74 Posted September 10, 2002 Share Posted September 10, 2002 Hi, seems there are missing buttons in version 2.2 (eg. search, continue, checkout, update,...). I uploaded some buttons for test in /catalog/images for test and they can't be vieuwed :( . Anybody an idea about it? Thx Fred "The only revolutionary power is the power of human creativity..." Link to comment Share on other sites More sharing options...
Jan0815 Posted September 10, 2002 Share Posted September 10, 2002 Maybe you uploaded them in ASCII mode where they should have been uploaded in BINARY mode? Check the settings of your ftp client and try again ;-) You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
74 Posted September 10, 2002 Author Share Posted September 10, 2002 It was uploaded in Binary , I tried again but no results :( Fred "The only revolutionary power is the power of human creativity..." Link to comment Share on other sites More sharing options...
♥olby Posted September 10, 2002 Share Posted September 10, 2002 Hi 74 There's no missing buttons i 2.2 (all there), so: a) Use your FTP to check that all images are in /catalog/images B) check your config.php (right dir for images?) c) Did you use the same name for the buttons? d) Changed names all the way for the new ones? Hope this helps Best Regards olby Link to comment Share on other sites More sharing options...
Jan0815 Posted September 10, 2002 Share Posted September 10, 2002 It was uploaded in Binary , I tried again but no results Then check the permissions of the files. They should be something like 704 or 707. Make sure the web server is allowed to read the images. This usually means that permissions must be set to 707. HTH You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
CC Posted September 10, 2002 Share Posted September 10, 2002 Hold on it cant be that hard to find them. Either they are in your catalog/includes/languages/english/images/buttons/ or they aint!! I think I got that right. :lol: Cant be bothered to look and check, but you get my drift. Take a look in that directory, if they are not there, re-download the latest snapshot and upload them. If they are there, then you have done something wrong on upload. CC. Link to comment Share on other sites More sharing options...
74 Posted September 11, 2002 Author Share Posted September 11, 2002 Hi guys, Thanks for the help but nothing works :( Anyone another idea?? Thx Fred "The only revolutionary power is the power of human creativity..." Link to comment Share on other sites More sharing options...
Jan0815 Posted September 11, 2002 Share Posted September 11, 2002 Yes. Test this: In the includes directory you will find a file called .htaccess. Delete it. And add an empty index.html to includes and all subdirectories to avoid that people can list the content of these directories. There is a known problem with some apache configurations that prevents apache from getting the images from the includes/languages/[langugae]/images. HTH You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
74 Posted September 11, 2002 Author Share Posted September 11, 2002 You rule Jan :lol: :lol: This was the solution :lol: :lol: :lol: just another question about it : when i delete the htaccess, my directory is not protected anymore and they could find an access to my DB, isn't it? "The only revolutionary power is the power of human creativity..." Link to comment Share on other sites More sharing options...
Jan0815 Posted September 11, 2002 Share Posted September 11, 2002 That's why I suggested to add blank index.html files to all subdirectories. It will prevent the surfer from actually seeing the files in that directory. Normally there is no real risk involved, as it is not possible to see the sources of the php files that are in these directories. When called from a browser the server will interpret the php files and will show only the output. The php-files in includes normally don't output anything, so you should be safe. I might be terribly wrong though. Maybe some more experienced hacker can show us a better solution. You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
Aragon127 Posted September 11, 2002 Share Posted September 11, 2002 Only your include directory will be unprotected. Make sure you still have your admin directory protected and the most important file to protect is application_top.php as your database login is stored there in plain text. Ideally you would want to encode your password and info in application_top.php(I believe there's something in the FAQ on this). Your database will still be password protected and isn't in your includes directory anyways so that shouldn't be a concern. If you're on any kind of virtual server your admin should be able to help you protect your database(actually it should already be taken care of). All in all, OSCommerce isn't exactly the most secure product available, but if you don't store credit card numbers unencrypted really the worse thing that anyone can do is vandalize your store or steal your customer info(still things you don't want to happen). Deleting the .htaccess in includes isn't that big of a problem in the grand scheme of things. Link to comment Share on other sites More sharing options...
burt Posted September 11, 2002 Share Posted September 11, 2002 In your httpd.conf, you need to do: # # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # permissions. # <Directory /> Options FollowSymLinks Includes AllowOverride AuthConfig FileInfo Limit </Directory> Make sure that the Limit tag is in there, and then the problem will be solved. Link to comment Share on other sites More sharing options...
Jan0815 Posted September 11, 2002 Share Posted September 11, 2002 The most important file to protect is dependent on the version of osCommerce you are using: 2.1: includes/application_top.php 2.2: includes/configure.php Hint: Add the .htaccess file to the includes/local directory and move the configure.php there. Add a blank configure.php to includes. That will at least make it a bit more difficult for hackers. Better solution: Store the configure.php outside the DOCUMENT_ROOT and change the include() statement in application_top.php accordingly. HTH You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
Jan0815 Posted September 11, 2002 Share Posted September 11, 2002 Make sure that the Limit tag is in there, and then the problem will be solved. Can this be confirmed by other people with the same problem? If yes we will update this in CVS. Sounds great :-) Thanks for sharing this! You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
burt Posted September 11, 2002 Share Posted September 11, 2002 If a person accesses a PHP file in a browser, they won't get to see the PHP, only the output. So your file is safe anyway. But if you do have to remove that htaccess file, then stick in a index.php with a naughty message, or a redirect back to your catalog... Link to comment Share on other sites More sharing options...
burt Posted September 11, 2002 Share Posted September 11, 2002 Make sure that the Limit tag is in there, and then the problem will be solved. Can this be confirmed by other people with the same problem? If yes we will update this in CVS. Sounds great :-) Thanks for sharing this! Caveat Emptor :) It worked for me - might not work for all. I'm running - * Apache 1.3.26 * MySQL 3.23.51 * PHP-4.2.2 Link to comment Share on other sites More sharing options...
Harald Ponce de Leon Posted September 11, 2002 Share Posted September 11, 2002 That cant be added to CVS as that change needs to go in httpd.conf directly, not .htaccess. , osCommerce Link to comment Share on other sites More sharing options...
Jan0815 Posted September 11, 2002 Share Posted September 11, 2002 I should read more carefully. :-( You can't have everything. That's why trains have difficulty crossing oceans, and hippos did not adapt to fly. -- from the OpenBSD mailinglist. Link to comment Share on other sites More sharing options...
ukracer Posted December 19, 2002 Share Posted December 19, 2002 That cant be added to CVS as that change needs to go in httpd.conf directly, not .htaccess. But could it go as a contribution so its easy to find and follow?? Link to comment Share on other sites More sharing options...
Madinson Posted May 5, 2003 Share Posted May 5, 2003 I had this problem (no flags/no buttons) on this server: HTTP Server: Apache/1.3.27 (Unix) FrontPage/4.0.4.3 PHP Version: 4.1.2 (Zend: 1.1.1) EVERYTHING WAS ALRIGHT!!!! (...also the chmod-changing from 755 to 707.......) ...but i tried everything (!) to make the flags/icons visible. In the end I had to delete the .access in the includes-directory. I throwed an blank html-file into it. Now it works. I'll post this under tips and tricks. :D just create...and sell..sell...sell..... Link to comment Share on other sites More sharing options...
indecisive Posted January 6, 2004 Share Posted January 6, 2004 Thank you Jan, finally, somebody with a solution to this. Link to comment Share on other sites More sharing options...
Veritas Posted October 27, 2004 Share Posted October 27, 2004 Can this be confirmed by other people with the same problem? If yes we will update this in CVS.Sounds great :-) Thanks for sharing this! <{POST_SNAPBACK}> Had the same problem of buttons not showing. It solved my problem!! about the security issues. if you move the languages folder to say catalog/ronk/languages/ and change the DIR_WS_languages to the new adress. you dont need to remove htaccess from includes. Or would this mess up the place completly? Link to comment Share on other sites More sharing options...
eworkflow Posted November 22, 2005 Share Posted November 22, 2005 I'm having this problem with new buttons, I'm trying to connect to a new site, as we speak. Any serious system that can't (under circumstances) hook up buttons reminds me about that "shooting in the foot" allegory. Link to comment Share on other sites More sharing options...
eworkflow Posted November 22, 2005 Share Posted November 22, 2005 I had this problem (no flags/no buttons) on this server:HTTP Server: Apache/1.3.27 (Unix) FrontPage/4.0.4.3 PHP Version: 4.1.2 (Zend: 1.1.1) EVERYTHING WAS ALRIGHT!!!! (...also the chmod-changing from 755 to 707.......) ...but i tried everything (!) to make the flags/icons visible. In the end I had to delete the .access in the includes-directory. I throwed an blank html-file into it. Now it works. I'll post this under tips and tricks. :D Well, I've done it and it's not working for me for a site VPS hosted by websitesource.com. Also, I'm rather reluctant to mess with the server's system files. Since I'm going to use only English, how I can redirect the OSCommerce outside of /include, if that helps, to look for the !&%##%# buttons? Link to comment Share on other sites More sharing options...
eworkflow Posted November 24, 2005 Share Posted November 24, 2005 Silly me! My server setting was OK and my button images were perfectly available all along. My problem was that I was unaware that my copy of html_output.php contained already a CSS overwrite that practically blocked usage of any bitmap buttons. So, I just coded new .cssButton class, I needed, in the stylesheet.css and I'm back in business. Glad I don't need to deal anymore with them pesky language-dependant bitmap buttons. I bet some folks here, who had the same no-button-access "problem", may be not aware of that either. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.