Does anyone know about the PCI compliance issue with Zen Cart? Are there any fixes on this issue regarding the "cpath variable error in the root of the page"
Re: Cpath error - PCI compliance (bug in SSU addon)
Sounds like maybe a problem with an addon you're using?
But, quite frankly, you're talking in a tone that suggests whatever you're referring to is a widespread problem ... where did you get that idea?
And, if it were truly widespread, then it would be discussed significantly here on the forum ... and clearly it isn't.
So ... let's step WAY back and start again ... where did you hear such a rumor? Did you recently fail a scan or something? If so, perhaps it would be way more fruitful for you to post the exact details of such so the matter can be assessed properly. If you heard the allegation someplace else, again you'll need to post exact details and history behind it if you really want a helpful answer.
Re: Cpath error - PCI compliance (bug in SSU addon)
Hello,
Thank you for the reply. Yes, we did fail a scan yesterday and lost our McAfee Scanalert until we get this fixed. The problem seems to be with the following;
Vulnerability MySQL Database Error Disclosure Vulnerability
Port 80/tcp
Scan Date 13-NOV-2009 10:33
We have installed some of the security patches just recently and will resubmit for re-scan. Hopefully it will solve this issue. However, if you know anything about this matter I would greatly appreciate any suggestions.
1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\\\';\\\",)`, 'categories', '5b8e771a1dc66f761879ad4f01a7380a_en')' at line 1
in:
[INSERT IGNORE INTO zen_ssu_cache(referring_id, type, file) VALUES(x\\\';\\\",)`, 'categories', '5b8e771a1dc66f761879ad4f01a7380a_en')]
Re: Cpath error - PCI compliance (bug in SSU addon)
We turned off the SSU and have asked for a rescan. I wondered if that was it or not when I saw earlier the part with the zen_ssu_cache, however I didn't think it would affect just the one category but again I am not a programmer. Now if the scan comes back ok I guess I will look for another mod for SEO URL's. Oh the fun never ends. Do you have any suggestions for this kind of mod?
Re: Cpath error - PCI compliance (bug in SSU addon)
Well when we turned off the SSU and got the rescan everything is fine and got the McAfee Secure back so that's what was creating all the problems.
Stevesh, thanks, I've been hearing that Google prefers no rewrites as they can learn more about a site but looking at our URL's I'd wonder how they can determine anything.
Other option would be not to have McAfee Secure as I'm not convinced it is 100% necessary but seeing the results of their scan showing there were glitches in the DB I'm not sure it should be removed either.
Re: Cpath error - PCI compliance (bug in SSU addon)
The so-called "SEO" modules that re-write URL's are now part of ancient history, and no longer need to be used.
They may actually have a detrimental effect on your site ranking in search engines.
I have never used them, never advocated that my (many) clients use them, and in fact I steer well clear of them.
And many of my clients enjoy prominent positions in SERPS (many in top spot for important keywords).
I have one client who gets position 1, 3,4 and 8 on page one of a google search for a specific (important) key word - and we have never paid the slightest attention to all the SEO nonsense that is endemic on the www.
Just make sure the content is good, relevant, meaningful and comprehensive. Get good sites to reference your url's. Get XMLSitemaps installed and regularly add and edit content to keep it topical.
Avoid these SEO things. They are no longer necessary.
Moderation
Destination thread ID and reason are required when shown.
Report Post
Tell staff why this post should be reviewed.
Manage cookie preferences
Our cookie policy has been updated, so we need you to review your preferences and consent again.