Jump to content
Sign in to follow this  
CMOTD

Register Globals Support

Recommended Posts

Put up version 1.5 of the register globals patch.

 

This will work for the 17/08/2006 release of OSC

 

regards,

 

Rich.

 

 

Magic, Thanks Rich. :thumbsup:

Share this post


Link to post
Share on other sites
Magic, Thanks Rich. :thumbsup:

 

 

H'mm, can't seem to edit posts on this forum??

 

Anyway for anyone reading this thread who is not a seasoned computer user can I recommend you download and use this:

 

http://www.crimsoneditor.com/

 

to open all the help files such as readme, change_history, other_contributions etc etc

 

This will open the files formatted how they were intended, complete with spacing, paragraphs etc intact. If you just use notepad then you get line after line of text which is extremely hard to read and follow.

 

Apologies to those who already know this, but there's a lot of newbies doing this at a guess.

Share this post


Link to post
Share on other sites

I'm having troubles with displaying data in my admin area - in the categories/products page and also in the customers>orders page. I suspect that the problem lies with global variables.

 

when loading page: http:// ... catalog/admin/orders.php?osCAdminID=6299c07c4605e3f701ad72a8bcc32784 the orders list is empty. No status' appear in the status drop down menu .

 

however, if i remove from the URL all the text from "?" onward (ie load http:// ... catalog/admin/orders.php) all the orders show up. At the foot of the page I get

Warning: Unknown: Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in Unknown on line 0

 

the same situation occurs with : http:// ... catalog/admin/categories.php?selected_box=catalog&osCAdminID=a348abc7f118cd4f53c3a17a14595b2f and http:// ... catalog/admin/categories.php

 

I know that the server host has set global_variables to OFF.

 

I have done the following things to try and fix the problem(s)

 

* Put the following into PHP.ini:

 

 session.bug_compat_42 = 0
session.bug_compat_warn = 0

 

= made no difference.

 

* replaced in all files:

$HTTP_GET_VARS with $_GET

$HTTP_POST_VARS with $_POS

$HTTP_COOKIE_VARS with $_COOKIE

 

= made no difference

 

My host is running PHP 5.

 

there are no similar problems with the public side of the site, only the admin side.

 

Any guidance would be most gratefully accepted.

Share this post


Link to post
Share on other sites

UPDATE

 

Still haven't been able to fix the problem.

 

I tried using the "handy hint" from page 4 of this thread.

 

the printout of the global arrays on the problem pages looks like this:

---------- 
GET
osCAdminID -> '27a6947dfcb4b623ebf230830daef9ce'

 

this hexcode is the same as in the URL.

 

So, I'm looking for any guidance on this. thanks.

Share this post


Link to post
Share on other sites

Hi there,

 

I am using register_globals 1.5 since register_globals is disabled at my provider.

 

Now I am trying to implement two shops on a single server accessing a single

mysql database. Here is what I did:

 

- copy existing oscommerce directory

- copy database entries and renamed them with a preamble

- changed databases.php and configure.php to point to the right databases and directories.

 

Now the admin section is working but I get an "internal server error" when I try to access

the catalog section. The error occurs when the function "session_start" is called.

I believe that this might have something to do with the register_globals contribution.

Maybe the global variables get messed up between the two shops running in parallel.

 

Any ideas? Unfortunately I cannot access the server's error log.

 

Keep on oscommercin'

Jens

Share this post


Link to post
Share on other sites

I have tried and tried to figure this out but just can't get this to work! I think that if i explain what i've done so far it'll be alot easier to understand!

 

I need to install my website with ssl and fasthosts (my hosting provider) only supply shared ssl space.

So i followed fasthosts instructions to achieve all this by installing oscommerce on both my standard web space and my shared SSL space.

 

Then they tell you to upload register_globals which i did and then add this line of text at the end of the includes\configure.php file:-

 

define('WARN_CONFIG_WRITEABLE','false');

 

So all this is done and when i enter my site and click on the 'Account' link, im redirected to my shared space but it shows up this :-

 

Warning: session_save_path() [function.session-save-path]: open_basedir restriction in effect. File(/tmp) is not within the allowed path(s): (e:\sslroot;c:\winnt\temp;) in e:\sslroot\mysecuredspace\includes\functions\sessions.php on line 252

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at e:\sslroot\mysecuredspace\includes\functions\sessions.php:252) in e:\sslroot\mysecuredspace\includes\functions\sessions.php on line 98

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at e:\sslroot\mysecuredspace\includes\functions\sessions.php:252) in e:\sslroot\mysecuredspace\includes\functions\sessions.php on line 98

 

Warning: Cannot modify header information - headers already sent by (output started at e:\sslroot\mysecuredspace\includes\functions\sessions.php:252) in e:\sslroot\mysecuredspace\includes\functions\general.php on line 33

 

 

This is where im really confused and havn't got a clue what to do!! Please can someone help as im going out my mind trying to figure it out!

 

Thanks in advance

 

Steve

Share this post


Link to post
Share on other sites
Wow, I just tried this and sure enough - works as you describe (which is not what is desired)

 

I just got done testing tell_a_friend.php a coupld days ago and it was working great.

 

I then loaded the Register Globals patch.

 

I thought everything seemed to be working fine but guess I hadn't really noticed this yet.

 

Is there a fix??

 

Nathan

 

I just came across the same problem (messageStack items not appearing the first time) after applying the v1.5 register_globals patch. Since I didn't see the solution posted, I'll post what worked for me:

 

apply this patch to includes/classes/message_stack.php:

 

2,3d1

< tep_session_register('messageToStack');

<

53a52

> tep_session_register('messageToStack');

 

 

essentially this is registering messageToStack outside the class definition. There may be a better fix, but this one worked for me.

 

Regards,

Steve

Share this post


Link to post
Share on other sites

I am having a strange problem, and hoping some here will b kind enough to halt my head exploding into a million pieces! My site was working fine last night. Today, I get the famous message:

Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.

 

So after searcing the threads and tring to apply every suggestion imaginable, with no possitive results, I finally decided to try this contribution.

 

Went through all the files, decided on the manual install.

 

Catalog side shows up, BUT my admin which is under catalog is giving me the same message.

 

Any suggestions? Help, I think my eyeballs are falling out!

 

Tammy

Share this post


Link to post
Share on other sites

I have made a quick and painless fix to get osCommerce working nicely on PHP5:

 

http://teratechnologies.net/stevekamerman/...ry070104-120319

 

Thanks for the register_globals fix! I would also recommend you add a function similar to mine to the patch so it's a register_globals+PHP5 patch - my code will work properly in PHP 3, 4,and 5.

 

Thanks!

 

Steve Kamerman

http://www.teratechnologies.net/stevekamerman/

Share this post


Link to post
Share on other sites

Firstly thanks to everyone who has contributed to this important patch - nice work.

 

I've installed it on my new OSCommerce site, but I have the Gift Wrap add on installed, details here;

http://www.oscommerce.com/community/contri...earch,gift+wrap

 

It breaks basically, when you are viewing the checkout_shipping.php page, the HTML output just stops at the point where the gift wrap options should be displayed. On that page, for the purpose of displaying the gift wrap options is added the following;

 

// load giftwrap module

require(DIR_WS_CLASSES . 'gift.php');

$giftwrap_modules = new gift;

 

// process the selected giftwrap method

if ( isset($HTTP_POST_VARS['action']) && ($HTTP_POST_VARS['action'] == 'process') ) {

if (!tep_session_is_registered('giftwrap_info')) tep_session_register('giftwrap_info');

 

if (tep_count_giftwrap_modules() > 0) {

if ( (isset($HTTP_POST_VARS['giftwrap'])) && (strpos($HTTP_POST_VARS['giftwrap'], '_')) ) {

$giftwrap_info = $HTTP_POST_VARS['giftwrap'];

 

list($module, $method) = explode('_', $giftwrap_info);

if (is_object($$module)) {

$quote1 = $giftwrap_modules->quote1($method, $module);

if (isset($quote1['error'])) {

tep_session_unregister('giftwrap');

} else {

if ( (isset($quote1[0]['methods'][0]['title'])) && (isset($quote1[0]['methods'][0]['cost'])) ) {

$giftwrap_info = array('id' => $giftwrap_info,

'title' => $quote1[0]['module'] . ' (' . $quote1[0]['methods'][0]['title'] . ')',

'cost' => $quote1[0]['methods'][0]['cost']);

}

}

} else {

tep_session_unregister('giftwrap_info');

}

}

} else {

$giftwrap_info = false;

}

}

 

// get all available giftwrap quotes

$quotes1 = $giftwrap_modules->quote1();

 

// add gift message

if ($HTTP_GET_VARS['action'] == 'update') {

if (tep_not_null($HTTP_POST_VARS['giftMessage']) && tep_session_is_registered('giftwrap_info')) {

$giftMessage = tep_db_prepare_input($HTTP_POST_VARS['giftMessage']);

 

if (tep_session_is_registered('customer_id')) {

tep_db_query("update " . TABLE_ORDERS . " set giftMessage = '" . tep_db_input($giftMessage) . "' where customers_id = '" . $customer_id . "' and orders_id = '" . $order_id . "'");

} else {

tep_db_query("update " . TABLE_ORDERS . " set giftMessage = '" . tep_db_input($giftMessage) . "' where customers_id = '0' and orders_id = '" . $order_id . "'");

}

 

tep_session_unregister('giftwrap_info');

}

}

 

// end gift wrap module

 

 

Could anyone give me some guidance on how to go about fixing it please? I will gradually grind through it with my limited PHP skills, but any head starts on how to go about it would be great.

 

Cheers

 

Ben

Share this post


Link to post
Share on other sites

Should have added this - which is the gift wrap code where the page output actually breaks;

 

<?php

// BH061115: gift wrap module

 

if (tep_count_giftwrap_modules() > 0) {

?>

<tr>

<td><table border="0" width="100%" cellspacing="0" cellpadding="2">

<tr>

<td class="main"><b><?php echo TABLE_HEADING_GIFTWRAP_METHOD; ?></b></td>

</tr>

</table></td>

</tr>

<tr>

<td><table border="0" width="100%" cellspacing="1" cellpadding="2" class="infoBox">

<tr class="infoBoxContents">

<td><table border="0" width="100%" cellspacing="0" cellpadding="2">

<?php

$quotes1_size = sizeof($quotes1);

 

if ($quotes1_size > 1) {

?>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td class="main" width="50%" valign="top"><?php echo TEXT_CHOOSE_GIFTWRAP_METHOD; ?></td>

<td class="main" width="50%" valign="top" align="right"><?php echo '<b>' . TITLE_PLEASE_SELECT . '</b><br>' . tep_image(DIR_WS_IMAGES . 'arrow_east_south.gif'); ?></td>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

<?php

} else {

?>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td class="main" width="100%" colspan="2"><?php echo TEXT_ENTER_GIFTWRAP_INFORMATION; ?></td>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

<?php

}

 

$radio_buttons = 0;

for ($i=0; $i<$quotes1_size; $i++) {

?>

<tr>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td colspan="2"><table border="0" width="100%" cellspacing="0" cellpadding="2">

<?php

if (isset($quotes1[$i]['error'])) {

?>

<tr>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td class="main" colspan="3"><?php echo $quotes1[$i]['error']; ?></td>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

<?php

} else {

$size = sizeof($quotes1[$i]['methods']);

for ($j=0, $n2=$size; $j<$n2; $j++) {

// set the radio button to be checked if it is the method chosen

$checked = (($quotes1[$i]['id'] . '_' . $quotes1[$i]['methods'][$j]['id'] == $giftwrap_info['id']) ? true : false);

 

if ( ($quotes1[$i]['id'] . '_' . $quotes1[$i]['methods'][$j]['id'] == $giftwrap_info['id']) || (tep_count_giftwrap_modules() == (int)1) ) {

echo ' <tr id="defaultSelectedGift" class="moduleRowSelected" onmouseover="rowOverEffectGift(this)" onmouseout="rowOutEffect(this)" onclick="selectRowEffectGift(this, ' . $radio_buttons . ')">' . "\n";

} else {

echo ' <tr class="moduleRow" onmouseover="rowOverEffectGift(this)" onmouseout="rowOutEffectGift(this)" onclick="selectRowEffectGift(this, ' . $radio_buttons . ')">' . "\n";

}

 

?>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

<td class="main" width="75%"><?php echo $quotes1[$i]['methods'][$j]['title']; ?></td>

<?php

if ( ($quotes1_size > 1) || ($n2 > 1) ) {

 

if (DISPLAY_PRICE_WITH_TAX == true) {

$gift_tax_rate_tmp = tep_get_tax_rate(MODULE_ORDER_TOTAL_GIFTWRAP_TAX_CLASS);

$gift_tax_amt_tmp = $quotes1[$i]['methods'][$j]['cost'];

$gift_tax_amt_tmp += tep_calculate_tax($quotes1[$i]['methods'][$j]['cost'], $gift_tax_rate_tmp);

?>

<td class="main"><?php echo $currencies->format($gift_tax_amt_tmp); ?></td>

<?php

} else {

?>

<td class="main"><?php echo $currencies->format($quotes1[$i]['methods'][$j]['cost']); ?></td>

<?php

}

?>

<td class="main" align="right"><?php echo tep_draw_radio_field('giftwrap', $quotes1[$i]['id'] . '_' . $quotes1[$i]['methods'][$j]['id'], $checked); ?></td>

<?php

} else {

?>

<td class="main" align="right" colspan="2"><?php echo $currencies->format($quotes1[$i]['methods'][$j]['cost']) . tep_draw_hidden_field('giftwrap', $quotes1[$i]['id'] . '_' . $quotes1[$i]['methods'][$j]['id']); ?></td>

<?php

}

?>

<td width="10"><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

<?php

$radio_buttons++;

}

}

?>

</table></td>

<td><?php echo tep_draw_separator('pixel_trans.gif', '10', '1'); ?></td>

</tr>

<?php

}

?>

</table></td>

</tr>

</table></td>

</tr>

<?php

}

// end gift wrap module

?>

 

 

For completeness, these are the gift wrap functions used;

function selectRowEffectGift(object, buttonSelect) {

if (!selectedgift) {

if (document.getElementById) {

selectedgift = document.getElementById('defaultSelectedGift');

} else {

selectedgift = document.all['defaultSelectedGift'];

}

}

 

if (selectedgift) selectedgift.className = 'moduleRow';

object.className = 'moduleRowSelected';

selectedgift = object;

 

// one button is not an array

if (document.checkout_address.giftwrap[0]) {

document.checkout_address.giftwrap[buttonSelect].checked=true;

} else {

document.checkout_address.giftwrap.checked=true;

}

}

 

function rowOverEffectGift(object) {

if (object.className == 'moduleRow') object.className = 'moduleRowOver';

}

 

function rowOutEffectGift(object) {

if (object.className == 'moduleRowOver') object.className = 'moduleRow';

}

 

Share this post


Link to post
Share on other sites

I looked thorugh here but I didnt see an answer (it was a quick look). I did see a comment but didnt find the reply.

 

I have the most recent osc install and have installed the register globals patch. I am getting this error when going to my admin:

 

Fatal error: Call to undefined function: link_session_variable() in /home/*edited*/public_html/catalog/admin/includes/functions/sessions.php on line 77

 

That line is this:

 

73   {
74	 $session_keys = array_keys($_SESSION);
75	foreach($session_keys as $variable)
76	 {
77	  link_session_variable($variable, true);
78	}
79   }

 

 

Could someone offer a solution for me? I was able to finally get it to work on the catalog side, but I cant remember how it worked, if I did something or not. Thanks in advance!

Share this post


Link to post
Share on other sites
I looked thorugh here but I didnt see an answer (it was a quick look). I did see a comment but didnt find the reply.

 

I have the most recent osc install and have installed the register globals patch. I am getting this error when going to my admin:

That line is this:

 

73   {
74	 $session_keys = array_keys($_SESSION);
75	foreach($session_keys as $variable)
76	 {
77	  link_session_variable($variable, true);
78	}
79   }

Could someone offer a solution for me? I was able to finally get it to work on the catalog side, but I cant remember how it worked, if I did something or not. Thanks in advance!

 

I went back over my installation more carefully and fixed the problem. I must have missed something. Thanks for thinking about it though :)

Share this post


Link to post
Share on other sites
I have "Register Globals" installed and when trying to access the "product attributes" page in the admin I received the following error:

Anyone recognize this?

 

Linda

 

Add following in admin/include/functions/general.php line 25 (before the 'link_get_variable' calls which cause the error)

	function link_get_variable($var_name)
{
  // Map global to GET variable
  if (isset($_GET[$var_name]))
  {
	$GLOBALS[$var_name] =& $_GET[$var_name];
  }
}

Share this post


Link to post
Share on other sites
...I think the problem is with the register globals mod intermingling with the product attributes mod but I'm not sure.

If that's what you think the problem is then I suggest you install the register globals contribution last and use the step-by-step instructions (rather than the pre-patched files) for the files that have already been modified by your other contributions.

 

Rich.

Share this post


Link to post
Share on other sites

Hi, I have installed the Register_Globals fix v1.5 and the following bug fixes.

 

Within the instructions it clearly states that the store will not work with register_globals on after installing the contribution.

 

However just to test I have tried my store with register_globals on & off and it works in both states.

 

In my php.ini I had register+globals = off and my store seems to work fine.

so I tried register_globals = 1 and my store also seems to work fine

 

Has anyone else with this contrib and fixes installed tried their store with register_globals on and if so did it still work.

 

I'm only asking to double check I have done everything right.

 

Thanks

Share this post


Link to post
Share on other sites

I am an OS Commerce newbie and have tried to install it today but came across the issue of being unable to install due to the register globals issue. I found this contrib- (Register Globals v1.5 (w/ bugfix 2) - Patch Files Only) uploaded the latest files to m server- overiding the old ones and for some reason I cannot get beyond the first navigation of installation. If I click continue it just navigates back to the same page:

 

http://www.mindseyemidlands.co.uk/oscommer...all/install.php

Share this post


Link to post
Share on other sites
...Within the instructions it clearly states that the store will not work with register_globals on after installing the contribution....

No, you've probably not done anything wrong.

 

I put this comment in the contribution's instructions because at the time I made the contribution, I wasn't convinced that the session handling would still work if you had RG enabled at the same time as having the patch installed.

 

I'm still not sure, and haven't looked at it further to convince myself one way or the other. But to be on the safe side, I would not run with this patch installed with RG enabled; if you do, you might mess up the session handling. There's no point in doing this anyway (as I am sure you are already aware).

 

Rich.

Share this post


Link to post
Share on other sites
No, you've probably not done anything wrong.

 

I put this comment in the contribution's instructions because at the time I made the contribution, I wasn't convinced that the session handling would still work if you had RG enabled at the same time as having the patch installed.

 

I'm still not sure, and haven't looked at it further to convince myself one way or the other. But to be on the safe side, I would not run with this patch installed with RG enabled; if you do, you might mess up the session handling. There's no point in doing this anyway (as I am sure you are already aware).

 

Rich.

Thanks for the reply rich, I am still developing & testing my store so I am going to leave the patch installed and rg left off. If I come across anything during my testing I will let you know but so no probs. Is there anything I can look for specifically like problems during checkout etc as I am going to test my store to death before I unleash it on the net.

 

Regards

John

Share this post


Link to post
Share on other sites

Im having the same problem as 'usetheforce', I cant get past the first stage of installation. I need this fix to run on my hosts servers.

 

Please help !!!!!!

Share this post


Link to post
Share on other sites

Im having the same problem as 'usetheforce', I cant get past the first stage of installation. I need this fix to run on my hosts servers.

 

Please help !!!!!!

Share this post


Link to post
Share on other sites
Im having the same problem as 'usetheforce', I cant get past the first stage of installation. I need this fix to run on my hosts servers.

 

Please help !!!!!!

Use the manual installation. FTP the osc files, import the database with phpmyadmin and change the configure.php files to reflect your server settings.

Share this post


Link to post
Share on other sites

Hi there

 

I have a clean shop. My server host have Globals ON and will not de-activate it since it runs on all accounts on their Unix servers. Where does this leave me? Does this mean I can't have this patch installed and is their a way to work around this?

 

Your input will be greatly appreciated.

Share this post


Link to post
Share on other sites
Hi there

 

I have a clean shop. My server host have Globals ON and will not de-activate it since it runs on all accounts on their Unix servers. Where does this leave me? Does this mean I can't have this patch installed and is their a way to work around this?

 

Your input will be greatly appreciated.

see if you can override it for your domain using the htaccess

 

php_value register_globals 0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×