Page 1 of 2 12 LastLast
Results 1 to 10 of 16
  1. #1
    Join Date
    Feb 2008
    Posts
    1,336
    Plugin Contributions
    1

    Default Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    Hello Everyone
    The latest security patch released by Wilt affect the Admin Profile Mod. After installing the patch I tried to edit the permissions for my profile, but with no luck. I spent 3 hours back ttracking what I did wrong with no luck. Then I remembered that I installed the patch so I removed and restored my original html_output and everything went back to normal.

    Can you guys test that as well?

  2. #2
    Join Date
    Jan 2004
    Location
    N of San Antonio TX
    Posts
    9,103
    Plugin Contributions
    11

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    Perhaps you missed the statement in the readme.html that came with the patch. Not only does it warn that html_output.php might already have been changed, it went on to tell you how to manually update the file if it had been previously changed.

  3. #3
    Join Date
    Feb 2008
    Posts
    1,336
    Plugin Contributions
    1

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    I did see that but I didn't think that I have ever edited the html_output in the admin area.

  4. #4
    Join Date
    Feb 2008
    Posts
    1,336
    Plugin Contributions
    1

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    I just did the merge manually and still the same problem exists. So the problem is still there.

  5. #5
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    Not sure why this is in the recovering from hacks section and not the Admin Profiles support thread. However, I've just posted a patch for Admin Profiles (in the support thread) to make it compatible with the Zen Cart security patch.

    I remain however, puzzled by your description of how you fixed the problem. Admin Profiles doesn't touch the html_output file, so reverting to your original version must mean partially undoing the security patch. But this would not only not help with Admin Profiles, but would also break many other parts of your Admin.
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  6. #6
    Join Date
    Jul 2006
    Location
    Montreal, Canada
    Posts
    2,279
    Plugin Contributions
    0

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    well, since we are still on this topic , i have issue after installing the patch . here the error .

    lues[$i]['id']) { $field .= ' SELECTED'; } $field .= '>' . zen_output_string($values[$i]['text'], array('"' => '"', '\'' => ''', '<' => '<', '>' => '>')) . ''; } $field .= ''; if ($required == true) $field .= TEXT_FIELD_REQUIRED; return $field; } //// // Hide form elements function zen_hide_session_id() { global $session_started; if ( ($session_started == true) && defined('SID') && zen_not_null(SID) ) { return zen_draw_hidden_field(zen_session_name(), zen_session_id()); } } ?>
    Fatal error: Cannot redeclare zen_href_link() (previously declared in /hsphere/local/home/xxxxx/xxxxx/xxxxx/includes/functions/html_output.php:25) in /hsphere/local/home/xxxxx/xxxxx/xxxxx/includes/functions/html_output.php on line 406

    in download read me file, stated that i have to add a code above return $form , how ever , that code already exists above $form .. any suggestion ??

    version 1.38,
    db patch level 1.38

  7. #7
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    Tony

    Is yours a problem with the combination of Admin Profiles and the security patch? or just the security patch?

    What were you doing when that text spilled out onto your site?

    Did you install by manually patching the html_output file or by using the one provided?
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

  8. #8
    Join Date
    Jul 2006
    Location
    Montreal, Canada
    Posts
    2,279
    Plugin Contributions
    0

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    well, this site contains no admin profile simply 2 addon , blank sidebox and cross sell . i uploaded the html_output.php provided with this patch .. once uploaded , tried entering admin , this is the error i get.

    im going to recheck everything again .

  9. #9
    Join Date
    Jul 2006
    Location
    Montreal, Canada
    Posts
    2,279
    Plugin Contributions
    0

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    well, that is odd . now is working . didn't even do anything :)

  10. #10
    Join Date
    Apr 2006
    Location
    London, UK
    Posts
    10,569
    Plugin Contributions
    25

    Default Re: Problem With The Latest Security Relase Relased By Wilt vs Admin Profiles addon

    Have you by any chance left a backup of the html_output file on your server?
    Kuroi Web Design and Development | Twitter

    (Questions answered in the forum only - so that any forum member can benefit - not by personal message)

 

 
Page 1 of 2 12 LastLast

Similar Threads

  1. v155 problem with admin/users.php and admin/profiles.php??
    By carlwhat in forum Upgrading to 1.5.x
    Replies: 5
    Last Post: 29 Mar 2016, 08:52 PM
  2. Replies: 6
    Last Post: 23 Dec 2011, 03:49 AM
  3. Replies: 18
    Last Post: 17 Nov 2009, 12:52 AM
  4. EZ Pages problem after installing the latest security patch
    By clydejones in forum General Questions
    Replies: 2
    Last Post: 29 Jun 2009, 12:42 AM
  5. admin profiles security problems
    By mipavluk in forum Customization from the Admin
    Replies: 5
    Last Post: 6 Feb 2008, 01:02 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR