Results 1 to 10 of 10
  1. #1
    Join Date
    May 2006
    Posts
    321
    Plugin Contributions
    0

    Default Regarding Security Fix

    In shoppingcart.php, the line of code that you say to fix, I can't find on line 354. The only instance of that exact line of code that I can find is on 704 according to the editor in my ftp client and Dreamweaver as well. Was that the line I needed to replace?

    Also, I know several people running this. If I save the modified files from 1.3.2, can they be uploaded to sites running 1.3.0 and 1.3.1 so they don't have to edit code?

    Thanks!

  2. #2
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Regarding Security Fix

    I suppose if your file is double-spaced then 704 would be about right.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Regarding Security Fix

    Quote Originally Posted by digidiva-kathy
    Also, I know several people running this. If I save the modified files from 1.3.2, can they be uploaded to sites running 1.3.0 and 1.3.1 so they don't have to edit code?
    The patch was intentionally not released as a zip or file so that version conflicts would not occur.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  4. #4
    Join Date
    May 2006
    Posts
    321
    Plugin Contributions
    0

    Default Re: Regarding Security Fix

    :) ...so that's a yes?

  5. #5
    Join Date
    May 2006
    Posts
    321
    Plugin Contributions
    0

    Default Re: Regarding Security Fix

    I set up a folder like this:

    /includes/application_top.php
    /includes/functions/whos_online.php
    /includes/classes/shopping_cart.php
    /includes/modules/payment/paypal/paypal_functions.php

    Can I just upload that entire folder? I'm trying to make it easy so that I can help all of the non-clients that will ask for help. There are lots of people running ZenCart in my little world.

    Thanks!

  6. #6
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Regarding Security Fix

    If you're absolutely certain they are all the same version and have no customizations to those files, and are comfortable assuming that all is fine by doing so, then .... yes.

    Like I said, there was a reason for NOT doing that exact thing and posting it for everyone to do.

    I will NOT say "yes" to your question, as I do not advise it.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  7. #7
    Join Date
    May 2006
    Posts
    321
    Plugin Contributions
    0

    Default Re: Regarding Security Fix

    My apologies, I misunderstood your reply. Sorry, I have set up alot of carts, but I guess I'm still a newbie at heart.

    Okay, then, I will only do this to carts that I've installed in which I know there are no hacks.

    Thanks!

  8. #8
    Join Date
    Sep 2003
    Location
    Ohio
    Posts
    69,402
    Plugin Contributions
    6

    Default Re: Regarding Security Fix

    NOTE: if you have sites at v1.3.0 and v1.3.0.1 ... it is strongly recommended to use the Full v1.3.0.2 and upgrade these sites before applying the security patches ...
    Linda McGrath
    If you have to think ... you haven't been zenned ...

    Did YOU buy the Zen Cart Team a cup of coffee and a donut today? Just click here to support the Zen Cart Team!!

    Are you using the latest? Perhaps you've a problem that's fixed in the latest version: [Upgrade today: v1.5.5]
    Officially PayPal-Certified! Just click here

    Try our Zen Cart Recommended Services - Hosting, Payment and more ...
    Signup for our Announcements Forums to stay up to date on important changes and updates!

  9. #9
    Join Date
    May 2006
    Posts
    321
    Plugin Contributions
    0

    Default Re: Regarding Security Fix

    Thanks, Linda!

  10. #10
    Join Date
    Jan 2004
    Posts
    66,364
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Regarding Security Fix

    Fatal error: Cannot redeclare class base in /usr/home/bedtoyz/public_html/includes/classes/class.base.php on line 17
    this may help:
    http://www.zen-cart.com/forum/showth...t=43715&page=2
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

 

 

Similar Threads

  1. v139b Security Issue Regarding Poodle
    By strugglingnovice in forum General Questions
    Replies: 2
    Last Post: 30 Oct 2014, 11:23 PM
  2. A simple layout fix regarding text
    By robbin21973 in forum Templates, Stylesheets, Page Layout
    Replies: 2
    Last Post: 7 Mar 2012, 08:06 PM
  3. Regarding security improvement
    By Ms_X in forum General Questions
    Replies: 0
    Last Post: 17 Feb 2011, 04:37 PM
  4. Question Regarding $0.00 Gift Certificate Balance Fix
    By moonlight in forum Templates, Stylesheets, Page Layout
    Replies: 3
    Last Post: 14 Feb 2010, 02:38 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR