Jump to content

Rwe

Members
  • Content count

    130
  • Joined

  • Last visited

Everything posted by Rwe

  1. I found the same in my logfiles: error log: PHP Warning: Use of undefined constant CHARSET - assumed 'CHARSET' ----------------------------- This error was initiated by a bot / hacker with a couple of te next urls : access.log: [06/May/2020:14:55:04 +0200] "GET /somebrand-m-429.html?ceid=kj1oe5oi9m948qfga4evf5dt2f&pHFd%3D8021%20AND%201%3D1%20UNION%20ALL%20SELECT%201%2CNULL%2C%27%3Cscript%3Ealert%28%22XSS%22%29%3C%2Fscript%3E%27%2Ctable_name%20FROM%20information_schema.tables%20WHERE%202%3E1--%2F%2A%2A%2F%3B%20EXEC%20xp_cmdshell%28%27cat%20..%2F..%2F..%2Fetc%2Fpasswd%27%29%23 HTTP/1.0" 200 9791 "-" "Opera/9.12 (Windows NT 5.0; U; ru)" seems this url takes the system down and CHARSET cannot be found. ?
  2. Rene, misschien checkout_confirmation.php ipv checkout_conformation.php ?
  3. Rwe

    Ultimate Seo Urls 5 Pro

    I fixed it with this: RewriteRule ^write.php$ ext/modules/content/reviews/write.php [NC,L,R] Placed just above the USU5 rewrite rules in .htaccess Or is there a better way? Thanks Reinder
  4. Rwe

    Ultimate Seo Urls 5 Pro

    Okay i understand. I think this same issue will also affect write_pwa.php? ( addon purchase without account) . I cannot test this at the moment as the review link is in the order confirmation e-mail.
  5. Rwe

    Ultimate Seo Urls 5 Pro

    Does the url need to be rewriten? Once logged in and then clicking the link it just works with in the adress bar http://www.myshop.com/ext/modules/content/reviews/write.php?products_id=3 It is like something goes wrong with processing the href_link over the login page?
  6. Rwe

    Ultimate Seo Urls 5 Pro

    USU5. just noticed a problem with the write review URL's. when not logged in to my shop and trying to write a review , then after login the link to write a review should be : www.myshop.com/ext/modules/content/reviews/write.php in fact it redirects after login or after create a new account to : www.myshop.com/write.php (this returns a 404) when already logged in there is not a problem with the url. I suspect it has something to do with : "set php_self in the local scope" in application_top.php because when i set the old code back it works as it should. but my knowledge is limited on this.. anyone have some ideas how to fix this ? thanks Reinder
  7. Hello @raiwa installed the Related_Products_234_BS_6.6. google structured data test gives all related products as separated products and not related to any product w3c validatation gives the following errors: Error: The itemprop attribute was specified, but the element is not a property of any item. ( isRelatedTo, url, name, offers, pricecurrency, price) i have installed the HT product_schema.php wich works correctly for the main product. is there something missing in the HT product_schema.php, some code for related products? i am Using Frozen v2.3.4.1 CE
  8. @raiwa How can this addon be placed above the header navbar? thanks in advance
  9. @raiwa Thanks for your explaination, I made it by moving the files to the modules/content/navigation folder and make the nescessary changes in the files.( _HEADER_ to _NAVBAR etc. ) i did not change template_top.
  10. Rwe

    Fake accounts

    These seem to be forum spammers, they sign up and later they will try to spam their sh*t on your forms using the signup details. if i look in my error.log i can see that they also try to visit contact_us.php and www.forum.mysite.nl even if it does not exist. i block them by honeypot system, its working .
  11. Rwe

    Fake accounts

    The registration is commonly made by robots who look at the right form fields. firstname, lastname , email etcetera. I had this problem too the last weeks of fake accounts exactly as mentiont earlyer. I did the following to trick them; 1 in create_account.php duplicate the firstname input field (just plain html input field can too)and place it before the original firstname field and add a class to the div and and hide it (css display:none ! not use a style="") 2 rename the original firstname field with a newname ( name ="newfirstname") + change : $firstname = tep_db_prepare_input($_POST[newfirstname']); 3 make a rule to give an error when the formfield fistname is being filled up by the robot and place it in the top somewhere between the other fom check codes: if(!empty($_POST['firstname'])) { $error = true; } Finished. i can see in the server logs that the robot has been trying but could not make an account. for now this is working for me. i hope i could help with this .
  12. Nevermind, i fixed it by replacing the files with ones from my previous installation.
  13. installed ultimate seo urls for BS , i thought it was working as expected but checking the cache function it seems this is not working on each of the 4 cache options ( mysql, file, sqlite, memcache). Setting it on sqlite or memcache gives internal server error these might not be supported. No data is stored. The folder permissions for file/ sqlite are 755 ( checked 777 too with same results). i made a debug test: Standard URI produced: 24 SEO URI produced: 114 Query Count: 112 Queries Saved: 2 Cache load time: 0.0001 seconds ( includes gzinflate/base64_decode/unserialize ) Data loaded from cache: false ( Cache System: File_Cache_Module ) Total query time: 0.0042 seconds Cache system is On --------------------------------------- Anyone has an idea? Thanks in advance.
×