Results 1 to 6 of 6
  1. #1
    Join Date
    Aug 2007
    Location
    Gijón, Asturias, Spain
    Posts
    2,229
    Plugin Contributions
    29

    Default Detailed description of the sanitation of url parameters

    I am investigating a problem with an add-on that I think is related to the (POST) sanitation measures put in place in ZC 1.55 for URL parameters.
    I read in the last couple of days a detailed description of these measures...but I cannot find this information now.
    Can someone please post a link...
    thanks Steve
    Steve
    github.com/torvista: Spanish Language Pack, Image Checker, Structured Data, BackupMySQL Admin/Auto, Product Listing Sorter, Redsys payment module...

  2. #2
    Join Date
    Jan 2004
    Posts
    66,331
    Blog Entries
    7
    Plugin Contributions
    81

    Default Re: Detailed description of the sanitation of url parameters

    The link to http://docs.zen-cart.com/Developer_D...tation/v1.5.5/ is also in the readme
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Aug 2007
    Location
    Gijón, Asturias, Spain
    Posts
    2,229
    Plugin Contributions
    29

    Default Re: Detailed description of the sanitation of url parameters

    Thanks
    ...is also in the readme
    I thought that was where I had seen it but I still cannot find where...!!
    Last edited by torvista; 26 Mar 2016 at 11:32 PM.
    Steve
    github.com/torvista: Spanish Language Pack, Image Checker, Structured Data, BackupMySQL Admin/Auto, Product Listing Sorter, Redsys payment module...

  4. #4
    Join Date
    Aug 2007
    Location
    Gijón, Asturias, Spain
    Posts
    2,229
    Plugin Contributions
    29

    Default Re: Detailed description of the sanitation of url parameters

    If I want to use a new GET parameter on certain pages, I think it needs to be added to the $params_to_check array in
    includes\application_top.php,

    Is there a mechanism to add the new parameter dynamically/not touch core code?

    Or it is this?
    https://docs.zen-cart.com/dev/code/a...ion-in-plugins
    Steve
    github.com/torvista: Spanish Language Pack, Image Checker, Structured Data, BackupMySQL Admin/Auto, Product Listing Sorter, Redsys payment module...

  5. #5
    Join Date
    Jul 2012
    Posts
    15,809
    Plugin Contributions
    17

    Default Re: Detailed description of the sanitation of url parameters

    Quote Originally Posted by torvista View Post
    If I want to use a new GET parameter on certain pages, I think it needs to be added to the $params_to_check array in
    includes\application_top.php,

    Is there a mechanism to add the new parameter dynamically/not touch core code?

    Or it is this?
    https://docs.zen-cart.com/dev/code/a...ion-in-plugins
    Are you trying to address sanitization on the admin side, the catalog side, or both?

    The first part about an array within the includes/application_top.php file is catalog side, while the linked article is for admin.

    I don't see that there is any direct ability to modify the contents of those arrays without directly editing the file. It would be possible either before or after this area to do something similar.
    ZC Installation/Maintenance Support <- Site
    Contribution for contributions welcome...

  6. #6
    Join Date
    Aug 2007
    Location
    Gijón, Asturias, Spain
    Posts
    2,229
    Plugin Contributions
    29

    Default Re: Detailed description of the sanitation of url parameters

    Catalog side, thanks.
    Steve
    github.com/torvista: Spanish Language Pack, Image Checker, Structured Data, BackupMySQL Admin/Auto, Product Listing Sorter, Redsys payment module...

 

 

Similar Threads

  1. URL Parameters - Adding to Cart
    By djdavedawson in forum General Questions
    Replies: 6
    Last Post: 2 Jul 2013, 06:07 PM
  2. Adwords and URL parameters and Auto-Tagging...
    By keylesslocks in forum General Questions
    Replies: 0
    Last Post: 26 Aug 2008, 07:11 PM
  3. Detailed Invoice URL is directed to logged-in customer
    By webefendi in forum General Questions
    Replies: 1
    Last Post: 7 Nov 2006, 05:04 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR