1.39.g Define pages not longer printing as html
Define page are no longer printing html to the page but printing out the source code. I did copy changed files over into the zip file I have been using for 1.3.f. Someone please check to see if it's something I did or something in this new release.
The language file itself does not contain pure html. the brackets are not < or > but the < tags instead/
It's fine until you go to edit the page.
Re: 139g weird problem define pages editor
Quote:
Originally Posted by
wilt
Are you talking about the define pages, or some other preview ???
As NFM, I've got the same problem. Your whitelist fix works fine for define pages, but not for the preview of product pages (when adding or updating a product).
When I add/update a product it's really helpful to see the "real" version, not the HTML-clutter.
Re: 1.39.g Define pages not longer printing as html
Quote:
Originally Posted by
delia
Define page are no longer printing html to the page but printing out the source code. I did copy changed files over into the zip file I have been using for 1.3.f. Someone please check to see if it's something I did or something in this new release.
The language file itself does not contain pure html. the brackets are not < or > but the < tags instead/
It's fine until you go to edit the page.
http://www.zen-cart.com/forum/showpo...08&postcount=8
Just create a file called xss_whitelist.php in "admin/includes/extra_configures" and paste that code above. Works fine for me.
Re: HTML tags show after upgrade to 1.3.9g
I got 8 sites I upgraded already today. Creating a whole 'nother file that will be obsolete soon is not a great option for me. The question is whether the permanent fix will be posted here so I can do it right.
I jumped on this release and have quite a few other sites to upgrade since there seemed to be so many security fixes in it. I'm now in limbo.
Re: HTML tags show after upgrade to 1.3.9g
And reading back thru this thread (I had started a new thread) I also need to say that this is affecting my sites on the pages themselves:
for example
http://soldierhollowclassic.com/shop...age=contact_us
Re: HTML tags show after upgrade to 1.3.9g
After adding the patch ... what happens if you just edit and save the:
/includes/languages/english/html_includes/your_template_dir/define_contact_us.php
in your Tools ... Define Page Editor ...
NOTE: you should be using template and overrides for these
Re: HTML tags show after upgrade to 1.3.9g
Hi, all,
My situation is a little bit different from yours.
When I made changed in the define_main_page.php by using the define pages editor in the admin panel, it was fine in the editor ( I was using "HTML body" option instead of the "plaint text" ) but it show HTML source code in the store front. It is the plaint HTML code, like <, and >, and they are not converted to < nor > like what p1lot mentioned in post #5.
The other thing is I copied the original define_main_page.php from the zen-cart classic theme to replace my custom override template, it still showed HTML code.
I noticed, whatever I put inside the define pages editor, everything will show up as plain text, even as simple as "Welcome to my store" then a "Enter" key, it will show to the front page "Welcome to my store </br>".
I agree with delia. I will wait until a permanent fix from zen-cart. Hopefully it will come out very, very, very soon.
A little suggestion: can I just upgrade other files but leave that particular file that cause this trouble behind? Of course this need to be confirm by zen-cart developpers.
Re: HTML tags show after upgrade to 1.3.9g
Did you create a file like:
/admin/includes/extra_configures/extra_white_list.php
and put into that file the code:
NOTE: THE FOLLOWING CODE HAS BEEN SUPERCEDED BY THIS POST: http://www.zen-cart.com/forum/showth...839#post941839
*snip*
and then try to edit the define_main_page.php once more and save it to see if this displays correctly now?
Re: HTML tags show after upgrade to 1.3.9g
I tried on a fresh installed zen-cart, and it WORKS!!!:clap:
Re: HTML tags show after upgrade to 1.3.9g
I have a little ajax calling in my own php file when certain options are selected on the main page.
This stop working after the upgrade and it does not display the second drop down option that the
ajax calls in. I checked the define_main_page in the editor and when I save it got the html rather than
just the text on the main page. i applied the fix post above using the using the $global_xss_whitelist instructions and it removed
the html and it went back to displaying the text, but it is not retrieving my php file using ajax as it did previously.