Jump to content

bhbilbao

Members
  • Content count

    308
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by bhbilbao


  1. Installed and working. From +-8 seconds to +-5 seconds.

     

    But i have a question. Is this compatible with SPPC (Hide products to some class of customers)????

    Ref:

    To enable the categories cache

    Open includes/functions/general.php

     

    Add on top

    require('cache/cachefile.inc.php');

     

    Find function tep_count_products_in_category($category_id, $include_inactive = false) {

    Replace above function with this:

     

    function tep_count_products_in_category($category_id, $include_inactive = false) {

    $products_count = 0;

     

    $catcounter = constant('CATCOUNT_' . strtoupper($category_id));

     

    $products_count = $catcounter;

     

    return $products_count;

    }

     

    my code:

    // Return the number of products in a category
    // TABLES: products, products_to_categories, categories
     function tep_count_products_in_category($category_id, $include_inactive = false) {
    
     // Unless Customer logged in show products
     // BOF Separate Pricing Per Customer, hide products and categories for groups
     global $sppc_customer_group_id;
     if(!tep_session_is_registered('sppc_customer_group_id')) {
     $customer_group_id = '0';
     } else {
      $customer_group_id = $sppc_customer_group_id;
     }
    $products_count = 0;
    if ($include_inactive == true) {
      $products_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c left join " . TABLE_CATEGORIES . " c using(categories_id) where p.products_id = p2c.products_id and p2c.categories_id = '" . (int)$category_id . "' and find_in_set('".$customer_group_id."', products_hide_from_groups) = 0 and find_in_set('" . $customer_group_id . "', categories_hide_from_groups) = 0");
    } else {
      $products_query = tep_db_query("select count(*) as total from " . TABLE_PRODUCTS . " p, " . TABLE_PRODUCTS_TO_CATEGORIES . " p2c left join " . TABLE_CATEGORIES . " c using(categories_id) where p.products_id = p2c.products_id and p.products_status = '1' and p2c.categories_id = '" . (int)$category_id . "' and find_in_set('".$customer_group_id."', products_hide_from_groups) = 0 and find_in_set('" . $customer_group_id . "', categories_hide_from_groups) = 0");
    }  
    	$products = tep_db_fetch_array($products_query);
    $products_count += $products['total'];
    // no need to find child categories that are hidden from this customer or have a higher level category that is hidden
    $child_categories_query = tep_db_query("select categories_id from " . TABLE_CATEGORIES . " where parent_id = '" . (int)$category_id . "' and find_in_set('" . $customer_group_id . "', categories_hide_from_groups) = 0");
    // EOF Separate Pricing Per Customer, hide products and categories for groups
    if (tep_db_num_rows($child_categories_query)) {
      while ($child_categories = tep_db_fetch_array($child_categories_query)) {
    	$products_count += tep_count_products_in_category($child_categories['categories_id'], $include_inactive);
      }
    }
    
    return $products_count;
     }

     

    I dont know if i must simply replace all that code... but loosing the ability to hide products to customers.

     

    I see the same code on top of admin/includes/configuration_cache.php

    Could I past the sppc code there???

     

    In other case the instructions says:

    8. Navigate to Admin ~ Configuration ~ My Store, click the edit button, and click the update button.

    Where is that button. All I see is the Store Name xxxx on top and edit on the right. Is that??


  2. I have a new issue when sending emails.

    The "reply to" recipient is wrong. To my customers showed like spam from extrange or new recipient.

    It displays:

    from Administrator [ myweb @ s15400000.onlinehome-server.info ]

     

    and should be:

    from Administrator [ info @ myweb.com ]

     

    The web is allocated in a 1&1 domain server.

     

     

    anybody??

