Jump to content
Sign in to follow this  
CMOTD

Register Globals Support

Recommended Posts

In case anyone is interested, please use this thread to post support questions / thoughts for the 'Register Globals' contribution.

 

The contribution can be found here...

 

http://www.oscommerce.com/community/contributions,2097

 

Comments / abuse / vacuous indifference (delete as you see fit - if you can be bothered) welcomed.

 

regards,

 

Rich.

Share this post


Link to post
Share on other sites

Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.

 

If someone is interested in the changes, i can post the changed files.

 

 

Thanks and Greetings

Alex

 

Sorry for my bad english

Share this post


Link to post
Share on other sites
Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.

 

If someone is interested in the changes, i can post the changed files.

 

 

Thanks and Greetings

Alex

 

Sorry for my bad english

I am very interested in your solution, bring it on

Share this post


Link to post
Share on other sites

i'm also getting these two warnings:

 

Warning: First argument to array_keys() should be an array in /httpdocs/shop/includes/functions/sessions.php on line 74

 

Warning: Invalid argument supplied for foreach() in /httpdocs/shop/includes/functions/sessions.php on line 75

 

what to do with these?

Share this post


Link to post
Share on other sites

Hi,

 

Can anyone tell me the advantages of installing this contrib? Is this for security reasons? Thanks. :lol:

Share this post


Link to post
Share on other sites

This contribution from Richard Bentley is for the case, that Register_Globals is turned off. For security-reasons, this should be allways turned off. But oscommerce is currently not prepared for this case, so that oscommerce without this contribution and without Register_Globals turned on is unable to work.

 

It seems to be, that i still have some problems in the admin at product attributes. I try to find out, where this problem is located. Currently i can not page through the attributes.

 

 

Alex

Share this post


Link to post
Share on other sites

I fixed this problem in admin/products_attributes.php. But i do not know, at which places the same problem could occure.

 

Following changes are necessary:

 

	//BOF - RegisterGlobals
//    if (!isset($option_page)) {
//  $option_page = 1;
//    }
   if (!isset($option_page)) {
 if (isset($HTTP_GET_VARS['option_page']))
 {
	 $option_page = $HTTP_GET_VARS['option_page'];
 }
 else
 {
	 $option_page = 1;
 }
   }
// EOF - RegisterGlobals  

 

	//BOF - RegisterGlobals
//    if (!isset($value_page)) {
//  $value_page = 1;
//    }
   if (!isset($value_page)) {
 if (isset($HTTP_GET_VARS['value_page']))
 {
	 $value_page = $HTTP_GET_VARS['value_page'];
 }
 else
 {
	 $value_page = 1;
 }
   }
// EOF - RegisterGlobals

 

	//BOF - RegisterGlobals
//    if (!isset($attribute_page)) {
//  $attribute_page = 1;
//    }
   if (!isset($attribute_page)) {
 if (isset($HTTP_GET_VARS['attribute_page']))
 {
	 $attribute_page = $HTTP_GET_VARS['attribute_page'];
 }
 else
 {
	 $attribute_page = 1;
 }
   }
// EOF - RegisterGlobals

Share this post


Link to post
Share on other sites

Just a quick note to say thanks for the feedback - clearly I need to keep a better eye on the message board...

 

...and improve my coding ! Sorry for the problems you all seem to be having - be assured that I shall suitably chastise myself for causing such grief. I'll look at what you've all posted in depth after I've written this.

 

Oh well, at least it's good to know that other people are interested in this.

 

regards,

 

Rich.

Share this post


Link to post
Share on other sites

I've put up v1.1.1.

 

This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004.

 

regards,

 

Rich.

Share this post


Link to post
Share on other sites

How many files is this contribution going to touch in general?

 

And is it something that could be used on a site with ALOT of mods and hacks?

 

Ta.

 

CC.

Share this post


Link to post
Share on other sites
I've put up v1.1.1.

 

This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004.

 

regards,

 

Rich.

thx, gonna test it

Share this post


Link to post
Share on other sites

ok seems to work.. I only have another problem, i have a multilanguage shop.

 

Case:

Default language is dutch. Everything shows in dutch ( that's good) when selecting english ( as customer) the page where you are at that moment displays in english and all the links to other parts of the shop are also english.

 

But, when clicking a link to an other part of the shop the language switches back to ( default) dutch again.

 

So i think the variable which containts the languagesetting is not available on other pages or something..

Share this post


Link to post
Share on other sites

addition: ( why can't i edit my own message?)

 

In the administration menu there's also a problem with a variable i think...

 

when going to the catalogus section en clicking one category of that section it switches to the Configuration menu ( and closes the catalogus menu)

Share this post


Link to post
Share on other sites

Mmmm....

 

I'm not able to look at this right now, but I'll look into it this evening - I'm sure it's nothing difficult to fix (feel free to remind me I said this when I still haven't got a solution in a week's time !)

 

In response to CC's question - download and look at the contribution!

 

The answer is 'not many' - I think it's 4 files in admin and 3 files in catalog (or something like that - I don't have the code in front of me). The changes are actually very small.

 

Also, I have specifically written the change instructions in a way that is less likely to interfere with other modifications. But if you read the contribution, you'd know this already :-)

 

regards,

 

Rich.

Edited by CMOTD

Share this post


Link to post
Share on other sites

Hello again,

 

I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.

 

Re The problem with admin category selection switching back to Configuration....

 

What setting do you have for 'variables_order' in php.ini ?

 

The default value for this is "EGPCS"

 

I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.

 

In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.

 

puzzled....

 

regards,

 

Rich.

Edited by CMOTD

Share this post


Link to post
Share on other sites
Hello again,

 

I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.

 

Re The problem with admin category selection switching back to Configuration....

 

What setting do you have for 'variables_order' in php.ini ?

 

The default value for this is "EGPCS"

 

I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.

 

In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.

 

puzzled....

 

regards,

 

Rich.

Hey Rich.

 

thanks for looking at the problem

 

about the PHP.ini setting: i'm running this thing on a host so i can't look at the php.ini

 

about he language thing i send you a PM

Share this post


Link to post
Share on other sites

Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.

 

Any idea what's happening?

 

Thanks!

 

Rob Z.

Share this post


Link to post
Share on other sites
Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.

 

Any idea what's happening?

 

Thanks!

 

Rob Z.

do you get the error while installing? because i had this too,

 

i solved this by commenting the register_globals check in application.php in your /install/includes

Share this post


Link to post
Share on other sites

Y'know, I looked in there and didn't see it. But now that you've made me look again it magically appeared! ;-)

 

Thanks a ton!

 

Rob Z.

Share this post


Link to post
Share on other sites

Sorry about this omission - I've already added it to the patch ready for the next upload

 

Rich.

Share this post


Link to post
Share on other sites

An appeal

 

On the 24 May, Twan reported a couple of problems; one in admin whereby it switches back to the configuration at the wrong time, and one in catalog where the language switches back to (what we now know / think ?) is the browser default language.

 

I'm having some real problems reproducing these issues - basically, I can't. With Twan's help, I have been able to confirm the issues exist though. If anyone out there can confirm that these ARE or ARE NOT an issue for them, I would be very interested to hear.

 

(If you want to avoid cluttering up the message board with reports then send me a PM if you like)

 

I think the problems may have something to do with some php.ini settings on the shared server that faulty OSC is running on (specifically, the variables_order value), but we are unable to get to the php.ini values, so can't confirm this.

 

At the moment I want to try and fixes these issues but am at a bit of a loss.

 

regards,

 

Rich.

Edited by CMOTD

Share this post


Link to post
Share on other sites

I have patched the necessary files for this contrib, yet when using the admin control panel I get a fatal error from the new link_session_variable function in sessions.php.

 

It looks like the variables "cart" and "currency" have not been properly defined. The variables (in order) are:

 

language

languages_id

selected_box

cart - Fatal error: Session variable cart is not globally defined

currency - Fatal error: Session variable currency is not globally defined

messageToStack

 

This actually just popped up after working fine for a day. Anyone else run into this problem? Am I missing something? I managed to get rid of the error by adding those two into the var_refs array in the link_session_variable function, but I'm completely new to osC and I'm not sure if I'm about to break something by doing so...

 

Anyway, any insight would be appreciated. Thanks.

Share this post


Link to post
Share on other sites

Hello,

 

I've installed this contribution and it seems mostly to be fine except for this error I get when trying to checkout of my shop:

 

"Warning: session_write_close(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in \\nas12ent\domains\1\1stopscaleshop.co.uk\user\htdocs\includes\functions\sessions.php on line 212"

 

I've been trolling the forum for a similar scenario to learn from but have had no luck. My hosting company will give me no access to the php.ini file but I was wondering about ini_set as an alternative?? This seems like it may be too easy option and wishful thinking??

 

Has anyone got any thoughts on ini_set? Or has anyone encountered the above error message when doing a checkout?

 

please have a look at http://www.1stopscaleshop.co.uk if you would like to see this error in action.

 

Many Thanks

Rebecca

Share this post


Link to post
Share on other sites

Thanks for all the hard work on this. I have just finally got osCommerce installed for the first time, and am taking a look at it. I was surprised when it wanted globals on, and was happy to find this thread to help get around the installation issues. :D

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×