[I need ISO3 and num code for U.S.]

ISO - US

ISO3 - USA

NUMERIC - 840

[Password Request Keeps Failing?]

Hello people,

it seems that i have the same admin access problem as everybody else.

I must admit i have'nt yet tried the mp5.php thingy as i noticed that more than one possible solution could be the answer.

I noticed towards the end of this thread that convict said to check the $glob['rootRel'] within the include/global.inc.php

I would like to do this but my store is held within a subdomain http://paragifts.intermedia-services.fr

any suggestions would be a great help.

Please note that although my site is going to be mainly French based at the begining, other languages will be put into place, and myself, i am English so no problem understanding your replies.

Thanks in advance

skydiver

Just create a temporary admin and send me the access data via PM will be checking...

[Security warning with new upgrade??]

Just wanted to say a public thank you to convict.

It's very reassuring for people wanting to use CC that there are talented and helpful people like him around to help out.

Solved.

You are welcome :)

[Security warning with new upgrade??]

@ tshells, Windy Miller

Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.

Thanks so much for the offer of help convict. Just PM'd you the link.

Solved. :wacko:

[Password Request Keeps Failing?]

I posted you the path to the file - include/global.inc.php. Just search the store root folder on your site. The

Store root folder is the one that contains files named admin, classes, docs, extra, images, includes, js, language, modules, pear and skins. Go to includes folder and open global.inc.php file

[Password Request Keeps Failing?]

@ teknia this is pure session issue NOT an admin password.

Please check your site URL is correct defined. The issue ocurs the site URL in your include/global.inc.php is without www in site name and you do site access with www in URL and counter.

@ jodyg

Please check your $glob['rootRel'] value in includes/global.inc.php it cannot be empty.

[Shipping Cost By Price]

Thank you

There is no reason to post such request here.

CubeCart.com is not related (and doesnt support) to any 3rd Party mods. :)

[Shipping Cost By Price]

@ antzypants

Huh, you dont have any permission to attach this mod here ;)

[Security warning with new upgrade??]

@ tshells, Windy Miller

Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.

Thank you for taking the time to look. Like I said, after edits to ini.inc.php, there aren't error messages (that I see), but maybe you'll notice a security problem or something? That's my main concern right now. It's just the basic install so far, with some tax, shipping, etc. setup done. It's at http://chellsroost.com/shop/.

Tested - no security mesage there using IE & FF ;)

[Security warning with new upgrade??]

@ tshells, Windy Miller

Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.

[Security warning with new upgrade??]

Suppose this is a result of the CubeCart 3 security audit.

[Problem after upgrade from 3.0.13 to 3.0.14]

Oh yes, valid category name , just noticed similar update in category box code :D

[Cart Value Not Updating]

You didnt empty the basket or didnt do the hack in includes/boxes/shoppingCart.inc.php stated here http://www.cubecart.com/site/forums/index....st&p=110584

[Problem after upgrade from 3.0.13 to 3.0.14]

thanks convict, that fix the second error. How about the first issue about the images being crossing each other at the homepage which does not happen before the upgrade?

just updated my prevous post...

[Problem after upgrade from 3.0.13 to 3.0.14]

looks like the 2nd error is now appearing in most of the category page. Need some urgent help on this

Open includes/content/viewCat.inc.php

SEARCH FOR

$view_cat->assign("CURRENT_DIR",validHTML(getCatDir($currentCat[0]['cat_name'],$currentCat[0]['cat_father_id'], $currentCat[0]['cat_id'], $link=TRUE)));

REPLACE WITH 

$view_cat->assign("CURRENT_DIR",getCatDir($currentCat[0]['cat_name'],$currentCat[0]['cat_father_id'], $currentCat[0]['cat_id'], $link=TRUE));

This code is from previous versions. 3.0.14 causes html entities issue if more than one level of categories because of links. Html tag marks are changed to html entity.

Latest product - there is a new class for products where height of the particular product box is 100 pixels. This is the 'problem', you have to increase this value.

layout.css

.latestProds {

float: left;

text-align: center;

width: 131px;

height: 100px;

}

[Security warning with new upgrade??]

It seems you use the basket content created with 3.0.13 - please do empty basket and try again.

OR

In case huge customer base and big traffic on your store do following in

includes/content/cart.inc.php

includes/boxes/shoppingCart.inc.php

SEARCH FOR

			$options = explode("|",$optionKeys)

ADD BEFORE

			$optionKeys = str_replace(".","|",$optionKeys);

This translates old created options to meet latest code changes.

[Security warning with new upgrade??]

Thanks for that andi

My store has been open for less than a week but reviewing the ISP stats for the domain this morning I noticed that there were 28 errors with switch.php in my logs

Have uploaded the fix now.

