Jump to content


  • Content count

  • Joined

  • Last visited

1 Follower

Profile Information

  • Real Name
  • Gender
    Not Telling
  1. hetmana

    osCommerce VTS

    This I dont know, could you post here the listing from ocVTS please? Line 143 is the line that is specifically looking for file_manager.php. I assume that's what you mention fixing in the next release (?) Thanks for jumping on this so quickly -- MUCH appreciated!! B)
  2. hetmana

    osCommerce VTS

    ======== On ocVTS.php ======== ABOVE the results, I get THOUSANDS of the following error: Notice: Undefined variable: flagThreat in /[server path]/public_html/[catalog dir.name]/[my renamed admin]/AV/ocVTS.php on line 143 I deleted file_manager.php prior to installing VTS. Why am I getting this line -- literally -- thousands of times? BELOW the results, it tells me that I should rename my admin directory. I did that prior to installing VTS, so I'm not sure why it says that. ======== On ocVTSa.php ======== No notices/errors other than the actual results, just 19 counts of (shell execution) that I need to inspect against original files. ------------------------- Aside: I never used any version prior to 1.0.6, and yet index.php tells me "New version available: v1.0.5"
  3. My error handling is set to ALL. I reset the error log so that I can see specifically what today's problem is. When I attempted the test URL's from the ReadMe, I was of course still getting the error previously mentioned, so I set origin to Null. Now at the top of my page, I get: ------------------------------ Total impact: 8 Affected tags: xss, csrf Variable: REQUEST.test | Value: \">XXX Impact: 4 | Tags: xss, csrf Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1 Variable: GET.test | Value: \">XXX Impact: 4 | Tags: xss, csrf Description: finds html breaking injections including whitespace attacks | Tags: xss, csrf | ID: 1 Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /[snip]/includes/modules/osc_phpids.php:199) in /[snip]/includes/functions/sessions.php on line 102 ------------------------------ followed by the rest of my page just like normal. Still have NOTHING in the error log. Thank you for helping me out with this. I really appreciate it.
  4. I hope to get this working soon. I downloaded 1.6, along with PHPIDS 0.6.4 The first phase of the install went perfectly -- got the tables creation confirmation, OSC admin panel has all appropriate Configuration and Tools entries. I left all settings completely default. Then I uploaded the new and changed files for the catalog. After I set "Show Intrusion Result" to true so that I could test the installation, I tried both intrusion examples. Both times I got the following message: Exception: 23000, 1048, Column 'origin' cannot be null When I went to the admin panel to check the log -- no entries. I've gone over the instructions to make sure I did everything correctly 4 times; CHMOD was done right when I uploaded - rechecked; checked my database - new tables are there. Any suggestions would be immensely appreciated. I don't have any idea where to chase this.
  5. hetmana

    Greenmania template released

    team-h found the hundbegraben on this one in new_products.php -- wetware error -- uncorrected C&P from product_info.php. To open a lightbox instead of going to the details page when the "new products" thumbnail get clicked, the link needs all $ to be $new_products. Not to worry, we stamped Roxie's meal card "no dessert" ;) Nice work as usual, Alex!
  6. I have installed (twice) the USPS Methods 2.6 into MS2 following the step by step instructions painfully closely, and whenever I try to test shipping rates, I get this error: "United States Postal Service An error occured with the USPS shipping calculations. If you prefer to use USPS as your shipping method, please contact the store owner." Shows default postage rate of $8.50 I spoke to CS at USPS -- verified that my API account has been rolled over to the Production server. This is the same error that I got before I was rolled over to Production. I have tried searching "USPS Methods" shipping 2.6 and anything else solely relevant and cannot find any solution to this already on the board. Help please??? the store is at http://www.h-103.com/catalog/
  7. Fatal error: Cannot redeclare class paysystems in /home/h-103com/public_html/catalog/includes/modules/payment/paysystems.php on line 12 So I am still fairly new to working in PHP. I just attempted to install the PaySystems module for MS2. This is the message that sits atop the page when I try to access my Payment Modules page through the admin panel. Released under the GNU General Public License */ class paysystems { var $code, $title, $description, $enabled; // class constructor function paysystems() { global $order; Line 12 is " class paysystems {" Any help would be appreciated. Off to hunt down answers as to how to lock down my admin directory so the average bumpkin looking for open admin directories doesn't reconfig my catalog while I'm sleeping...