Guest aikdo Posted December 29, 2005 Share Posted December 29, 2005 Everyone is complaining about the 403 errors that are now popping up due to the 3.0.7 Vunrability fix but im hearing mixed reaction as to what pages the warning is being showed for... Can you all please post JUST the page paths your getting this error on so i can make a rectified update to the patch... Can i also request that people be thankful that the vunrability was found and a "even though somewhat buggy at present" fix as been found... Please just post the locations and i can get to work on this and pass the fix to brooky ASAP... Thank You all in advance... Quote Link to comment Share on other sites More sharing options...
Guest ant0 Posted December 29, 2005 Share Posted December 29, 2005 (edited) Please just post the locations ...So far... www.XXXX.com/modules/gateway/Print_Order_Form/orderForm.php www.XXXX.com/admin/orders/order.php...id=XXXXXXXXXXXX www.XXXX.com/includes/content/logout.inc.php www.XXXX.com/admin/products/options.php FYI I can access the admin area with no problems - just certain areas giving 403's Edited December 29, 2005 by ant0 Quote Link to comment Share on other sites More sharing options...
Guest tkhspro Posted December 29, 2005 Share Posted December 29, 2005 404 Error code: Forbidden You don't have permission to access /estore/admin on this server. Additionally, a 404 Not Found error was encountered while trying to use an ErrorDocument to handle the request Quote Link to comment Share on other sites More sharing options...
Guest theorbo Posted December 30, 2005 Share Posted December 30, 2005 That 404 may be due to overwriting your /includes/global.inc.php file. Quote Link to comment Share on other sites More sharing options...
Guest Posted December 30, 2005 Share Posted December 30, 2005 No, the 404 error came from having an ErrorDocument directive in the httpd.conf that points to a file which doesn't exist. :errm: Quote Link to comment Share on other sites More sharing options...
Guest grandicki Posted December 30, 2005 Share Posted December 30, 2005 Parse error: parse error, unexpected T_STRING in /customers/elebikecenter.com/elebikecenter.com/httpd.www/shop/includes/content/viewProd.inc.php on line 34 Quote Link to comment Share on other sites More sharing options...
Guest airjer Posted December 31, 2005 Share Posted December 31, 2005 More Images (when you have more images for your products and you click this it gives you a 403 error!) /extra/prodImages.php Quote Link to comment Share on other sites More sharing options...
Guest Posted December 31, 2005 Share Posted December 31, 2005 More Images (when you have more images for your products and you click this it gives you a 403 error!) /extra/prodImages.php Basically the brooky patch for this issue (which is integrated into 3.0.7) is to check that the script that is calling the included file is one that is recognized as a legitimate CubeCart file. It does this by looking at the name of the script ($_SERVER['PHP_SELF']) and seeing if it can find any of the known CC script file names in there. If however you have applied a mod that uses a non-standard script file and calls one of these included files, you will need to modify brooky's fix in order for it to work. So instead of if (!ereg("index.php|cart.php|download.php|switch.php|confirmed.php",$_SERVER['PHP_SELF'])) { you would need to use if (!ereg("index.php|cart.php|download.php|switch.php|confirmed.php|prodImages.php",$_SERVER['PHP_SELF'])) { Note that all I did was to add "|prodImages.php" to the end of the list of text to search for (look up ereg on php.net if you really want to know how regular expressions work). If you have other files that are not working and are not in this list (e.g. the print order form page), then you could add those as well. Proper capitalization matters, but you don't need to (and probably shouldn't) include any path info (e.g., "/extra/.."). I personally still recommend that people use Sir William's fix instead for now, but if you want to use this one and need to get it working this should help you to do so. Quote Link to comment Share on other sites More sharing options...
Guest airjer Posted December 31, 2005 Share Posted December 31, 2005 Thank you :) Quote Link to comment Share on other sites More sharing options...
Guest Posted January 2, 2006 Share Posted January 2, 2006 http://www.XXXXXX.com/store/admin/orders/o...XXX-XXXXXX-XXXX When trying to click on an order number. Quote Link to comment Share on other sites More sharing options...
Guest airjer Posted January 2, 2006 Share Posted January 2, 2006 Order numbers are working for me, but I get an error when clicking the link that appears when changing orders to "Processing" "The status of this order has been changed successfully. At this stage you can send your customer an email invoice and access to download digital products. To do this Click Here" Quote Link to comment Share on other sites More sharing options...
Guest lusobridge Posted January 2, 2006 Share Posted January 2, 2006 I get 403 in the orders detail pages Quote Link to comment Share on other sites More sharing options...
Guest lusobridge Posted January 2, 2006 Share Posted January 2, 2006 Also get 403 whehn finishing an order Print form at least.... http://www.lusobridge.com/loja/modules/gat...m/orderForm.php Also, the order is registered in the database, but the cart of the customer stays with the item ordered. Quote Link to comment Share on other sites More sharing options...
Guest aikdo Posted January 2, 2006 Share Posted January 2, 2006 Ok guy this has been fixed read the post by brooky in the news area... Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.