     

    
    $messageId = "Message-Id: <" . time() . "@" . $_SERVER['SERVER_NAME'] . ">";
    
    // define('SERVERNAME', 'myweb.com');	
    // $messageId = "Message-Id: <" . time() . "@" . SERVER_NAME . ">";
    // $messageId = "Message-Id: <" . time() . "@myweb.com>";
    // $messageId = ' . STORE_OWNER_EMAIL_ADDRESS . ';	
    
    
    
    
     $mimemessage = new email(array('X-Mailer: osCommerce bulk mailer', $messageId));
     //  $mimemessage = new email(array('X-Mailer: osCommerce'));
    
      //   $mimemessage->add_text($this->content);
      //  $text = $this->text_content();
    
      $mimemessage->add_html($this->html_content(), $this->text_content(), HTTP_CATALOG_SERVER . DIR_WS_CATALOG_IMAGES);
    
      $mimemessage->build_message();
    
      while ($mail = tep_db_fetch_array($mail_query)) {
      //STORE_OWNER	
      //STORE_OWNER_EMAIL_ADDRESS	
      //$mimemessage->send($mail['customers_firstname'] . ' ' . $mail['customers_lastname'], $mail['customers_email_address'], '', EMAIL_FROM, $this->title);
       $mimemessage->send($mail['customers_firstname'] . ' ' . $mail['customers_lastname'], $mail['customers_email_address'], STORE_OWNER_EMAIL_ADDRESS, STORE_OWNER, $this->title);

    Dont bother if it could change to no-reply @ myweb.com


  3. For the moment i get working.

    I paste the code for future releases:

    On DIR_WS_MODULES.'mail_manager/create_account.php:

    //define values for placeholder variables
    $mmwelcome = EMAIL_WELCOME;
    $mmcode = EMAIL_CODE;
    $mmtext = EMAIL_TEXT;
    $mmcontact = EMAIL_CONTACT;
    $mmwarning = EMAIL_WARNING;
    
    // contact US IP recorder
    //IP recorder start
    $ipaddress = $HTTP_SERVER_VARS["REMOTE_ADDR"];
    $ip = "\n\n IP: " . $ipaddress;
    $REMOTE_ADDR = $HTTP_SERVER_VARS["REMOTE_ADDR"];
    // $content = $HTTP_POST_VARS['enquiry'];
    // $content_ip = $content . $ip;
    // $enquiry = tep_db_prepare_input($content_ip);
    //IP recorder end
    // contact US IP recorder
    
    //define placeholders
    // CODE FROM ACTIVATE ACCOUNT CODE
    $activation_id = md5($email_address);
    $verification_href = tep_href_link(FILENAME_ACCOUNT_ACTIVATE, 'activation_id=' . $activation_id, 'SSL');
    $verification_mail = tep_href_link(FILENAME_ACCOUNT_ACTIVATE, 'activation_id=' . $activation_id . '&submit=true&activation_code=' . $activation_code, 'SSL');
    $verification_link = '<a href="' . $verification_mail . '">' . $verification_mail . '</a>' ."\n\n";
    $email_text_code .= CODIGO_DE_ACTIVACION . " <b>" . $activation_code . "\n\n" . "</b><br>" . $activation_text . $verification_link;
    
    $placeholders=array('$storeurl', '$storename','$storeemail','$customername', '$mmgreet','$mmwelcome','$email_text_code','$mmtext','$mmcontact','$mmwarning');
    $values=array(HTTP_SERVER,STORE_NAME,STORE_OWNER_EMAIL_ADDRESS,$name,$mmgreet, EMAIL_WELCOME,$email_text_code, EMAIL_TEXT,EMAIL_CONTACT,EMAIL_WARNING);
    $output_content_html=str_replace($placeholders, $values, $output_content_html);
    $output_content_txt=str_replace($placeholders, $values, $output_content_txt);
    
    //send email	  
    tep_mm_sendmail($name, $email_address, STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, $output_subject, $output_content_html, $output_content_txt, $ip);    
    
    //if mail manager status update email is 'inactive' process normally via oscommerce
    }else{                        
    
      tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, $ip);
       }
    
    ?>

     

    Then modify database template:

    add to mmresponsemail > htmlcontent

    <p style="font-family: Verdana, sans-serif; font-size: 12px; line-height: 16px; color: #666666; margin: 10px;">$mmgreet<br/>$mmwelcome</p>
    <p style="font-family: Verdana, sans-serif; font-size: 12px; line-height: 16px; color: #666666; margin: 10px;">$email_text_code</p>
    <p style="font-family: Verdana, sans-serif; font-size: 12px; line-height: 16px; color: #666666; margin: 10px;">$mmtext</p>

    add to mmresponsemail > txtcontent

    $mmgreet
    
    $mmwelcome
    
    $email_text_code
    
    $mmtext
    
    $mmcontact
    
    $mmwarning


  4. Hi,

    how to integrate mail manager with ACTIVATE ACOUNT PASSWORD addon???

     

    Selecting "Create Account" template goes right and also the email arrives to customer. But there is no code to activate the account.

     

    The activate account code of the other contribution is in /create_account.php

    But we must adapt the code in DIR_WS_MODULES.'mail_manager/create_account.php

     

    The code itself is (/create_account.php):

    $activation_id = md5($email_address);
    $verification_href = tep_href_link(FILENAME_ACCOUNT_ACTIVATE, 'activation_id=' . $activation_id, 'SSL');
    $verification_mail = tep_href_link(FILENAME_ACCOUNT_ACTIVATE, 'activation_id=' . $activation_id . '&submit=true&activation_code=' . $activation_code, 'SSL');
    $verification_link = '<a href="' . $verification_mail . '">' . $verification_mail . '</a>' ."\n\n";
    $email_text .= EMAIL_WELCOME . TEXT_ACTIVATION_CODE . " <b>" . $activation_code . "\n\n" . "</b>" . $activation_text . $verification_link . EMAIL_TEXT . EMAIL_CONTACT . EMAIL_WARNING;
    
    
    
    tep_mail($name, $email_address, EMAIL_SUBJECT, $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);

     

    On DIR_WS_MODULES.'mail_manager/create_account.php:

    //define placeholders
    $placeholders=array('$storeurl', '$storename','$storeemail','$customername', '$mmgreet','$mmwelcome','$email_text','$mmtext','$mmcontact','$mmwarning');
    $values=array(HTTP_SERVER,STORE_NAME,STORE_OWNER_EMAIL_ADDRESS,$name,$mmgreet, EMAIL_WELCOME,$email_text,EMAIL_TEXT,EMAIL_CONTACT,EMAIL_WARNING);
    $output_content_html=str_replace($placeholders, $values, $output_content_html);
    $output_content_txt=str_replace($placeholders, $values, $output_content_txt);
    
    
    
    //send email	 
    tep_mm_sendmail($name, $email_address, STORE_NAME, STORE_OWNER_EMAIL_ADDRESS, $output_subject, $output_content_html, $output_content_txt);    

     

    I tried diferent ways to integrate the $email_text , but allways arrives empty to customer.


  5. I have tried to chmod 755.

    From admin side it records the data but didn´t upload.

     

    From catalog side, a warning mensaje ERROR_FAILED_IMAGE_UPLOAD

     

    Im thinking as all people knows LinksManager to rename the folder to other diferent name making it more secure. Or use the old code of image-linking...

     

    There is also other issue to fix on incoming releases:

    admin/links.php

    l.links_category_suggest, l.links_status, l.links_reciprocal_disable from " . TABLE_LINKS . " l left join " . TABLE_LINKS_DESCRIPTION . " ld

    to:

    ld.links_category_suggest, l.links_status, l.links_reciprocal_disable from " . TABLE_LINKS . " l left join " . TABLE_LINKS_DESCRIPTION . " ld

     

    In other hand for the database links > links_partner_username

    why dont use links_id as links_partner_username. If an user uploads 20 links, he must insert 20 diferent passwords. Using the links_id on links_parter_username could be the same password ever, only changes the ID to edit.


  6. Hi again Jack,

    i have a question.

    for the image folder I must give permisions of 777 on my host.

    Could this be a problem if an user uploads a malicious archive and execute it??. Is this secure???

     

    The code itself:

    $imageDir = DIR_WS_IMAGES . 'links_manager_uploads/' . $links_image;	 //Save the uploaded the file to another location

     

    I just noticed that uploading an image, for example:

    facebook-era-shih-hr_0x200.jpg

     

    its renamed to:

    1318480776-facebook-era-shih-hr_0x200.jpg

    I think this is now right.


  7. I think the problem is the IFRAME , Of the archive support_iframe.php

     

    especially in:

    <?php echo ((strlen($thiscomments) > 0) ? nl2br($thiscomments) : '<i>' . TEXT_NO_COMMENTS_AVAILABLE . '</i>'); ?>

     

    Im thinking on remove the iframe and modify the code to echo the database info.

     

    nobody??


  8. Sorry again,

     

    now is defined and translated. But not the problem.

    http:// www .myweb .com /support_info.php?page=&ticket_id=1

     

    Under the Ticket details always says:

    "No information submitted"

     

    But in admin I submited diferent answers for the tickets. Is there a problem with the query?


  9. I have a problem with the contribution Support System

    http://addons.oscommerce.com/info/936

     

    Sorry, if this was posted before. I suggest to the osc forum administrators to add a form to search the ID of the addon. Not by name or date added. It will be more precisely and this will avoid duplicated content.

     

    In the Tickets Support System my problem is with the catalog/support_info.php

     

    The ticket details always says:

    TEXT_NO_COMMENTS_AVAILABLE

     

    The code for it:

    <td width="30%" valign="top"><iframe id="messages_show" name="messages_show" scrolling="auto" width="100%" height="300" src="support_iframe.php?ticket_id=<?php echo $ticket_id; ?>" border="0"> 
    <textarea readonly cols=100 rows=10 style="color:#ff0000"><?php echo ((strlen($ticket['ticket_comments']) > 0) ? nl2br($ticket['ticket_comments']) : '<i>' . TEXT_NO_COMMENTS_AVAILABLE . '</i>'); ?></textarea>
    </iframe></td>

     

    What could be the problem?? My host doesnt permit iframes or what??

     

    Is there a best ticket support addon based on contact_us.php page???


  10. For the moment all needed to do is to replace the whos_online.php archive and add the code for visitors_map.zip.

     

     

    Sometimes I saw a rare visitor like localhost : localdomain with IP 127.0.0.1

    I dont know if that is related with the malicious remote script code.

     

    With the version 3.5.5

    -all ID= 0

    -no basket after session changes

    -no icons, or info about the guest explorer and machine.

     

    It will be interesting to install and test the updates one by one and identify the malicious code.(The code isnt too large). Basically the new updates adds an:

      require(DIR_WS_FUNCTIONS . 'whos_online.php');
     require('includes/classes/ipinfodb.class.php');

     

    I use "Who is online ena." all times with a modified main index page with the new customers and orders.


  11. thanks,

    I will delete all files related and reinstall.

    Who's Online Enhancement 3.5.5 Full + IP Address geolocation + Visitors World Map 5 Aug 2009

    But , what about the rest of updates and fixes of versions 3.6.x and 3.7.x. Is there the malicious code???


  12. Hi again,

    I have a new issue.

    On admin/articles.php

     

    After completing the description and save the article, the catalog description records on plain text.(No html characters).

    If I write a <br> or <ul> or <li> or <b> for example , then this codes disapeared.

     

    I think the problem is here:

    echo tep_draw_hidden_field('articles_description[' . $languages[$i]['id'] . ']', htmlspecialchars(stripslashes($articles_description[$languages[$i]['id']])));

     

    Somebody??

     

    For Kevin, you can avoid to use Header Tags and use Kiss Meta tags.

    <?php include_once DIR_WS_MODULES . 'kiss_meta_tags/kiss_meta_tags.php'; ?>

     

    KissMetaTags is very very easy to install. I use it for articles manager , and for the products Header Tags.

     

    I remember to have similar problems like you, in special here:

    		  } elseif ($action == 'update_topic') {
    		tep_db_perform(TABLE_TOPICS_DESCRIPTION, $sql_data_array, 'update', "topics_id = '" . (int)$topics_id . "' and language_id = '" . (int)$languages[$i]['id'] . "'");
    	  }
    /***************** ADD AS PSEDUO PAGE FOR HEADER TAGS SEO ****************/
    //		  $psedudoPage = sprintf(FILENAME_ARTICLES . "?tPath=%d", $topics_id);
    //			require_once(DIR_WS_FUNCTIONS . 'header_tags.php');
    //			require(DIR_WS_MODULES . 'articles_pseudo.php');
    	}

     

    I dont remember exactly what the problem was , but after saving the article it gets and empty white page on catalog and i must to manually delete the last inserts on database.


  13. Finally solved:

    before:

    HOME > NEWS > AMD > NEWS> PROCESSORS > NEWS> AM3+

     

    now:

    HOME > NEWS > AMD > PROCESSORS > AM3+

     

    // add topic names or the author name to the breadcrumb trail
     if (isset($tPath_array)) {
    $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
       for ($i=0, $n=sizeof($tPath_array); $i<$n; $i++) {
      $topics_query = tep_db_query("select topics_name from " . TABLE_TOPICS_DESCRIPTION . " where topics_id = '" . (int)$tPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'");
      if (tep_db_num_rows($topics_query) > 0) {
        $topics = tep_db_fetch_array($topics_query);
    $breadcrumb->add($topics['topics_name'], tep_href_link(FILENAME_ARTICLES, 'tPath=' . implode('_', array_slice($tPath_array, 0, ($i+1)))));
      } else {
        break;


  14. sorry, that doesnt worked.

     

    The problem is here:

     

    $topics = tep_db_fetch_array($topics_query);
    $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
    $breadcrumb->add($topics['topics_name'], tep_href_link(FILENAME_ARTICLES, 'tPath=' . implode('_', array_slice($tPath_array, 0, ($i+1)))));
    } else {


  15. Sorry, fixed:

    // add topic names or the author name to the breadcrumb trail
     if (isset($tPath_array)) {
       for ($i=0, $n=sizeof($tPath_array); $i<$n; $i++) {
      $topics_query = tep_db_query("select topics_name from " . TABLE_TOPICS_DESCRIPTION . " where topics_id = '" . (int)$tPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'");
      if (tep_db_num_rows($topics_query) > 0) {
        $topics = tep_db_fetch_array($topics_query);
    // $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));                
        $breadcrumb->add($topics['topics_name'], tep_href_link(FILENAME_ARTICLES, 'tPath=' . implode('_', array_slice($tPath_array, 0, ($i+1)))));
      } else {
        break;
      }
       }
     } elseif (isset($HTTP_GET_VARS['authors_id'])) {
       $authors_query = tep_db_query("select authors_name from " . TABLE_AUTHORS . " where authors_id = '" . (int)$HTTP_GET_VARS['authors_id'] . "'");
       if (tep_db_num_rows($authors_query)) {
      $authors = tep_db_fetch_array($authors_query);
    //	 $breadcrumb->add('Articles by ' . $authors['authors_name'], tep_href_link(FILENAME_ARTICLES, 'authors_id=' . $HTTP_GET_VARS['authors_id']));
    //    $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
     $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
      $breadcrumb->add('Articles by ' . $authors['authors_name'], tep_href_link(FILENAME_ARTICLES, 'authors_id=' . $HTTP_GET_VARS['authors_id']));
       }
     }


  16. I reviewed you said.

     

    The session ID dont change

     

    first time:

    osCsid: 69k7439qn8podofsun3od92sp6

     

    after clicking url and refreshing:

    osCsid: 69k7439qn8podofsun3od92sp6

     

    I dont know if for other person this could be troubling. For the moment I will remain like that until somebody gives a solution to the redirect.php issue.

     

     

    In other hand I see now a new problem. In this case on breadcrumb:

    I see:

    HOME > NEWS > AMD > NEWS> PROCESSORS

     

    And should be:

    HOME > NEWS > AMD > PROCESSORS

     

    why? The problematic code that gets the breadcrumb is on aplication_top.php

     

    
    
    // START Articles Manager [1709]
    // include the articles functions
     require(DIR_WS_FUNCTIONS . 'articles.php');
    
    // calculate topic path
     if (isset($HTTP_GET_VARS['tPath'])) {
       $tPath = $HTTP_GET_VARS['tPath'];
     } elseif (isset($HTTP_GET_VARS['articles_id']) && !isset($HTTP_GET_VARS['authors_id'])) {
       $tPath = tep_get_article_path($HTTP_GET_VARS['articles_id']);
     } else {
       $tPath = '';
     }
    
     if (tep_not_null($tPath)) {
       $tPath_array = tep_parse_topic_path($tPath);
       $tPath = implode('_', $tPath_array);
       $current_topic_id = $tPath_array[(sizeof($tPath_array)-1)];
     } else {
       $current_topic_id = 0;
     }
    
     if (isset($_GET['articles_id'])) {
       $articlesPage = FILENAME_ARTICLE_INFO . "?articles_id=" . $_GET['articles_id'];
       $pageTags_query = tep_db_query("select page_name, page_title from " . TABLE_HEADERTAGS . " where page_name like '" . $articlesPage . "' and language_id = '" . (int)$languages_id . "' LIMIT 1");
       if (tep_db_num_rows($pageTags_query) == 1) {
      $pageTags = tep_db_fetch_array($pageTags_query);
      $breadcrumb->add('Articles', tep_href_link(FILENAME_ARTICLES));
      $breadcrumb->add($pageTags['page_title'], tep_href_link($articlesPage));
       } 
     }
    
    
    // add topic names or the author name to the breadcrumb trail
     if (isset($tPath_array)) {
       for ($i=0, $n=sizeof($tPath_array); $i<$n; $i++) {
      $topics_query = tep_db_query("select topics_name from " . TABLE_TOPICS_DESCRIPTION . " where topics_id = '" . (int)$tPath_array[$i] . "' and language_id = '" . (int)$languages_id . "'");
      if (tep_db_num_rows($topics_query) > 0) {
        $topics = tep_db_fetch_array($topics_query);
                   $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
        $breadcrumb->add($topics['topics_name'], tep_href_link(FILENAME_ARTICLES, 'tPath=' . implode('_', array_slice($tPath_array, 0, ($i+1)))));
      } else {
        break;
      }
       }
     } elseif (isset($HTTP_GET_VARS['authors_id'])) {
       $authors_query = tep_db_query("select authors_name from " . TABLE_AUTHORS . " where authors_id = '" . (int)$HTTP_GET_VARS['authors_id'] . "'");
       if (tep_db_num_rows($authors_query)) {
      $authors = tep_db_fetch_array($authors_query);
      $breadcrumb->add('Articles by ' . $authors['authors_name'], tep_href_link(FILENAME_ARTICLES, 'authors_id=' . $HTTP_GET_VARS['authors_id']));
             $breadcrumb->add(NAVBAR_TITLE_DEFAULT, tep_href_link(FILENAME_ARTICLES));
       }
     }
    
    // products in category for DynaMenu
    //   require(DIR_WS_CLASSES . 'ProductsInCategory.php');
    //   $pic = new ProductsInCategory;
    
    // articles in topic for DynaMenu multimixer 14 12 09
      require(DIR_WS_CLASSES . 'ArticlesInTopic.php');
      $picar = new ArticlesInTopic;


  17. Thanks for response. For the moment i resolved like this:

     

    adding sql field:

    articles_url_name

     

     

    includes/language/*/articles_info.php

    // define('TEXT_MORE_INFORMATION', 'For more information visit: <a href="http://%s" target="_blank">webpage</a>.');

    define('TEXT_MORE_INFORMATION', 'More information: ');

     

     

     

     

    articles_info.php

    adding to articles query: ad.articles_url_name

     

    then:

    <?php
       if (tep_not_null($article_info['articles_url'])) {
    ?>
      <tr>
        <td class="main">
    
    
    
    <?php echo sprintf(TEXT_MORE_INFORMATION); ?>    
    <a href="http://<?php echo $article_info['articles_url']; ?>" target="_blank"><u><?php echo sprintf($article_info['articles_url_name']);?></u></a>
    
       </td>
      </tr>
    <?php
     }
    ?>

     

     

    Look if its correct. Security issues or something??


