Search:

How apt for Easter :D

Download this and follow the instructions (making sure that the cache folder is writeable):

http://www.zen-cart.com/index.php?main_page=product_contrib_info&products_id=860

this will dump an...

No not at all, you need to create a page on your computer, ftp it to your website and then visit with your web bowser, this will then list all the details of your server like the PHP version and...

<?php
include('includes/application_top.php');

header('Content-type: text/plain');

$sql = "SELECT products_description.products_name , products_description, products_model, products_quantity...

htmtlentities is a built in PHP function that will strip the quotes that would make the UNION fail but turning them into &quot; a better option would probaby be



preg_replace('/\s*/', '',...

should also be


$products_query = "select products_id, products_model from ".TABLE_PRODUCTS." where products_model = \"$model_from_remote_configurator\"";

:oops: That would leave you open to a SQL injection/ password enumeration vulnerability as mentioned here

http://www.gulftech.org/?node=research&article_id=00129-09042008

you need a...

Right you are running a Windows Server and IIS which makes things a lot more tricky. Any idea which version of PHP you have ? since the "version" page isn't working, the easiest way is to create a...

No idea if this is relevant but in a different thread one person received a 502 Bad gateway message because of incorrect permissions on the folders (although their were other big issues with the rest...

If you haven't got a php.ini in there overriding the default settings then DrByte's right, somehow your server installation has gone, and your host should be resetting the php.ini for the server.

I had a look at this and it's a strange set up where a website in a folder above the zen shop is working, but the Zen site isn't throwing a PHP per se since it's reporting a 502 bad gateway, it's...

You have a configuration problem with your server, those are PHp extensions that are not being loaded. These extensions do things like process images and connect to mysql. Do you have a php.ini...

In Cpanel about half way down the page (well it is on mine by the bits are dragable) is a section called "Domains", you'll want either "add on domains" or "register new domain" and then you just...

you should in cpanel be able to point the domains to the right folders then edit the configure files and you'll be fine.

That (.htaccess) will only work if you are using mod_php which you can find out by going into

admin > Server version/ info

if you see anything that mentioned php-cgi or fast-cgi or suExec...

Right the first problem was that your original shop was under public_html so anyone going to

http://your_site.com/

would go straight into your shop. Then when a "new" version was installed is...

no problem, :cool:

Right 500 server errors are caused by server misconfiguration, common ones include something in .htaccess files that the server doesn't like (you can name the .htaccess back now). The next common one...

There's a file

zc_install/.htaccess

try renaming that to anything and see if the 500 error goes away. The path information errors are quite normal and mean you made a mistake when entering...

I don't (didn't) but I found a lonk on the mysql fourms that explains it very well

http://forums.mysql.com/read.php?103,187048,188748#msg-188748

When you view the source of your index page what do you see as the character set ?



<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />


is the default which could...

https://www.flowersbydooleys.com/shop/admin/login.php

In the security guidelines it says rename the admin folder.

It depends very much on how much access you have to the server. MySQL stores the entire database under a folder normally in /var/lib/mysql and then you could physically do a straight copy if you have...

The point is that I am trying to help by saving server resources from bots and misplaced files if the shop owner uses the Zen cart file

extras/htaccess_for_page_not_found_redirects.htaccess

or...

Well my favourite advice from Website Rob so far has been



and indeed anything that goes to page not found, because it means that every single error for a hack attempt loads 170 files into...

No it is a correct answer, mine leaks less information reagrdless of circumstance and still allows requests to be tracked easily and in the same manner as the OP is going. It is my responsibility to...

No statistical probability, default configuration and 12 years experience all tell me that Error pages leak information as do headers. So a one liner that leaks less is a better course of action.

Yes but if it s a probe that still results in leaking server information.

So have you tracked the ipaddress through the normal log and worked out what the computer has been looking at ? If you follow it and look at the source yourself, you should then be able to track your...

Does it have a referer in the error logs ? I fully admit to running after wild geese on this one. If you have the ip address that isn't 00.00.00.00 the you can track that to the time through the...

no that was an example of the misuse of none, there are quite a few posts about non-existent files and using mod_rewrite that result in the 00.00.00.00 ip address (good spotting that) "none" could be...

This article on django seems to give a clue

forum.dreamhosters.com/troubleshooting/112491-dispatch.fcgi-not-found.htm

00.00.00.00 could be the internal rewrite ip address in which case then...

No I meant looking for a css explanation is irrelevant. e.g. looking for a theme built into "classic" rather than an override, that looks for none.

I know, but they do reference directory structure and "none" (not non), in shopping_cart we have

$_POST[UPLOAD_PREFIX . $i]] != 'none'

and in upload.php we also have

(...

Is the ip address your own or someone elses ? Does it have a referrer ?

There are two class files that could refere to a "non"

admin/includes/classes/phplot.php (which would be you)
...

I just want to try and understand something because there's a website at http://www.invitasport.com/ and yet there's a broken website (11am UK time) at http://www.invitasport.com/onlinestore/ now is...

yes to both files, err why aren't you in the admin area to delete and account ? that's where frank told you to do ?

If you're not then you probably have corruption somewhere else and should not...

admin/customers.php

I think you should reupload the page that Frank has told you is where the delete button should be, following his directions would tell you which file it is. Probably sqlpatch.php is going to also be...

OH I think you have file corruption then, probably ftp gone wrong. Try uploading the file that Frank18 says you need to go to. I know SQL and that is an easy error to spot, but if it's on entirely...

It's ezpages that show up in the footer and they can be turned on by going to admin/ezpages.php (clicking on tools>ezpages in your admin) and then clicking the icon from red to green in the footer...

You went to sql updates and tried to issue a statement to delete a customer, but for some reason you pasted in a bit of the URL you were using admin/sqlpatch.php and so the SQL didn't go through and...

Your site is probably set not to display PHP errors so you need to turn it on or follow this guide

https://www.zen-cart.com/tutorials/index.php?article=82

to install the Debugging...

Found it, try this

http://www.zen-cart.com/forum/announcement.php?f=13&a=12

it should help your debugging.

No </body> means that something has crashed in index.php before reaching the end of the page. You need to check the page load order which would be after

<!-- eof: featured products -->

on a...

You could embed a hidden form in your HTML like



<form id="form_1"...

Everything will probably fail if the configure.php's have been removed might as well remove everythign else too, but next time start with protecting a directory with cPanel, then put the Zen Cart...

oneandone according to network-tools on his published domains, can you remove that section from the thread please ?

Publishing the domain and then the alterations that were made to "hide" the admin folder, not the best of ideas.

Second to that above, if you find out your ipaddress you can change the .htaccess file to

Order deny,allow
deny from all
allow from IP_ADDRESS

Assuming that your paths are incorrect in your...