Results 1 to 3 of 3
  1. 5 Jan 2015, 10:38 AM #1
    s_p_ike
    s_p_ike is offline Zen Follower
    Join Date
    Feb 2005
    Location
    Italy
    Posts
    199
    Plugin Contributions
    0

    Default [Not a bug] Use of zen_record_admin_activity without defines

    Hi all, I found in v154 that there are 85 occurrences of zen_record_admin_activity in 29 files where text messages are written directly in english without the use of defines.

    I believe that this should be corrected.
    Paolo De Dionigi
    Co-maintainer of Zen Cart Italia
  2. 5 Jan 2015, 03:40 PM #2
    DrByte's Avatar
    DrByte
    DrByte is offline Sensei
    Join Date
    Jan 2004
    Posts
    66,443
    Plugin Contributions
    279

    Default Re: Use of zen_record_admin_activity without defines

    That was intentional. It's a PCI requirement, and hard-coding the messages makes it harder for malicious intruders to hide their tracks.
    Much like server operating-system logging, which is in English despite what languages are configured on the server, this provides an audit trail that can be used to understand malicious activity and more effectively recover from damages done.
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.
  3. 5 Jan 2015, 05:37 PM #3
    s_p_ike
    s_p_ike is offline Zen Follower
    Join Date
    Feb 2005
    Location
    Italy
    Posts
    199
    Plugin Contributions
    0

    Default Re: Use of zen_record_admin_activity without defines

    Ok, I didn't know. Thank you for explaining.
    Paolo De Dionigi
    Co-maintainer of Zen Cart Italia
 

 
« Previous Thread | Next Thread »

Similar Threads

  1. v151 [Not a Bug] you can't use letters like ä ö å æ ø when customers creat/editing address
    By wazer in forum Bug Reports
    Replies: 5
    Last Post: 17 Apr 2014, 12:10 AM
  2. [Not a ZC Bug] Duplicate use of order numbers v1.3.9h
    By tbokich in forum Bug Reports
    Replies: 6
    Last Post: 24 Mar 2011, 04:39 PM
  3. Use ZC defines in external file...
    By Alex Clarke in forum General Questions
    Replies: 2
    Last Post: 17 Jul 2007, 06:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Content and Graphics Copyright (c) 2003 - 2026 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC