Search:

Type: Posts; User: wilt

Page 1 of 10 1 2 3 4

Search: Search took 0.03 seconds.

  1. Replies
    132
    Views
    9,107

    v155 Re: GDPR is Europe's new framework for data protection laws

    As the only core team member residing in the EU, thought I would offer my thoughts here.

    First, as mentioned in a previous post, be wary of scaremongers, especially when they are consultants...
  2. v155 Re: AdminRequestSanitizer Problem

    Note.

    Have also opened a github issue.
    https://github.com/zencart/zencart/issues/1348
  3. v155 Re: AdminRequestSanitizer Problem

    Hi

    There is some documentation about customizing the sanitizers here

    However, to make your life easier, here is what to do.

    Create a new file in [admin]/includes/extra_datafiles/

    I...
  4. v155 Re: sql issue in split_page_results with custom query using UNION

    You may want to take a look at
    [admin]/includes/classes/split_page_results_new.php
    while this has different method signatures from the legacy split_page_results class it does allow for passing in...
  5. v155 Re: sql issue in split_page_results with custom query using UNION

    What ZC version are you using
    and is this admin or catalog side code
  6. Re: V154 & V155 when cookies off zenid changing with every change of page. add item f

    Hi so have done an initial PR for v1.6

    https://github.com/zcwilt/zc-v1-series/commit/285288132585e6034754f86c51a076103a726f40

    This should fix the problem of seeing the session timeout page...
  7. Re: V154 & V155 when cookies off zenid changing with every change of page. add item f

    Hi Mark.

    Have been doing some digging and testing regarding this after some discussions with DrByte.

    Firstly regarding your suggestion


    if (isset($_POST[zen_session_name()])) {
    ...
  8. Replies
    22
    Views
    2,215

    v155 Re: Installer stalls at creating Database

    This wasn't what I asked :)

    What I asked is whether demo data had been loaded.

    e.g whether products table had been populated
  9. Replies
    22
    Views
    2,215

    v155 Re: Installer stalls at creating Database

    Another thing to check, which will give some indication of how far the install progress got, is to check the contents of the
    products table (assuming you asked for demo data to be installed)
    Are...
  10. Re: V154 & V155 when cookies off zenid changing with every change of page. add item f

    Hi Mark

    Do you have settings in Apache to do any kind of redirects.
    Also would you mind telling us who your host is.
  11. v155 Re: Shipping tax not added in order confirmation - possible bug??

    Hi

    Currently hoping there aren't any. I updated our functional test suite recently, just to test this. The changes did not break any of the tests relating to tax calculations.
  12. v155 Re: AdminRequestSanitizer Problem

    Hi all

    This is in fact a problem with core code, and not really related to any plugins.

    The reviews code passes a 'products_name' hidden field which in this context is a string.
    However in...
  13. Replies
    1,325
    Views
    90,621

    v150 Re: Edit Orders v4.0 Support Thread

    Also thanks to Scott(swguy) for reminding me to do that :)
  14. v155 Re: Sanitizer issue on product description edits with embedded images

    Did a quick test on my v155 branch.
    Copy/pasted a chevron into a description.
    saved OK and displays OK in admin/catalog
  15. v155 Re: Sanitizer issue on product description edits with embedded images

    Hmmm

    product description is probably the most permissive field as far as admin sanitizer is concerned.

    How do you enter the chevron. As an html entity ?
  16. v155 Re: Shipping tax not added in order confirmation - possible bug??

    Hi

    I tried this a clean install of v155 and could not see any problems.

    Here is what I did.

    Clean Install
    Admin set DISPLAY_PRICE_WITH_TAX = true
    Created Tax Class called 'Shipping...
  17. Replies
    1,325
    Views
    90,621

    v150 Re: Edit Orders v4.0 Support Thread

    drbyte suggests

    (int)(PROJECT_VERSION_MAJOR . '.' . PROJECT_VERSION_MINOR <= '1.5.5');
  18. Replies
    1,325
    Views
    90,621

    v150 Re: Edit Orders v4.0 Support Thread

    The problem is this test
    if (defined ('PROJECT_VERSION_MAJOR') && version_compare (PROJECT_VERSION_MAJOR . '.' . PROJECT_VERSION_MINOR, '1.5.5', '>=') && class_exists ('AdminRequestSanitizer') &&...
  19. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    This should work.



    I note that if I add $sanitizer->setDebug(true); to the end of admin/includes/init_includes/init_sanitize.php I get Sanitize logs
  20. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    HI

    On the other hand we need to consider what the TEXT attribute was meant for.

    Assume you have a T-Shirt shop where the customer can define the text that appears on the T-Shirt

    Using...
  21. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi

    That does in fact seem like a cool solution, although DrByte and I were talking and think PRODUCT_NAME_DEEP_REGEX is better than PRODUCT_DESC_REGEX as it is less permissive.
  22. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi,

    grrrr.

    I guess as a quick fix you could assign a NULL_ACTION to the value parameter as part of a MULTI_DIMENSIONAL sanitizer.

    Fortunately you caught me at a point where I was preparing...
  23. v155 Re: install freezes at "Loading Character Set specific data 59%"

    Hi

    Can you provide info regarding your server setup

    e.g. php version, mysql version etc.

    your admin/server_info.php will provide this info

    Or put a file on your server like this: ...
  24. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Fix pushed here
    https://github.com/zencart/zencart/pull/894/commits/3e07484bb9abc7f1dafe8cdd8916edf14a41984d
  25. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi
    I just pushed some final changes to the code, this shouldn't affect anything you have been testing as it mainly revolves around custom sanitizers and unit testing.
    Will do the PR against core...
  26. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    So I've pushed up a change to my testing branch to add a FLOAT_VALUE_REGEX

    I guess that probably 'tax' and 'final_price' should strictly speaking be floats.

    In fact I think the...
  27. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Will add this :)
  28. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Just to be clear here.

    If you want to test latest code, you need to pull in the changes from my https://github.com/zcwilt/zc-v1-series/tree/adminsanitizer-updates branch

    and there are 3 files ...
  29. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Have you defined any extra sanitizers.

    I'm about to update the docs regarding this.
  30. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    I'm working on updated documentation, and probably some expanded tests.

    Will post here once done.
  31. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    So I think I am close to a finished solution now

    https://github.com/zcwilt/zc-v1-series/commit/8b1d302b0ea3c17f2526f4b1e6aee0cdd95199cb

    Just a couple of things left to do

    Add some more unit...
  32. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    :D

    Hoping to finish the code for this tonight.

    The data structure for defining the sanitization would be


    $group = array(
    'update_products' => array(
    ...
  33. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    So at the moment there is no way of defining sanitization except at a top level basis,

    so I can't add sanitizers at a sub level at the moment

    However again, I'm currently working on a...
  34. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi

    So yes there is hope :)

    I would forget about changing id -> attr_info, especially if it is likely to break other code.

    The new version of the adminSanitizer class i'm currently working...
  35. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi.

    In one way, yes it would.

    Changing the parameter name to something that does not already have a sanitizer assigned will force that parameter to be sanitized
    by the...
  36. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    So one of the reasons Edit Orders is broken with reference to the sanitizer
    is when attempting to add a new product to the order(as has been mentioned elsewhere in the thread) .

    It breaks...
  37. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    This is not what is happening

    We are not going to put code into core that adds sanitization for specific Edit Order code parameters
    Although I might suggest how EO might work better with core.
    ...
  38. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    The traverseStricSanitize function passes $item by reference, and for the initial entry point uses either $_POST or $_GET and these will always be arrays whether empty or not.

    The problem is that...
  39. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi

    I do have a pending commit that uses recursion.
    https://github.com/zencart/zencart/pull/886/files
  40. Replies
    9
    Views
    1,406

    Re: clients can not log in

    Hi

    You said



    Just to clarify. Are you saying that using force cookie fixes the problem as well?
  41. Replies
    9
    Views
    1,653

    Re: Sagepay Form V1.5.5

    Hi

    I guess I should also point you to https://github.com/zencart/sagepay

    Also regarding



    Yes, but then don't the other versions (jsweb, nixak) do that?
  42. Replies
    9
    Views
    1,653

    Re: Sagepay Form V1.5.5

    Hi

    I would say that the in built code was 'inspired' by the nixak module. I have however rewritten large portions of the code. The main reason for the rewrite was to allow for more easily adding...
  43. Replies
    76
    Views
    10,835

    Re: AdminRequestSanitizer Error Log

    Hi

    As a temporary fix

    see https://docs.zen-cart.com/Developer_Documentation/v1.5.5/code_docs/admin_sanitization#disabling-strict-sanitization

    I'll take a look at the plugin to see if there...
  44. Sticky: Trustwave Security report [Patch Included] TWSL2016-006

    1612016121Robert Foggia of Trustwave notified us of possible multiple security vulnerabilities in Zen Cart Admin

    Trustwave announcement:...
  45. Replies
    460
    Views
    46,268

    v155 Re: FEEDBACK ON BETA of v1.5.5

    Hi

    Have done a PR https://github.com/zencart/zencart/pull/870/files
    which should fix this.
  46. Replies
    2
    Views
    491

    v154 Re: Admin orders: Prices inc/ex tax

    Hi

    I wouldn't classify it a intentional :)
    More unintentional but 'so what for now'

    I don't doubt that we could do better in terms of the display, especially having worked on a UK site that...
  47. v154 Re: Why is products_description.products_id an auto-increment field?

    There is absolutely no reason it needs to be auto_increment.

    I took a look at a v1.0 zip and it's set as auto_increment there, so this is something that has not just crept into code !!!

    As far...
  48. Replies
    460
    Views
    46,268

    v155 Re: FEEDBACK ON BETA of v1.5.5

    But my point is valid. The second level entries in the list you provided are things that would never be used as a set of UK zones.
    My point is, if the UK zones can't be trusted, why should I trust...
  49. Replies
    460
    Views
    46,268

    v155 Re: FEEDBACK ON BETA of v1.5.5

    Hi.

    I don't want us to get fixated on ISO codes for zones, as you say there isn't anything official.

    I guess my point is that the list you provided does not provide a proper list of...
  50. Replies
    460
    Views
    46,268

    v155 Re: FEEDBACK ON BETA of v1.5.5

    Hi

    Will be done soon

    https://github.com/zencart/zencart/pull/738

    Thanks for the fix.
Results 1 to 50 of 500
Page 1 of 10 1 2 3 4
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR