Results 1 to 2 of 2
  1. 6 Aug 2016, 10:46 PM #1
    yisou
    yisou is offline New Zenner
    Join Date
    May 2009
    Posts
    36
    Plugin Contributions
    0

    Default can we disable base64_decode()?

    just found base64_decode() is not safe, can we disable this function()?
    can we disable zend also?
    any else dangerous functions we can disable?
    tks
    Reply With Quote Reply With Quote
  2. 7 Aug 2016, 01:33 AM #2
    mc12345678
    mc12345678 is offline Totally Zenned
    Join Date
    Jul 2012
    Posts
    16,816
    Plugin Contributions
    17

    Default Re: can we disable base64_decode()?

    If your store is truly running on ZC 1.3.8a, the best thing to do and not have so many potential commands to be concerned about would be to upgrade to the latest version of ZC. This would eventually require upgrading the php version to something more acceptable/secure, but don't do that until the test upgraded site is operational and the upgrade process can be duplicated at least once.

    Suggested guidance to upgrade by rebuilding: http://www.zen-cart.com/entry.php?3-...d-of-upgrading
    ZC Installation/Maintenance Support <- Site
    Contribution for contributions welcome...
    Reply With Quote Reply With Quote
 

 
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules

disjunctive-egg
Content and Graphics Copyright (c) 2003 - 2026 Zen Ventures, LLC - all rights reserved
Zen Cart® is a Registered Trademark of Zen Ventures, LLC