Page 3 of 8 FirstFirst 12345 ... LastLast
Results 21 to 30 of 77
  1. #21
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    8,109
    Plugin Contributions
    110

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by cvhainb View Post
    Add this code on top of edit_order.php
    PHP Code:
    define('DO_STRICT_SANITIZATION'false); 
    Fixes have been posted; apply them. DO NOT turn off the XSS patches.
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.

  2. #22
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    10,726
    Plugin Contributions
    79

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by swguy View Post
    Fixes have been posted; apply them. DO NOT turn off the XSS patches.
    As I posted in the Edit Orders support thread (https://www.zen-cart.com/showthread....92#post1307492), the fix is necessary but insufficient. If you use EO and add a product with attributes, the issue persists.

  3. #23
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    2,079
    Plugin Contributions
    7

    Default Re: AdminRequestSanitizer Error Log

    i have watched this thread for a bit. i find it amusing/sad that the dev team is forced to change CORE code to make it work with a plug-in; not the other way around.

    it would not be so amusing to me if the plugin was good. but as i have expressed in the past, i feel EO is a necessary evil; it is a bloated add-on that sucks to debug; and frankly i do not agree with many of the design choices made in its coding. and to the people who choose to maintain and help others with this plugin, you are far braver than me.

    PLEASE PLEASE PLEASE include this functionality in the core for v1.6 so that we can put EO out of its misery.
    help with WCAG is now here! PM if you want some help with this. (or any ZC issue).
    if you feel so inclined, feel free to send some cake....

  4. #24
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    8,109
    Plugin Contributions
    110

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by lat9 View Post
    As I posted in the Edit Orders support thread (https://www.zen-cart.com/showthread....92#post1307492), the fix is necessary but insufficient. If you use EO and add a product with attributes, the issue persists.
    Edit Orders 4 adding a product with attributes doesn't seem to work perfectly whether or not you have this change. I have not been able to get the attributes to show up in the order either way.
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.

  5. #25
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    8,109
    Plugin Contributions
    110

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by carlwhat View Post
    PLEASE PLEASE PLEASE include this functionality in the core for v1.6 so that we can put EO out of its misery.
    Changes like this happen because volunteers do the work and submit PRs. Perhaps you?
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.

  6. #26
    Join Date
    Nov 2005
    Location
    los angeles
    Posts
    2,079
    Plugin Contributions
    7

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by swguy View Post
    Changes like this happen because volunteers do the work and submit PRs. Perhaps you?
    perhaps... i am trying to spend more time looking as well as following the activity... still have other things on my plate...
    help with WCAG is now here! PM if you want some help with this. (or any ZC issue).
    if you feel so inclined, feel free to send some cake....

  7. #27
    Join Date
    Sep 2009
    Location
    Stuart, FL
    Posts
    10,726
    Plugin Contributions
    79

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by swguy View Post
    Edit Orders 4 adding a product with attributes doesn't seem to work perfectly whether or not you have this change. I have not been able to get the attributes to show up in the order either way.
    I've got a bunch of clients using EO 4.1.4 on stores with heavy attribute usage and there's never been a problem (before). Perhaps you could add a post to the EO support thread mentioning that you're seeing this behavior and we could help you correct your installation.

    Is your posting meant to indicate that all's been done that's going to be done to end EO's misery in the presence of this Zen Cart 1.5.5 change?

  8. #28
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    8,109
    Plugin Contributions
    110

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by lat9 View Post
    Is your posting meant to indicate that all's been done that's going to be done to end EO's misery in the presence of this Zen Cart 1.5.5 change?
    Your faith in my ability to prognosticate is tragically misplaced. Anyone, at any time, is free to post a patch, submit a PR, update a mod, or submit a new mod. Impossible to predict, the future is.

    ATTENTION ALL DEVELOPERS: Please feel free to jump into the fray if you think you have a solution.
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.

  9. #29
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    8,109
    Plugin Contributions
    110

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by lat9 View Post
    I've got a bunch of clients using EO 4.1.4 on stores with heavy attribute usage and there's never been a problem (before). Perhaps you could add a post to the EO support thread mentioning that you're seeing this behavior and we could help you correct your installation.
    Appreciate the offer. Let me dup the issue on a pristine 1.5.5 + EO test cart to be sure it's not a bad interaction with another change.

    Meanwhile, anything you could do relating to the "over preparation" issue in EO as described in the thread below, it would be great.
    https://www.zen-cart.com/showthread....94#post1307494
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.

  10. #30
    Join Date
    Jul 2012
    Posts
    16,098
    Plugin Contributions
    17

    Default Re: AdminRequestSanitizer Error Log

    Quote Originally Posted by carlwhat View Post
    i have watched this thread for a bit. i find it amusing/sad that the dev team is forced to change CORE code to make it work with a plug-in; not the other way around.

    it would not be so amusing to me if the plugin was good. but as i have expressed in the past, i feel EO is a necessary evil; it is a bloated add-on that sucks to debug; and frankly i do not agree with many of the design choices made in its coding. and to the people who choose to maintain and help others with this plugin, you are far braver than me.

    PLEASE PLEASE PLEASE include this functionality in the core for v1.6 so that we can put EO out of its misery.
    Well, what's somewhat interesting about the situation is that the issue being addressed, is the security of the admin side which through "normal" routes would not be accessible to the problem being addressed by the sanitizer. But regardless of the one plugin, there are likely others that are similarly affected. The effort put forth just goes to show the level of concern to security and applying it to all aspects of ZC. I wouldn't consider addressing this as just trying to get EO to work, but security to work within the routine processes of PHP programming. To date that I know of there has not been a "you may not use the following code/data formats with ZC because ZC doesn't know how to handle that" instruction...
    ZC Installation/Maintenance Support <- Site
    Contribution for contributions welcome...

 

 
Page 3 of 8 FirstFirst 12345 ... LastLast

Similar Threads

  1. v155 [Done v155a and v155b] AdminRequestSanitizer Problem
    By JRGoold in forum Bug Reports
    Replies: 15
    Last Post: 12 Dec 2016, 01:16 PM
  2. v151 Filename cannot be empty error in error log
    By woodlandsprite in forum General Questions
    Replies: 2
    Last Post: 29 Nov 2012, 06:03 AM
  3. Site down, getting error in debug error log
    By rcrosier in forum General Questions
    Replies: 3
    Last Post: 25 Mar 2009, 03:01 PM
  4. Replies: 6
    Last Post: 7 Dec 2007, 03:42 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR