johnnybebad Posted September 19, 2010 Share Posted September 19, 2010 Hi I was using Mcafee a few days ago and it highlighted the http_error.php had a potential issue with cross scripting, I thought I had all my files sorted with the security updates but this one was only flagged recently so I just dont know anymore. below is the code for the file, but I dont understand. Ensure that parameters and user input are sanitized by doing the following: # Remove < input and replace with < # Remove > input and replace with > # Remove ' input and replace with ' # Remove " input and replace with " # Remove ) input and replace with ) # Remove ( input and replace with ( <?php /* $Id: http_error.php,v 1.5 2004/06/30 20:55:23 chaicka Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2004 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_HTTP_ERROR); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADVANCED_SEARCH); switch ($HTTP_GET_VARS['error_id']) { case '400': $error_text = ERROR_400_DESC; break; case '401': $error_text = ERROR_401_DESC; break; case '403': $error_text = ERROR_403_DESC; break; case '404': $error_text = ERROR_404_DESC; break; case '405': $error_text = ERROR_405_DESC; break; case '408': $error_text = ERROR_408_DESC; break; case '415': $error_text = ERROR_415_DESC; break; case '416': $error_text = ERROR_416_DESC; break; case '417': $error_text = ERROR_417_DESC; break; case '500': $error_text = ERROR_500_DESC; break; case '501': $error_text = ERROR_501_DESC; break; case '502': $error_text = ERROR_502_DESC; break; case '503': $error_text = ERROR_503_DESC; break; case '504': $error_text = ERROR_504_DESC; break; case '505': $error_text = ERROR_505_DESC; break; default: $error_text = UNKNOWN_ERROR_DESC; break; } // Send the HTTP Error to Store Owner if (EMAIL_HTTP_ERROR == 'true') { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_TEXT_SUBJECT, sprintf(EMAIL_BODY, HTTP_SERVER, $HTTP_GET_VARS['error_id'], $error_text, date("m/d/Y G:i:s"), HTTP_SERVER . $REQUEST_URI, $REMOTE_ADDR, $HTTP_USER_AGENT, $HTTP_REFERER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, ''); } // Save the HTTP Error Report to disk if (STORE_HTTP_ERROR == 'true') { // change of 1.5 : check if there is there is a path given in the admin, if not store it ot catalog\log\http_error.log if (STORE_HTTP_ERROR_LOG !="") { error_log(strftime(STORE_PARSE_DATE_TIME_FORMAT) . ',' . $HTTP_GET_VARS['error_id'] . ',' . HTTP_SERVER . $REQUEST_URI . ',' . $REMOTE_ADDR . ',' . $HTTP_USER_AGENT . ',' . $HTTP_REFERER . "\n", 3, STORE_HTTP_ERROR_LOG); } else { error_log(strftime(STORE_PARSE_DATE_TIME_FORMAT) . ',' . $HTTP_GET_VARS['error_id'] . ',' . HTTP_SERVER . $REQUEST_URI . ',' . $REMOTE_ADDR . ',' . $HTTP_USER_AGENT . ',' . $HTTP_REFERER . "\n", 3, DIR_FS_CATALOG . '/log/http_error.log'); } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <!-- changed for 1.5 css fixed //--> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo sprintf(HEADING_TITLE, $HTTP_GET_VARS['error_id']); ?></td> <td class="pageHeading" align="right"><?php IF(IMAGE_REQUIRED == 'true'){ echo tep_image(DIR_WS_IMAGES . 'table_background_specials.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT);}?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><br><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo sprintf(TEXT_INFORMATION, $error_text)?></td> </tr> </table></td> </tr> <tr> <td align="right" class="main"><br><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT, '', 'NONSSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> </tr> </table> <?php //this is where I added the advanced Search echo tep_draw_form('advanced_search', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get', 'onSubmit="return check_form(this);"') . tep_hide_session_id(); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE_1; ?></td> <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_browse.gif', HEADING_TITLE_1, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('search') > 0) { ?> <tr> <td><?php echo $messageStack->output('search'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } ?> <tr> <td> <?php $info_box_contents = array(); $info_box_contents[] = array('text' => HEADING_SEARCH_CRITERIA); new infoBoxHeading($info_box_contents, true, true); $info_box_contents = array(); $info_box_contents[] = array('text' => tep_draw_input_field('keywords', '', 'style="width: 100%"')); $info_box_contents[] = array('align' => 'right', 'text' => tep_draw_checkbox_field('search_in_description', '1') . ' ' . TEXT_SEARCH_IN_DESCRIPTION); new infoBox($info_box_contents); ?> </td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="smallText"><?php echo '<a href="javascript:popupWindow(\'' . tep_href_link(FILENAME_POPUP_SEARCH_HELP) . '\')">' . TEXT_SEARCH_HELP_LINK . '</a>'; ?></td> <td class="smallText" align="right"><?php echo tep_image_submit('button_search.gif', IMAGE_BUTTON_SEARCH); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="fieldKey"><?php echo ENTRY_CATEGORIES; ?></td> <td class="fieldValue"><?php echo tep_draw_pull_down_menu('categories_id', tep_get_categories(array(array('id' => '', 'text' => TEXT_ALL_CATEGORIES)))); ?></td> </tr> <tr> <td class="fieldKey"> </td> <td class="smallText"><?php echo tep_draw_checkbox_field('inc_subcat', '1', true) . ' ' . ENTRY_INCLUDE_SUBCATEGORIES; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_MANUFACTURERS; ?></td> <td class="fieldValue"><?php echo tep_draw_pull_down_menu('manufacturers_id', tep_get_manufacturers(array(array('id' => '', 'text' => TEXT_ALL_MANUFACTURERS)))); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_PRICE_FROM; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('pfrom'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_PRICE_TO; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('pto'); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_DATE_FROM; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('dfrom', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_DATE_TO; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('dto', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Can anyone point me in the right direction of what needs fixing please. Thanks Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
johnnybebad Posted September 20, 2010 Author Share Posted September 20, 2010 Hi I was using Mcafee a few days ago and it highlighted the http_error.php had a potential issue with cross scripting, I thought I had all my files sorted with the security updates but this one was only flagged recently so I just dont know anymore. below is the code for the file, but I dont understand. Ensure that parameters and user input are sanitized by doing the following: # Remove < input and replace with < # Remove > input and replace with > # Remove ' input and replace with ' # Remove " input and replace with " # Remove ) input and replace with ) # Remove ( input and replace with ( <?php /* $Id: http_error.php,v 1.5 2004/06/30 20:55:23 chaicka Exp $ osCommerce, Open Source E-Commerce Solutions http://www.oscommerce.com Copyright (c) 2004 osCommerce Released under the GNU General Public License */ require('includes/application_top.php'); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_HTTP_ERROR); require(DIR_WS_LANGUAGES . $language . '/' . FILENAME_ADVANCED_SEARCH); switch ($HTTP_GET_VARS['error_id']) { case '400': $error_text = ERROR_400_DESC; break; case '401': $error_text = ERROR_401_DESC; break; case '403': $error_text = ERROR_403_DESC; break; case '404': $error_text = ERROR_404_DESC; break; case '405': $error_text = ERROR_405_DESC; break; case '408': $error_text = ERROR_408_DESC; break; case '415': $error_text = ERROR_415_DESC; break; case '416': $error_text = ERROR_416_DESC; break; case '417': $error_text = ERROR_417_DESC; break; case '500': $error_text = ERROR_500_DESC; break; case '501': $error_text = ERROR_501_DESC; break; case '502': $error_text = ERROR_502_DESC; break; case '503': $error_text = ERROR_503_DESC; break; case '504': $error_text = ERROR_504_DESC; break; case '505': $error_text = ERROR_505_DESC; break; default: $error_text = UNKNOWN_ERROR_DESC; break; } // Send the HTTP Error to Store Owner if (EMAIL_HTTP_ERROR == 'true') { tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, EMAIL_TEXT_SUBJECT, sprintf(EMAIL_BODY, HTTP_SERVER, $HTTP_GET_VARS['error_id'], $error_text, date("m/d/Y G:i:s"), HTTP_SERVER . $REQUEST_URI, $REMOTE_ADDR, $HTTP_USER_AGENT, $HTTP_REFERER), STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, ''); } // Save the HTTP Error Report to disk if (STORE_HTTP_ERROR == 'true') { // change of 1.5 : check if there is there is a path given in the admin, if not store it ot catalog\log\http_error.log if (STORE_HTTP_ERROR_LOG !="") { error_log(strftime(STORE_PARSE_DATE_TIME_FORMAT) . ',' . $HTTP_GET_VARS['error_id'] . ',' . HTTP_SERVER . $REQUEST_URI . ',' . $REMOTE_ADDR . ',' . $HTTP_USER_AGENT . ',' . $HTTP_REFERER . "\n", 3, STORE_HTTP_ERROR_LOG); } else { error_log(strftime(STORE_PARSE_DATE_TIME_FORMAT) . ',' . $HTTP_GET_VARS['error_id'] . ',' . HTTP_SERVER . $REQUEST_URI . ',' . $REMOTE_ADDR . ',' . $HTTP_USER_AGENT . ',' . $HTTP_REFERER . "\n", 3, DIR_FS_CATALOG . '/log/http_error.log'); } } ?> <!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"> <html <?php echo HTML_PARAMS; ?>> <head> <meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>"> <title><?php echo TITLE; ?></title> <base href="<?php echo (getenv('HTTPS') == 'on' ? HTTPS_SERVER : HTTP_SERVER) . DIR_WS_CATALOG; ?>"> <!-- changed for 1.5 css fixed //--> <link rel="stylesheet" type="text/css" href="stylesheet.css"> </head> <body marginwidth="0" marginheight="0" topmargin="0" bottommargin="0" leftmargin="0" rightmargin="0"> <!-- header //--> <?php require(DIR_WS_INCLUDES . 'header.php'); ?> <!-- header_eof //--> <!-- body //--> <table border="0" width="100%" cellspacing="3" cellpadding="3"> <tr> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- left_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_left.php'); ?> <!-- left_navigation_eof //--> </table></td> <!-- body_text //--> <td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo sprintf(HEADING_TITLE, $HTTP_GET_VARS['error_id']); ?></td> <td class="pageHeading" align="right"><?php IF(IMAGE_REQUIRED == 'true'){ echo tep_image(DIR_WS_IMAGES . 'table_background_specials.gif', HEADING_TITLE, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT);}?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><br><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="main"><?php echo sprintf(TEXT_INFORMATION, $error_text)?></td> </tr> </table></td> </tr> <tr> <td align="right" class="main"><br><?php echo '<a href="' . tep_href_link(FILENAME_DEFAULT, '', 'NONSSL') . '">' . tep_image_button('button_continue.gif', IMAGE_BUTTON_CONTINUE) . '</a>'; ?></td> </tr> </table> <?php //this is where I added the advanced Search echo tep_draw_form('advanced_search', tep_href_link(FILENAME_ADVANCED_SEARCH_RESULT, '', 'NONSSL', false), 'get', 'onSubmit="return check_form(this);"') . tep_hide_session_id(); ?><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="0"> <tr> <td class="pageHeading"><?php echo HEADING_TITLE_1; ?></td> <td class="pageHeading" align="right"><?php echo tep_image(DIR_WS_IMAGES . 'table_background_browse.gif', HEADING_TITLE_1, HEADING_IMAGE_WIDTH, HEADING_IMAGE_HEIGHT); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php if ($messageStack->size('search') > 0) { ?> <tr> <td><?php echo $messageStack->output('search'); ?></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <?php } ?> <tr> <td> <?php $info_box_contents = array(); $info_box_contents[] = array('text' => HEADING_SEARCH_CRITERIA); new infoBoxHeading($info_box_contents, true, true); $info_box_contents = array(); $info_box_contents[] = array('text' => tep_draw_input_field('keywords', '', 'style="width: 100%"')); $info_box_contents[] = array('align' => 'right', 'text' => tep_draw_checkbox_field('search_in_description', '1') . ' ' . TEXT_SEARCH_IN_DESCRIPTION); new infoBox($info_box_contents); ?> </td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="smallText"><?php echo '<a href="javascript:popupWindow(\'' . tep_href_link(FILENAME_POPUP_SEARCH_HELP) . '\')">' . TEXT_SEARCH_HELP_LINK . '</a>'; ?></td> <td class="smallText" align="right"><?php echo tep_image_submit('button_search.gif', IMAGE_BUTTON_SEARCH); ?></td> </tr> </table></td> </tr> <tr> <td><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox"> <tr class="infoBoxContents"> <td><table border="0" width="100%" cellspacing="0" cellpadding="2"> <tr> <td class="fieldKey"><?php echo ENTRY_CATEGORIES; ?></td> <td class="fieldValue"><?php echo tep_draw_pull_down_menu('categories_id', tep_get_categories(array(array('id' => '', 'text' => TEXT_ALL_CATEGORIES)))); ?></td> </tr> <tr> <td class="fieldKey"> </td> <td class="smallText"><?php echo tep_draw_checkbox_field('inc_subcat', '1', true) . ' ' . ENTRY_INCLUDE_SUBCATEGORIES; ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_MANUFACTURERS; ?></td> <td class="fieldValue"><?php echo tep_draw_pull_down_menu('manufacturers_id', tep_get_manufacturers(array(array('id' => '', 'text' => TEXT_ALL_MANUFACTURERS)))); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_PRICE_FROM; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('pfrom'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_PRICE_TO; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('pto'); ?></td> </tr> <tr> <td colspan="2"><?php echo tep_draw_separator('pixel_trans.gif', '100%', '10'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_DATE_FROM; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('dfrom', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"'); ?></td> </tr> <tr> <td class="fieldKey"><?php echo ENTRY_DATE_TO; ?></td> <td class="fieldValue"><?php echo tep_draw_input_field('dto', DOB_FORMAT_STRING, 'onFocus="RemoveFormatString(this, \'' . DOB_FORMAT_STRING . '\')"'); ?></td> </tr> </table></td> </tr> </table></td> </tr> </table></form></td> <!-- body_text_eof //--> <td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="0" cellpadding="2"> <!-- right_navigation //--> <?php require(DIR_WS_INCLUDES . 'column_right.php'); ?> <!-- right_navigation_eof //--> </table></td> </tr> </table> <!-- body_eof //--> <!-- footer //--> <?php require(DIR_WS_INCLUDES . 'footer.php'); ?> <!-- footer_eof //--> <br> </body> </html> <?php require(DIR_WS_INCLUDES . 'application_bottom.php'); ?> Can anyone point me in the right direction of what needs fixing please. Thanks CAN SOMEONE PLEASE ADVISE ?? Thanks Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
Guest Posted September 20, 2010 Share Posted September 20, 2010 Johnny, Correct me if I am wrong, but osCommerce doesn't have a file named http_error.php Was this from a contribution ? Chris Link to comment Share on other sites More sharing options...
johnnybebad Posted September 27, 2010 Author Share Posted September 27, 2010 Johnny, Correct me if I am wrong, but osCommerce doesn't have a file named http_error.php Was this from a contribution ? Chris Yes it was from an contribution an old one at that http://www.oscommerce.com/community/contributions,933 Thanks Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
Mort-lemur Posted September 27, 2010 Share Posted September 27, 2010 Hi, As it is causing you a problem with mcAfee, and it only produces custom error pages, then why not just un-install it and use your cpanel to create custom error documents with a hyperlink back to your home page? Now running on a fully modded, Mobile Friendly 2.3.4 Store with the Excellent MTS installed - See my profile for the mods installed ..... So much thanks for all the help given along the way by forum members. Link to comment Share on other sites More sharing options...
johnnybebad Posted September 29, 2010 Author Share Posted September 29, 2010 Hi, As it is causing you a problem with mcAfee, and it only produces custom error pages, then why not just un-install it and use your cpanel to create custom error documents with a hyperlink back to your home page? Because I am thick and don't know how to get it to work the same as this add on and until recently it wasn't an issue, the error pages bring up the site template and the advanced search page. I was hoping that I could get some help on how to address the issue so the cross scripting error was removed. The contribution works well otherwise Getting better with mods but no programmer am I. Link to comment Share on other sites More sharing options...
New 
Recommended Posts
Archived
This topic is now archived and is closed to further replies.