  18. There is also a piece of code in languages/articles.php:

    define('TEXT_MORE_INFORMATION', 'For more information visit <a href="http://%s" target="_blank"</a>.');

     

    If the url input field is for example www.amd.com

    its redirect right.

     

    But if www.amd.com/processors/

    error

    it changes the / bars for %2 characteres.


  19. Hi,

    same problem as

    larryjam

     

    bad url redirection.

     

    In article_info.php:

     

     

    <?php
       if (tep_not_null($article_info['articles_url'])) {
    ?>
      <tr>
        <td class="main"><?php
    //    echo sprintf(TEXT_MORE_INFORMATION, "http://" . urlencode($article_info['articles_url']) );
    //    echo sprintf(TEXT_MORE_INFORMATION, "http://" . htmlentities(urlencode($article_info['articles_url'])) );
    //    product page example works fine   http://www.web.com/redirect.php?action=url&goto=www.sony.es+
       echo sprintf(TEXT_MORE_INFORMATION, tep_href_link(FILENAME_REDIRECT, 'action=arturl&goto=' . urlencode($article_info['articles_url']), 'NONSSL', true, false));
    
       ?></td>
      </tr>
    <?php
     }
    ?>
    

     

    The main redirect.php code:

        case 'url':
      if (isset($HTTP_GET_VARS['goto']) && tep_not_null($HTTP_GET_VARS['goto'])) {
        $check_query = tep_db_query("select products_url from " . TABLE_PRODUCTS_DESCRIPTION . " where products_url = '" . tep_db_input($HTTP_GET_VARS['goto']) . "' limit 1");
        if (tep_db_num_rows($check_query)) {
    	  tep_redirect('http://' . $HTTP_GET_VARS['goto']);
        }
      }
      break;
    
    
       case 'arturl':
    
      if (isset($HTTP_GET_VARS['goto']) && tep_not_null($HTTP_GET_VARS['goto'])) {
        $check_query = tep_db_query("select articles_url from " . TABLE_ARTICLES_DESCRIPTION . " where articles_url = '" . tep_db_input($HTTP_GET_VARS['goto']) . "' limit 1");
        if (tep_db_num_rows($check_query)) {
    
    // tep_redirect('http://' . $HTTP_GET_VARS['goto']);
    tep_redirect($check['articles_url']);
        }
      }
      break;

     

    I tried all posibilities.


  20. Need help with this issue.

    All works fine except for this.

     

    When customer adds a product to wishlist is going right but if he remains in idle his sessions ends after 10minutes and he must login again, but the wishlisted product disapeared!!

    Clicking on Wishlist says "there is no products in your wishlist".

     

    But looking in database the wishlisted product is there.

    product_id | customer_id

    1288 | 33

     

    anybody?


  21. http://addons.oscommerce.com/info/1808

     

    1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '{6}17{8}36{7}26 AND px.xsell_id = p.products_id AND p.products_id > '100' AND xp' at line 1

     

    SELECT p.products_id, pd.products_name, p.products_image, p.products_price, p.products_tax_class_id FROM products AS p, products_description AS pd, products_xsell AS px WHERE px.products_id = 10{6}17{8}36{7}26 AND px.xsell_id = p.products_id AND p.products_id > '100' AND xp.xsell_id > '100' AND px.xsell_id = pd.products_id AND p.products_status = '1' AND pd.language_id = '3' ORDER BY p.products_ordered DESC

     

    [TEP STOP]

     

    i tried to delimiting the query to non-atributed products but nothing.

     

    This contribution needs some fix like "if tep not null --- px.products_id"

     

    some suggest-

×