PHP Warnings CC6.5.2

[Claudia]

I keep getting these warnings.  Anything to do to stop it - or do I need to worry? Thanks for any and all help.

[13-Sep-2023 09:02:41 America/Louisville] PHP Warning:  Invalid Security Token in /home/xxxxx/public_html/classes/sanitize.class.php on line 155
[13-Sep-2023 09:02:41 America/Louisville] PHP Warning:  Undefined global variable $_GET in /home/xxxxx/public_html/includes/functions.inc.php on line 218
[13-Sep-2023 09:30:31 America/Louisville] PHP Warning:  Undefined array key "HTTP_USER_AGENT" in /home/xxxxxx/public_html/classes/user.class.php on line 719
[12-Sep-2023 21:06:52 America/Louisville] PHP Warning:  Trying to access array offset on value of type bool in /home/xxxxx/public_html/classes/cubecart.class.php on line 660
 

[bsmither]

When CubeCart determines that the security key is invalid, one of the things done is to destroy the $_GET and $_POST variables. That way, nothing untoward gets processed.

The missing array key 'HTTP_USER_AGENT' has been dealt with elsewhere in the CubeCart code to not throw a warning - so maybe an issue in the Github regarding this specific statement in the code may show up. In the meantime, you may wish to make this edit:

In /classes/user.class.php, near line 719, from:

$agent = strtolower($_SERVER['HTTP_USER_AGENT']);

To:

$agent = strtolower($_SERVER['HTTP_USER_AGENT'] ?? "unknown");

I think this group of errors involve a search spider submitting an obsolete or incomplete page request.

The array offset warning identifies a statement that has not been fixed correctly. Please make this edit:

In /classes/cubecart.class.php, near line 660, from:

if ($_GET['_a'] == 'basket' && $this->_basket['billing_address']['user_defined'] ?? false) {

To:

if ($_GET['_a'] == 'basket' && isset($this->_basket['billing_address']) && $this->_basket['billing_address']['user_defined'] ?? false) {

 

[Claudia]

Thanks Brian!