Great Please let us know if it fixes with issue.

I get the same error message - but only when changing the quantity in the cart. I have changed switch.php and removed cookies but to no avail. Strange thing is, it only effects some items in the cart and not others..... Any ideas?

This happens if there is a product with multi options in cart. You may disable the security feature sa Al stated above or fix it in 3 files:

classes/cart.php

includes/boxes/shoppingCart.inc.php

includes/content/cart.php

SEARCH FOR

"."

REPLACE WITH

"_"

Note: includes/content/cart.php do it only for first occurence. I am talking about unmodified cubecart files.

EDIT:

"." replacement should be any of characters definied as allowed in security code, "|" instead of "_" in the official release will be the right one probably.

[Adding a statistics program]

Thanks. But would it be index.tpl and cart.tpl files from the global or content directory?

Please have a look into both of index.tpl only one conatains the </body> tag. cart.tpl does exist only in global folder. Both of files roban pointed you resides in the same folder.

[Security warning with new upgrade??]

The issue causes additional code in treatGet function however security improvement. If the URL contains

&amp;

treatGet changes it to

&amp;amp;

The second amp; is the big problem! str_replace does replace only

$amp;

 to & 

amp;

remains there and it looks like

&amp;

afterwards. Only you need is change following: switch.php SEARCH FOR

header("Location: ".str_replace("&","&",treatGet($_GET['r'])));

REPLACE WITH (you have to do it twice!)

header("Location: ".str_replace('amp;','',treatGet($_GET['r'])));

includes/content/reg.php



SEARCH FOR

header("Location: ".str_replace("&","&",$redir));

REPLACE WITH

header("Location: ".str_replace('amp;','',$redir));

I have found useless security featuere in includes/content/login.inc.php

$_GET['redir'] = treatGet($_GET['redir']);

header("Location: ".str_replace("&","&",base64_decode(treatGet($_GET['redir']))));

Should be

header("Location: ".str_replace('amp;','',treatGet(base64_decode($_GET['redir']))));

[iDevAffiliate Error is CC Bug.]

From what I can see

// process payment



			if($fail==FALSE){



				$cart_order_id = $_POST['invoice'];



				include("../../../includes/orderSuccess.inc.php");

The IPN still processes the orderSuccess.inc.php which then recreates the order from the database!

Well but PayPal site does it - not related to customer browser

Does the IPN process affiliate logging elsewhere?

Not in default CubeCart code.

[Microsoft buys Firefox!]

So, with this happening, are we going to see an end to CSS imcompatibilities?

It would be the FireFox Internet Explorer :)

[iDevAffiliate Error is CC Bug.]

And if yes who is "Mr Convict"?

Its me. :

who is "Mr Convict"?

He is da MAN!

see this thread

Cool thread mate

See this post

Good idea to add tracking code to orderSuccess file but useless for gateways with similar feature like PayPal IPN has - it never shown in customer browser / cookies are burned out / images are not used...

[store off]

Cool. I have edited original post because of $glob vs $GLOBALS :sleep:

[store off]

Hi,

I tried your suggestion with no luck. Many thanks.

rajiv

Try following in CC 3.0.12 and older:

if($glob['rootRel']=="/"){

	$sessionName = "ccSID";

} else {

	$sessionName = "ccSID-".md5($glob['rootRel']);

}



session_name($sessionName);

@ini_set("session.cookie_path",$GLOBALS['rootRel']);

session_start();

[View Store Offline As Admin - FIXED]

Unoficial of course:

Your fix is not general but cart installed in site root folder only.

The fix could be following (3.0.12 and older):

admin/login.php

if($glob['rootRel']=="/"){

	$sessionName = "ccSID";

} else {

	$sessionName = "ccSID-".md5($glob['rootRel']);

}



session_name($sessionName);

@ini_set("session.cookie_path",$GLOBALS['rootRel']);

session_start();

$_SESSION['ccAdminPath'] = $GLOBALS['rootRel'];

admin/includes/auth.inc.php

if($glob['rootRel']=="/"){

	$sessionName = "ccSID";

} else {

	$sessionName = "ccSID-".md5($glob['rootRel']);

}

session_name($sessionName);

@ini_set("session.cookie_path",$GLOBALS['rootRel']);

session_start();

I tested it before and it works on any folder. However path ends with / if store is installed in any sub folder

$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); gets rid of ending / however the result on site root folder store is BLANK, default PHP setting for session.cookie_path is /. It depends to server and browser probably.

If the init session.cookie_path is called just before the session_name, some browser cookies get the curent store folder instead of default PHP setting /.