Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

disallowed url


Guest

Recommended Posts

Could you be more specific? Is ".surf" just the Top Level Domain (like .com), or is it supposed to be the entire mail server (in which case it should be invalid)? Or is it the user's address on that server? osC has a function tep_validate_email() that certainly should handle a 4 character TLD, and does nothing to exclude ".surf". What version of osC are you running? Have you tried the email address yourself? Is it definitely osC that's rejecting an attempt to change or enter that email address, or is some mail server blocking it as spam (osC actually having accepted it)?

Link to comment
Share on other sites

It is a top level domain just like com.  I have been able to email her using .surf with no problem.  It is an older version of OSC

So what do I do?

 

Link to comment
Share on other sites

So it's an email address like "[email protected]"? First, look in the database (phpMyAdmin) or in customer data and see if osC actually accepted the change, but something about your server is blocking it (perhaps .surf is on a spam blacklist?). Try it yourself on a test installation, and see if there are any messages stating that the address is rejected, and the update is not going through. I suspect that she's not giving you the full story, as to just where the blockage is. If osC is handling it OK on your end, most likely this email address (or even domain) is on a spam blacklist somewhere (although if you can email her outside of osC, that's less likely). If osC is definitely rejecting it, what osC version is this? Can you find a file with some sort of email validation routine in it (such as tep_validate_email() in 2.3.4BS Edge -- it may go back a lot longer than that)? I could imagine some very old osC's rejecting any TLD longer than 3 characters, though that should have been fixed long ago.

So first you have to replicate the problem -- is your osC actually rejecting an attempt to set this email address, and does it appear to be a legit address (only ASCII alphanumerics a-z, A-Z, 0-9 with @, -, and . -- no funny non-ASCII characters or other punctuation on the domain side, some other punctuation on the user name side). Look up the rules for email addresses (RFC822 standard) to confirm that it should be a good address.  If osC is failing to update a legit address, it will have to be looked into further. According to the Edge code, osC tries to ask the server to validate the address, and if that is unavailable, falls back to a regex that "should pass 99.9% of them".  I don't know about older versions, but this routine is copyright 2010. If it is going into the database OK, under what situations is it failing to be used? Is osC failing to send mail to it?

You may need to ask your customer/client/owner (?) if there are any non-ASCII characters in her email address (e.g., a Greek micron instead of a u), just to be sure. I'm not sure what the rules are these days on email address character sets -- they may be permitting full Latin-1, or even full Unicode now, in which case the osC code may need to be updated.

And while we're here, what osC version?

Link to comment
Share on other sites

The email she has is fine and I can email her so blocking is not the issue.  When I try to put here surf in get the message that it appears not be a valid email

There is both a validations.php and a tld.txt file that appears to be involved but no tep_validate_email that i can find. 

I edited the tld.txt file and added surf but still does not work.  The tld.txt does show info so a 4 character version would not seem to be the issue.

i just made up a surf email and will not work so definitely no funky characters causing issue

 

running 2.3.4

 

Link to comment
Share on other sites

I'm looking in the "Edge" source, so evidently tld.txt was removed and tep_validate_email() inserted in the rewrite for "Edge".

So you're satisfied that it's osC itself that's rejecting a .surf email address, so it's not updating the customer information? If 4 character TLDs are permitted (e.g., .info), and tld.txt is updated properly with .surf, and there's nothing in validation.php that appears to be blocking .surf, that's a puzzler. The only two things I can think of at this point are

  1. something in your server (Apache server security, PHP, or MySQL) is blocking .surf, possibly as early as the web page level (form input) -- you'd have to put in some temporary debug echo statements to find out just where the blockage is happening (pay attention to whether the email address arrives via POST or GET method)
  2. your site is still using a cached copy of tld.txt, without the .surf entry

You might ask your host tech support for guidance on these -- whether they block certain TLDs or strings in forms, or URL Query Strings for security reasons, and whether there's any caching that might be happening. Beyond that, at this time I'm out of ideas.

Link to comment
Share on other sites

Went into database and changed the email there to .surf

Seems to be fine but not the best way to make changes.................why does tld.txt not work?

Link to comment
Share on other sites

If I remember rightly, tld.txt has not existed in osC from 2.3 onwards (ie approx 8 yrs ago), so you must have quite an old version of osCommerce, or you have updated from an older version and have artifacts left over.

In old versions of osCommerce, the function tep_validate_email used a load of code to try to weed out people using fake email addresses, one of those ways was to read a list of allowed extensions from tld.txt, since v2.3 that "heavy lifting" has been done using a different way, unconnected to tld.txt.

I have just tested and can confirm that in up to date osCommerce, .surf domains are no problem whatsoever.

 

What you can try, updating the relevant file to this code:

https://github.com/gburton/Responsive-osCommerce/blob/master/includes/functions/validations.php

Link to comment
Share on other sites

Does not help as it does not check for extensions which are allowed ............that is really what I need.  But thanks anyway

Link to comment
Share on other sites

Solved it ..............there are two tld.txt files one in store other in admin................changed both and added surf and whoooooo!

Link to comment
Share on other sites

  • 4 weeks later...

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...