Latest News: (loading..)


Community Team
  • Content count

  • Joined

  • Last visited

  • Days Won


Gergely last won the day on May 26

Gergely had the most liked content!

About Gergely

  • Rank
    Json Juggler
  • Birthday 09/18/1970

Profile Information

  • Real Name
    Gergely Tóth
  • Gender
  • Location
  • Interests
    photo, programming
  • Website

Recent Profile Visitors

78,181 profile views
  1. Its time for the google to repair it. My solution: Run this sql script before update: ALTER TABLE `categories` ADD COLUMN `cpath` VARCHAR(255) NOT NULL AFTER `last_modified`;
  2. @raiwa Not exactly its attack only mysql. Probably mysql 5.6 I remember something from the past... Secure App: It could be a Hook. catalog/includes/hooks/shop/global/security_pro.php From Security Pro Start here page:
  3. @Psytanium use cannonical header tag @raiwa Ah sorry Rainer!
  4. @raiwa I am talking about \Ultimate_Seo_Urls_5_PRO_BS_208\new_files\catalog\includes\modules\ultimate_seo_urls5\ cache module files.
  5. Hi everybody, just examined php error logs and discovered that USU5 database cache system was attacked with sql injection codes. Its probably a security issue if someone use database (mysql or sqlite) cache interfaces. I dont have any imagination how could be registered into MySQL UNION script but looks like very danger. DO NOT USE database cache modules! @raiwa Could you drop database cache modules or fix it in responsive/original addons? An error example with file cache module: [21-Mar-2017 xx:xx:xx Europe/X] PHP Warning: file_put_contents(/xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/cache/2_index_manufacturers_id_23111111111111120UNION20SELECT20CHAR4512049458145CHAR4512050458145CHAR4512051458145CHAR4512052458145CHAR4512053458145CHAR4512054458145CHAR4512055458145CHAR4512056458145CHAR4512057458145CHAR451204948458145CHAR451204949458145CHAR451204950458145202020.cache) [<a href='function.file-put-contents'>function.file-put-contents</a>]: failed to open stream: File name too long in /xxxxx/xxxxxxx/xxxxxxxxxxx.xx/includes/modules/ultimate_seo_urls5/cache_system/file.php on line 82 I am afraid that injection script stored directly when database interface used.
  6. @Dan Cole Filezilla ftp setting is the same to both host?
  7. @Dan Cole There could be differencies between windows local and live server enviroments. Windows system is on different localization.
  8. Hi, osc 2.3.. is a very open source project where we can not suppose that everything are in a rigid path. Better solution is found in v2.4 core where exist registry. The best way to delete all non neccesary files from the core at this moment or build a static mailfiles array for preview of your own. change: $filestoadd = get_php_files(DIR_FS_DOCUMENT_ROOT, array_flip(array('general.php', 'email_previews.php'))); $mailfiles = array(); foreach ($filestoadd as $file) { if (is_email_templated_file($file)) { $mailfiles[] = $file; } } to: $mailfiles[0] = DIR_FS_DOCUMENT_ROOT . '/contact_us.php'; $mailfiles[1] = DIR_FS_DOCUMENT_ROOT . '/cron_xxx.php'; $mailfiles[2] = DIR_FS_DOCUMENT_ROOT . '/includes/modules/payment/authorizenet_cc_aim.php'; $mailfiles[3] = DIR_FS_DOCUMENT_ROOT . '/includes/modules/payment/authorizenet_cc_dpm.php'; // and so on
  9. @rpdesign Have you tried new apps page?
  10. @rudolfl maybe this help:
  11. @Denkster maybe this help:
  12. @PiLLaO This is an example of code incompatibility. If no rules no way to do something.
  13. @Harald Ponce de Leon Addons area is displayed with secret creators or most users are very modest nowadays?
  14. @PiLLaO Community BS is a ß version but works.
  15. @@Denkster, What is the session table collation?