Using v1.3.9g ... see this post and follow each step in post #52
http://www.zen-cart.com/forum/showthread.php?t=165081
Printable View
Using v1.3.9g ... see this post and follow each step in post #52
http://www.zen-cart.com/forum/showthread.php?t=165081
Hi, thanks for getting back to me, followed instructions in post#52, but still dont seem to work, guess iam doing something wrong.
This is what i did,
1 create the file:
/admin/includes/extra_configures/extra_white_list.php & added the code posted:
<?php
$global_xss_whitelist = isset($global_xss_whitelist) ? $global_xss_whitelist : array();
$my_whitelist = array('file_contents', 'banners_html_text', 'pages_title', 'message_html', 'manufacturers_name', 'symbol_left', 'symbol_right', 'query_string');
$global_xss_whitelist = array_merge($my_whitelist, $global_xss_whitelist);
2 FTP the file to my server
3. Went to Define main page editor and copied the same code in again:
<?php
$global_xss_whitelist = isset($global_xss_whitelist) ? $global_xss_whitelist : array();
$my_whitelist = array('file_contents', 'banners_html_text', 'pages_title', 'message_html', 'manufacturers_name', 'symbol_left', 'symbol_right', 'query_string');
$global_xss_whitelist = array_merge($my_whitelist, $global_xss_whitelist);
Clicked save, checked my website & it still showing:
<?php $global_xss_whitelist = isset($global_xss_whitelist) ? $global_xss_whitelist : array(); $my_whitelist = array('file_contents', 'banners_html_text', 'pages_title', 'message_html', 'manufacturers_name', 'symbol_left', 'symbol_right', 'query_string'); $global_xss_whitelist = array_merge($my_whitelist, $global_xss_whitelist); <div style="text-align: center;"><img src="http://mywebsite.com/images/main.jpg" />
Hope somebody can help, as this is driving me crazy.
Thanks :bigups:
Hello guys! I just wanted to ask what's going on when my banner stopped rendering but instead showed up the html code. what i did was went to the EZ pages and edited the define_main_page but i undid it but still the banner wont render.
if you have time, kindly please check my store here.
thanks very much!
check this post ( www.zen-cart.com/forum/showpost.php?p=941839&postcount=52 )Quote:
Originally Posted by mayleine
Do not do what you did in step 3 ... you do not copy this code into your define page ... you only create the file:
/admin/includes/extra_configures/extra_white_list.php
with the code in it and load that to your site ...
Then, use your define page as you normally do ... you just need to edit what you put in there and save it so that it fixes itself ...
i followed the direction and created that file, i lost all of my admin so i removed it again. i got the admin back but not the define_main_page. when i click that, all i see is blank empty space.:shocking:
Hi, thanks for getting back to me :bigups:
So i left step 3 out & uploaded my picture up & saved, when i check in it still showing:
<div style="text-align: center;"><img src="http://mywebsite.com/images/main.jpg" /><br /> </div>
:frusty::frusty::frusty:
anyway, thanks for pointing me to that post clydejones. what i need to do is sharpen my common sense a bit. hehe. i will figure it out from all the posts there. :flex:
Ok! I finally got it resolved! I reached the point of frustration because even though I carefully followed Linda's patch in that post above, i didnt give importance to item # 4 where she said
"4. edit the section where you have the problem and save/update it to correct the issue"
because I already made sure what i put there was deleted. So just to follow the 1-2-3-4 items on that post and follow the commandments of the gods, what I did was literally TOUCH the file again in that define_main_page. I
1) added a random space anywhere in the file and
2) hit backspace to undo that space i added
3) hit Save.
I wasnt expecting anything but VIOLA, my banners are resurrected!!! :clap:
Thanks to the Zen cart team! ;)
Go to your Admin and in the Tools ... Developers Tool Kit ... do a search in the bottom input box for:
$my_whitelist
and select Admin and click search ...
Do you see the file:
/admin/includes/extra_configures/extra_white_list.php
in the list of files?
NOTE: the /admin would be a different directory name to match your secret /admin directory name that you are of course using ...
Thanks for the update that this worked for you ... :smile:
NOTE: you did not even need to do the add a space delete a space ... just to hit the edit and then the save/update is all that is needed ...
Hi, did as you said and it displays:
Searching 281 files ... for: $my_whitelist
/home/beac2116/public_html/MYWEBSITE.com/zc_admin/includes/init_includes/init_sanitize.php
Line #25 : * $my_whitelist = array('some_field_name');
Match Lines found: 1
Hope that helps
Yes it tells me you did not follow the steps in post #52 and create a new file and load it to your site with FTP with the code posted in post #52 ...
You physically need to create your own file for:
/admin/includes/extra_configures/extra_white_list.php
and add the code and load it to your site ...
Hi, iam using PHP designer 2007 Personal
I clicked on new PHP, copied the code into it saved as extra_white_list.php
I than uploaded the file with fillzilla to:
/public_html/mywebsite.com/admin/includes/extra_configures/extra_white_list.php
So its definately there, but i dont know why this is still not working.
I just checked at fillzilla and its still there
:frusty::frusty::frusty:
I believe you are loading it to the wrong directory ...
While I am "saying" load the file to:
/admin/includes/extra_configures/extra_white_list.php
If your real Zen Cart Admin is in the directory:
/fred
you would load the file into:
/fred/includes/extra_configures/extra_white_list.php
If your real Zen Cart Admin is in the directory:
/abc123
you would load the file into:
/abc123/includes/extra_configures/extra_white_list.php
Check what the real directory name is for your Zen Cart Admin is and then load it to:
/your_admin_directory_name/includes/extra_configures/extra_white_list.php
LOL, thanks Linda! yeah, that part is not necessary. just save. thanks so much for this wonderful zen cart.
It works, but like you said, preview is broken in the admin.Quote:
Originally Posted by Ajeh
Thank you for the help.
Ajeh<= yes I have found the file that was recommend to fix the issue. The tags are not present after I save the text for example in an item description. However, after I type in my text, an click on preview I see all the html coding but when press update the description is posted correctly.
That's the "new normal" in v1.3.9g.Quote:
Originally Posted by jfreeman
It'll change back again in v1.3.9h.
I've been creating a site for someone using v1.3.9g that's having issues with the HTMLarea. I've tried the extra_configures patch, but the page editor is still adding the code attributes and removing the spacing, etc. I don't believe the problem is the customized template, since the Zen Cart editor adds those attributes with the classic template too.
The site is http://literarylinens.com/ - oddly enough the EZpages editor is working fine though. So, any help or advice would be greatly appreciated. I would write the page code myself, but since the site is for someone that doesn't write code, it's important that they will be able to edit their own pages.
Thank you in advance for your time and assistance! I wouldn't ask for help unless it was absolutely dire.
-Amber
Could you go to the Tools ... Define Page Editor ... and edit the Privacy Notice and save it ...
Does that fix it?
:clap::clap::clap:
Managed to get White pages to work
Turns out, i had a bad install of Zencart removed Zencart & reinstalled Zencart, did the White pages, & works fine now.
Thanks guys for the Help :bigups:
I install the new version
All the Define Pages Editor page displays the results of html, all written so messy, help me step by step because I am not so smart, thank you very much for the people who helped me
intip2,
Read this thread!!!
Especially, post #52
NOTE: v1.3.9h has been released, which FIXES the issue, and makes the whitelisting workaround UNNECESSARY. The best solution is to upgrade.