Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

New 2.3.1 Infobox


PupStar

Recommended Posts

The formid is automatically generated by osCommerce as a security feature for customer generated input. I think that it was not well thought out. It works fine for POST data but fails miserably when the form is submitted via GET. I should probably file a bug report.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

The formid is automatically generated by osCommerce as a security feature for customer generated input. I think that it was not well thought out. It works fine for POST data but fails miserably when the form is submitted via GET. I should probably file a bug report.

 

Regards

Jim

 

I will file a bug report but do you forsee any problems if I comment out the code below???

 

////
// Output a form
 function tep_draw_form($name, $action, $method = 'post', $parameters = '', $tokenize = false) {
   global $sessiontoken;

   $form = '<form name="' . tep_output_string($name) . '" action="' . tep_output_string($action) . '" method="' . tep_output_string($method) . '"';

   if (tep_not_null($parameters)) $form .= ' ' . $parameters;

   $form .= '>';

   //if ( ($tokenize == true) && isset($sessiontoken) ) {
     //$form .= '<input type="hidden" name="formid" value="' . tep_output_string($sessiontoken) . '" />';
   //}

   return $form;
 }

Link to comment
Share on other sites

That should not be necessary, and it will reintroduce a security vulnerability that the formid was designed to fix. You should be able to stop the formid from appearing by setting the last parameter to false, or by just leaving it blank.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

That should not be necessary, and it will reintroduce a security vulnerability that the formid was designed to fix. You should be able to stop the formid from appearing by setting the last parameter to false, or by just leaving it blank.

 

Regards

Jim

 

Thanks Jim, that worked.

 

I will be jiggered if I can see why the bloomin links aint working correctly when I select a make and model and click find urgh >_<

Link to comment
Share on other sites

Jim that database advice you gave will it work for my issue..

ever since i tried installing a new box iv had an error installing boxes, it wont let me install the category box or what's new, it give the option to edit the boxes, but when you click the edit button it chooses boxes that are already installed.. very weird

I DONT know if that makes sense.. but I was thinking if it would help better I could create a temporary login for you to see what I mean.

 

regards

 

BlairH

Link to comment
Share on other sites

Jim that database advice you gave will it work for my issue..

ever since i tried installing a new box iv had an error installing boxes, it wont let me install the category box or what's new, it give the option to edit the boxes, but when you click the edit button it chooses boxes that are already installed.. very weird

I DONT know if that makes sense.. but I was thinking if it would help better I could create a temporary login for you to see what I mean.

 

regards

 

BlairH

 

BlairH,

 

If you would like to pm me I will have a look for you as I have my boxes running fine, also post the code for your infobox just to double check it.

 

Mark

Link to comment
Share on other sites

iv removed my custom boxes, due to the errors that occurred after having them.

but here are them anyways.

 

bm_brands.php

<?php
/*
 $Id$

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2010 osCommerce

 Released under the GNU General Public License
*/

 class bm_brands {
   var $code = 'bm_brands';
   var $group = 'boxes';
   var $title;
   var $description;
   var $sort_order;
   var $enabled = false;

   function bm_brands() {
     $this->title = MODULE_BOXES_BRANDS_TITLE;
     $this->description = MODULE_BOXES_BRANDS_DESCRIPTION;

     if ( defined('MODULE_BOXES_BRANDS_STATUS') ) {
       $this->sort_order = MODULE_BOXES_BRANDS_SORT_ORDER;
       $this->enabled = (MODULE_BOXES_BRANDS_STATUS == 'True');

       $this->group = ((MODULE_BOXES_BRANDS_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right');
     }
   }

   function execute() {
     global $oscTemplate;

     $data = '<div class="ui-widget infoBoxContainer">' .
             '  <div class="ui-widget-header infoBoxHeading">' . MODULE_BOXES_BRANDS_BOX_TITLE . '</div>' .
             '  <div class="ui-widget-content infoBoxContents">' .
             '    <a href="' . tep_href_link(FILENAME_SHIPPING) . '">' . MODULE_BOXES_BRANDS_BOX_SHIPPING . '</a><br />' .
             '    <a href="' . tep_href_link(FILENAME_PRIVACY) . '">' . MODULE_BOXES_BRANDS_BOX_PRIVACY . '</a><br />' .
             '    <a href="' . tep_href_link(FILENAME_CONDITIONS) . '">' . MODULE_BOXES_BRANDS_BOX_CONDITIONS . '</a><br />' .
             '    <a href="' . tep_href_link(FILENAME_CONTACT_US) . '">' . MODULE_BOXES_BRANDS_BOX_CONTACT . '</a>' .
             '  </div>' .
             '</div>';

     $oscTemplate->addBlock($data, $this->group);
   }

   function isEnabled() {
     return $this->enabled;
   }

   function check() {
     return defined('MODULE_BOXES_BRANDS_STATUS');
   }

   function install() {
     tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Information Module', 'MODULE_BOXES_BRANDS_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");
     tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_BRANDS_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '1', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())");
     tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_BRANDS_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");
   }

   function remove() {
     tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')");
   }

   function keys() {
     return array('MODULE_BOXES_BRANDS_STATUS', 'MODULE_BOXES_BRANDS_CONTENT_PLACEMENT', 'MODULE_BOXES_BRANDS_SORT_ORDER');
   }
 }
?>

 

bm_brands.php

<?php
/*
 $Id$

 osCommerce, Open Source E-Commerce Solutions
 http://www.oscommerce.com

 Copyright (c) 2010 osCommerce

 Released under the GNU General Public License
*/

 define('MODULE_BOXES_BRANDS_TITLE', 'Information');
 define('MODULE_BOXES_BRANDS_DESCRIPTION', 'Show information page links');
 define('MODULE_BOXES_BRANDS_BOX_TITLE', 'Information');
 define('MODULE_BOXES_BRANDS_BOX_PRIVACY', 'Privacy Notice');
 define('MODULE_BOXES_BRANDS_BOX_CONDITIONS', 'Conditions of Use');
 define('MODULE_BOXES_BRANDS_BOX_SHIPPING', 'Shipping & Returns');
 define('MODULE_BOXES_BRANDS_BOX_CONTACT', 'Contact Us');
?>

 

ill inbox you temp login details

Link to comment
Share on other sites

Yes, you have duplicate/incorrect entries in your database. The easiest solution is to remove all of the modules entries as I stated above. You can then reinstall your modules without the behavior you are seeing.

 

Regards

Jim

See my profile for a list of my addons and ways to get support.

Link to comment
Share on other sites

  • 4 months later...

Hi I am trying to add the new box and have followed all the information from this thread however it is not working for me.

 

When I go to the admin and click on boxes, it shows a module to add. I click on the module to add and the title comes up as MODULE_BOXES_SWAROVSKI_ELEMENTS_TITLE. I click to install but it won't install.

 

I did the following according to this thread;

 

 

 

public_html/includes/modules/boxes/bm_swarovski_elements.php (new file )

 

 

<?php

/*

$Id$

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2010 osCommerce

 

Released under the GNU General Public License

*/

 

class bm_swarovski_elements {

var $code = 'bm_swarovski_elements';

var $group = 'boxes';

var $title;

var $description;

var $sort_order;

var $enabled = false;

 

function bm_swarovski_elements() {

$this->title = MODULE_BOXES_SWAROVSKI_ELEMENTS_TITLE;

$this->description = MODULE_BOXES_SWAROVSKI_ELEMENTS_DESCRIPTION;

 

if ( defined('MODULE_BOXES_SWAROVSKI_ELEMENTS_STATUS') ) {

$this->sort_order = MODULE_BOXES_SWAROVSKI_ELEMENTS_SORT_ORDER;

$this->enabled = (MODULE_BOXES_SWAROVSKI_ELEMENTS_STATUS == 'True');

 

$this->group = ((MODULE_BOXES_SWAROVSKI_ELEMENTS_CONTENT_PLACEMENT == 'Left Column') ? 'boxes_column_left' : 'boxes_column_right');

}

}

 

function execute() {

global $oscTemplate;

 

$data = '<div class="ui-widget infoBoxContainer">' .

' <div class="ui-widget-header infoBoxHeading">' . MODULE_BOXES_SWAROVSKI_ELEMENTS_BOX_TITLE . '</div>' .

' <div class="ui-widget-content infoBoxContents">' .

' <a href="' . tep_href_link(FILENAME_SHIPPING) . '">' . MODULE_BOXES_SWAROVSKI_ELEMENTS_BOX_SHIPPING . '</a><br />' .

' <a href="' . tep_href_link(FILENAME_PRIVACY) . '">' . MODULE_BOXES_SWAROVSKI_ELEMENTS_BOX_PRIVACY . '</a><br />' .

' <a href="' . tep_href_link(FILENAME_CONDITIONS) . '">' . MODULE_BOXES_SWAROVSKI_ELEMENTS_BOX_CONDITIONS . '</a><br />' .

' <a href="' . tep_href_link(FILENAME_CONTACT_US) . '">' . MODULE_BOXES_SWAROVSKI_ELEMENTS_BOX_CONTACT . '</a>' .

 

 

 

 

 

 

' </div>' .

'</div>';

 

$oscTemplate->addBlock($data, $this->group);

}

 

function isEnabled() {

return $this->enabled;

}

 

function check() {

return defined('MODULE_BOXES_SWAROVSKI_ELEMENTS_STATUS');

}

 

function install() {

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Enable Swarovski Elements Module', 'MODULE_BOXES_SWAROVSKI_ELEMETS_STATUS', 'True', 'Do you want to add the module to your shop?', '6', '1', 'tep_cfg_select_option(array(\'True\', \'False\'), ', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, set_function, date_added) values ('Content Placement', 'MODULE_BOXES_SWAROVSKI_ELEMENTS_CONTENT_PLACEMENT', 'Left Column', 'Should the module be loaded in the left or right column?', '6', '1', 'tep_cfg_select_option(array(\'Left Column\', \'Right Column\'), ', now())");

tep_db_query("insert into " . TABLE_CONFIGURATION . " (configuration_title, configuration_key, configuration_value, configuration_description, configuration_group_id, sort_order, date_added) values ('Sort Order', 'MODULE_BOXES_SWAROVSKI_ELEMENTS_SORT_ORDER', '0', 'Sort order of display. Lowest is displayed first.', '6', '0', now())");

}

 

function remove() {

tep_db_query("delete from " . TABLE_CONFIGURATION . " where configuration_key in ('" . implode("', '", $this->keys()) . "')");

}

 

function keys() {

return array('MODULE_BOXES_SWAROVSKI_ELEMENTS_STATUS', 'MODULE_BOXES_SWAROVSKI_ELEMENTS_CONTENT_PLACEMENT', 'MODULE_BOXES_SWAROVSKI_ELEMENTS_SORT_ORDER');

}

}

?>

 

 

I also changed the following file ;

 

 

public_html/includes/languages/english/modules/boxes and made a new file called bm_swarovski_elements.php

 

 

<?php

/*

$Id$

 

osCommerce, Open Source E-Commerce Solutions

http://www.oscommerce.com

 

Copyright © 2010 osCommerce

 

Released under the GNU General Public License

*/

 

define('MODULE_BOXES_INFORMATION_TITLE', 'Swarovski Elements');

define('MODULE_BOXES_INFORMATION_DESCRIPTION', 'Swarovski Elements');

define('MODULE_BOXES_INFORMATION_BOX_TITLE', 'Swarovski Elements');

define('MODULE_BOXES_INFORMATION_BOX_PRIVACY', 'Privacy Notice');

define('MODULE_BOXES_INFORMATION_BOX_CONDITIONS', 'Terms of Service');

define('MODULE_BOXES_INFORMATION_BOX_SHIPPING', 'Shipping & Returns');

define('MODULE_BOXES_INFORMATION_BOX_CONTACT', 'Contact Us');

 

 

 

 

?>

 

 

 

Any suggestions ?? I a totally confused now.

 

Thank you in advance.

Tracie

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...