Latest News: (loading..)


Community Team
  • Content count

  • Joined

  • Last visited

  • Days Won


Gergely last won the day on May 26

Gergely had the most liked content!

About Gergely

  • Rank
    Json Juggler
  • Birthday 09/18/1970

Profile Information

  • Real Name
    Gergely Tóth
  • Gender
  • Location
  • Interests
    photo, programming
  • Website

Recent Profile Visitors

78,787 profile views
  1. @Moxamint Look after in admin orders status menu. There are the status list with status id numbers. Have you solved the two email problem?
  2. @Moxamint Comments fix: includes/modules/payment/paypal_standard.php Find: tep_db_perform(TABLE_ORDERS_TOTAL, $sql_data_array); } after insert: //comment fix? $sql_data_array = array('orders_id' => $insert_id, 'orders_status_id' => $order->info['order_status'], 'date_added' => 'now()', 'customer_notified' => 0, // is it from session? $customer_notification = 1; 'comments' => $order->info['comments']); tep_db_perform(TABLE_ORDERS_STATUS_HISTORY, $sql_data_array); // comment fix? Higher status update could be an issue with order_status number. Could you check is it registered in orders table with order_status = 0?
  3. I suppose somebody will rewrite the whole option types codebase.
  4. @arildrei the download button)
  5. @lee the bean I hope these help.
  6. @Dan Cole try to use include_once() but this not should be happen in a well configured enviroment. Are there any globals inserted? Lets see your file code here (newsletters.php and newsletter.php)
  7. Thanks.The character setting will be built in.
  8. Its time for the google to repair it. My solution: Run this sql script before update: ALTER TABLE `categories` ADD COLUMN `cpath` VARCHAR(255) NOT NULL AFTER `last_modified`;
  9. @raiwa Not exactly its attack only mysql. Probably mysql 5.6 I remember something from the past... Secure App: It could be a Hook. catalog/includes/hooks/shop/global/security_pro.php From Security Pro Start here page:
  10. @Psytanium use cannonical header tag @raiwa Ah sorry Rainer!
  11. @raiwa I am talking about \Ultimate_Seo_Urls_5_PRO_BS_208\new_files\catalog\includes\modules\ultimate_seo_urls5\ cache module files.
  12. Hi everybody, just examined php error logs and discovered that USU5 database cache system was attacked with sql injection codes. Its probably a security issue if someone use database (mysql or sqlite) cache interfaces. I dont have any imagination how could be registered into MySQL UNION script but looks like very danger. DO NOT USE database cache modules! @raiwa Could you drop database cache modules or fix it in responsive/original addons? An error example with file cache module: [21-Mar-2017 xx:xx:xx Europe/X] PHP Warning: file_put_contents(/xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/cache/2_index_manufacturers_id_23111111111111120UNION20SELECT20CHAR4512049458145CHAR4512050458145CHAR4512051458145CHAR4512052458145CHAR4512053458145CHAR4512054458145CHAR4512055458145CHAR4512056458145CHAR4512057458145CHAR451204948458145CHAR451204949458145CHAR451204950458145202020.cache) [<a href='function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: File name too long in /xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/file.php on line 82 I am afraid that injection script stored directly when database interface used.
  13. @Dan Cole Filezilla ftp setting is the same to both host?