both the ability to read and write.

     

    PHP generally is not an issue - the code had to be on your server to execute,

    so people from the outside cannot just upload PHP code through anything in PHP

    unless something is written to allow this. Apache is an issue, anyone can try

    to put a file on your server by using a http command to send it to the server,

    and if Apache has write permissions to that directory, Apache will save it on

    the server. If the file was a PHP file, and then someone visits the location

    of that file, they are now running code on your server and can do quite a bit.

     

    777 permissions are bad. If the author mentions that this plugin needs them, I

    would recommend finding another plugin. While this plugin may not be

    malicious, it opens dangerous doors.

     

    Any suggestions?

  3. Someone pointed out to me that there is a mistake in the install instructions for 2.3. It should read:

    FIND:

     

    array(

    'code' => FILENAME_BACKUP,

    'title' => BOX_TOOLS_BACKUP,

    'link' => tep_href_link(FILENAME_BACKUP)

    ),

     

    ADD BENEATH:

     

    array(

    'code' => FILENAME_DATABASE_OPTIMIZER,

    'title' => BOX_TOOLS_DATABASE_OPTIMIZER,

    'link' => tep_href_link(FILENAME_DATABASE_OPTIMIZER)

    ),

     

     

     

     

    Can we upload a fixed zip file http://addons.oscommerce.com/info/7820/v,23

     

    or at least unlock it so others can...

  4. This mod for 2.3 is GREAT, thanks!!

     

    One question, when you edit an order, the left column of the sheet loses all "style" and ajax doesn't work by default for updates so no changes are saved. Any idea how to get those to work?

     

     

    Corrected this and uploaded it to contribution adds on section. Still trying to figure out the ajax part of it

     

     

    Derek-Paul

  5. Here's from the server error log for domain:

     

    PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 35, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 58, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Fatal error: Call to undefined function get_http_headers() in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 367, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Warning: Call-time pass-by-reference has been deprecated - argument passed by value; If you would like to pass it by reference, modify the declaration of xml_set_object(). If you would like to enable call-time pass-by-reference, you can set allow_call_time_pass_reference to true in your INI file. However, future versions may not support this any longer. in /var/www/vhosts/site.com/httpdocs/admin/includes/classes/rdf_class.php on line 343, referer: http://site.com/admin/contrib_tracker.php

     

    Using PHP Version 5.1.6

     

    Anyone? I tried to fix the path but cannot get it to stop giving these errors

  6. Strange... everything seems to work but the original post from the sql does not show up in contrib tracker. My store is not in catalog directory its in root, would that make a diff? I have tried everything, seems that it give success mesasge, but won't send email when uncommented and won't actually update anything. Tried changing fs as suggested, but that did not work.

     

    - curl installed and working.

    - using latest ver of osc.

     

    Here's from the server error log for domain:

     

    PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 35, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Warning: file_exists() [<a href='function.file-exists'>function.file-exists</a>]: open_basedir restriction in effect. File(/rsscache/contrib_rss.html) is not within the allowed path(s): (/var/www/vhosts/site.com/httpdocs:/tmp) in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 58, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Fatal error: Call to undefined function get_http_headers() in /var/www/vhosts/site.com/httpdocs/admin/contrib_tracker.php on line 367, referer: http://site.com/admin/backup.php?selected_box=tools

     

    PHP Warning: Call-time pass-by-reference has been deprecated - argument passed by value; If you would like to pass it by reference, modify the declaration of xml_set_object(). If you would like to enable call-time pass-by-reference, you can set allow_call_time_pass_reference to true in your INI file. However, future versions may not support this any longer. in /var/www/vhosts/site.com/httpdocs/admin/includes/classes/rdf_class.php on line 343, referer: http://site.com/admin/contrib_tracker.php

     

    Using PHP Version 5.1.6

  7. Strange... everything seems to work but the original post from the sql does not show up in contrib tracker. My store is not in catalog directory its in root, would that make a diff? I have tried everything, seems that it give success mesasge, but won't send email when uncommented and won't actually update anything. Tried changing fs as suggested, but that did not work.

     

    - curl installed and working.

    - using latest ver of osc.

×
×
  • Create New...