convict
-
Posts
1,302 -
Joined
-
Last visited
-
Days Won
1
Posts posted by convict
-
-
Just create a temporary admin and send me the access data via PM will be checking...Hello people,it seems that i have the same admin access problem as everybody else.
I must admit i have'nt yet tried the mp5.php thingy as i noticed that more than one possible solution could be the answer.
I noticed towards the end of this thread that convict said to check the $glob['rootRel'] within the include/global.inc.php
I would like to do this but my store is held within a subdomain http://paragifts.intermedia-services.fr
any suggestions would be a great help.
Please note that although my site is going to be mainly French based at the begining, other languages will be put into place, and myself, i am English so no problem understanding your replies.
Thanks in advance
skydiver
-
You are welcome :)Just wanted to say a public thank you to convict.It's very reassuring for people wanting to use CC that there are talented and helpful people like him around to help out.
Solved.
-
Solved. :wacko:@ tshells, Windy Miller
Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.
Thanks so much for the offer of help convict. Just PM'd you the link.
-
I posted you the path to the file - include/global.inc.php. Just search the store root folder on your site. The
Store root folder is the one that contains files named admin, classes, docs, extra, images, includes, js, language, modules, pear and skins. Go to includes folder and open global.inc.php file
-
@ teknia this is pure session issue NOT an admin password.
Please check your site URL is correct defined. The issue ocurs the site URL in your include/global.inc.php is without www in site name and you do site access with www in URL and counter.
@ jodyg
Please check your $glob['rootRel'] value in includes/global.inc.php it cannot be empty.
-
Thank you
There is no reason to post such request here.
CubeCart.com is not related (and doesnt support) to any 3rd Party mods. :)
-
@ antzypants
Huh, you dont have any permission to attach this mod here ;)
-
@ tshells, Windy Miller
Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.
Thank you for taking the time to look. Like I said, after edits to ini.inc.php, there aren't error messages (that I see), but maybe you'll notice a security problem or something? That's my main concern right now. It's just the basic install so far, with some tax, shipping, etc. setup done. It's at http://chellsroost.com/shop/.
Tested - no security mesage there using IE & FF ;)
-
@ tshells, Windy Miller
Please post here the URL to your store. If you prefer to prevent the publicity send me it via PM will have a look.
-
Suppose this is a result of the CubeCart 3 security audit.
-
Oh yes, valid category name , just noticed similar update in category box code :D
-
You didnt empty the basket or didnt do the hack in includes/boxes/shoppingCart.inc.php stated here http://www.cubecart.com/site/forums/index....st&p=110584
-
just updated my prevous post...thanks convict, that fix the second error. How about the first issue about the images being crossing each other at the homepage which does not happen before the upgrade? -
looks like the 2nd error is now appearing in most of the category page. Need some urgent help on this
Open includes/content/viewCat.inc.php
SEARCH FOR
$view_cat->assign("CURRENT_DIR",validHTML(getCatDir($currentCat[0]['cat_name'],$currentCat[0]['cat_father_id'], $currentCat[0]['cat_id'], $link=TRUE)));
REPLACE WITH
$view_cat->assign("CURRENT_DIR",getCatDir($currentCat[0]['cat_name'],$currentCat[0]['cat_father_id'], $currentCat[0]['cat_id'], $link=TRUE));
This code is from previous versions. 3.0.14 causes html entities issue if more than one level of categories because of links. Html tag marks are changed to html entity.
Latest product - there is a new class for products where height of the particular product box is 100 pixels. This is the 'problem', you have to increase this value.
layout.css
.latestProds {float: left;
text-align: center;
width: 131px;
height: 100px;
}
-
It seems you use the basket content created with 3.0.13 - please do empty basket and try again.
OR
In case huge customer base and big traffic on your store do following in
includes/content/cart.inc.php
includes/boxes/shoppingCart.inc.php
SEARCH FOR
$options = explode("|",$optionKeys)
ADD BEFORE
$optionKeys = str_replace(".","|",$optionKeys);
This translates old created options to meet latest code changes.
-
This happens if there is a product with multi options in cart. You may disable the security feature sa Al stated above or fix it in 3 files:Thanks for that andi
My store has been open for less than a week but reviewing the ISP stats for the domain this morning I noticed that there were 28 errors with switch.php in my logs
Have uploaded the fix now.
Great Please let us know if it fixes with issue.
I get the same error message - but only when changing the quantity in the cart. I have changed switch.php and removed cookies but to no avail. Strange thing is, it only effects some items in the cart and not others..... Any ideas?
classes/cart.php
includes/boxes/shoppingCart.inc.php
includes/content/cart.php
SEARCH FOR
"."
REPLACE WITH
"_"
Note: includes/content/cart.php do it only for first occurence. I am talking about unmodified cubecart files.
EDIT:
"." replacement should be any of characters definied as allowed in security code, "|" instead of "_" in the official release will be the right one probably.
-
Please have a look into both of index.tpl only one conatains the </body> tag. cart.tpl does exist only in global folder. Both of files roban pointed you resides in the same folder.Thanks. But would it be index.tpl and cart.tpl files from the global or content directory? -
The issue causes additional code in treatGet function however security improvement. If the URL contains
treatGet changes it to&&amp;The second amp; is the big problem! str_replace does replace only
$amp;
to &
remains there and it looks likeamp;
afterwards. Only you need is change following: switch.php SEARCH FOR&header("Location: ".str_replace("&","&",treatGet($_GET['r'])));
REPLACE WITH (you have to do it twice!)
header("Location: ".str_replace('amp;','',treatGet($_GET['r'])));
includes/content/reg.php SEARCH FOR
header("Location: ".str_replace("&","&",$redir));
REPLACE WITH
header("Location: ".str_replace('amp;','',$redir));
I have found useless security featuere in includes/content/login.inc.php
$_GET['redir'] = treatGet($_GET['redir']); header("Location: ".str_replace("&","&",base64_decode(treatGet($_GET['redir']))));
Should be
header("Location: ".str_replace('amp;','',treatGet(base64_decode($_GET['redir']))));
-
Well but PayPal site does it - not related to customer browserFrom what I can see// process payment if($fail==FALSE){ $cart_order_id = $_POST['invoice']; include("../../../includes/orderSuccess.inc.php");
The IPN still processes the orderSuccess.inc.php which then recreates the order from the database!
Not in default CubeCart code.Does the IPN process affiliate logging elsewhere? -
It would be the FireFox Internet Explorer :)So, with this happening, are we going to see an end to CSS imcompatibilities? -
Its me. :And if yes who is "Mr Convict"?who is "Mr Convict"?
He is da MAN!
Cool thread matesee this threadSee this post
Good idea to add tracking code to orderSuccess file but useless for gateways with similar feature like PayPal IPN has - it never shown in customer browser / cookies are burned out / images are not used...
-
Cool. I have edited original post because of $glob vs $GLOBALS :sleep:
-
Try following in CC 3.0.12 and older:Hi,I tried your suggestion with no luck. Many thanks.
rajiv
if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start();
-
Unoficial of course:
Your fix is not general but cart installed in site root folder only.
The fix could be following (3.0.12 and older):
admin/login.php
if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start(); $_SESSION['ccAdminPath'] = $GLOBALS['rootRel'];
admin/includes/auth.inc.php
if($glob['rootRel']=="/"){ $sessionName = "ccSID"; } else { $sessionName = "ccSID-".md5($glob['rootRel']); } session_name($sessionName); @ini_set("session.cookie_path",$GLOBALS['rootRel']); session_start();
I tested it before and it works on any folder. However path ends with / if store is installed in any sub folder
$sessionDomain = substr($GLOBALS['rootRel'],0, strlen($GLOBALS['rootRel'])-1); gets rid of ending / however the result on site root folder store is BLANK, default PHP setting for session.cookie_path is /. It depends to server and browser probably.
If the init session.cookie_path is called just before the session_name, some browser cookies get the curent store folder instead of default PHP setting /.
I need ISO3 and num code for U.S.
in Technical Help
Posted
ISO - US
ISO3 - USA
NUMERIC - 840