Results 1 to 10 of 10
  1. #1
    Join Date
    Apr 2009
    Posts
    415
    Plugin Contributions
    2

    Default Ajax security fix November 2015

    On Applying the Ajax fix for the security update I am now receiving the following error on the Ckeckout page.

    "An unknown response null: :text/html; charset=utf-8: :SyntaxError: JSON.parse: unexpected end of data at line 1 column 1 of the JSON data was received while processing an ajax call. The action you requested could not be completed"

    every time I complete a step. The error does not stop the processing but you have to click ok to continue. I have reverted back to the previous version.

    Any Ideas?
    Mark Brittain
    http:\\innerlightcrystals.co.uk\sales\

  2. #2
    Join Date
    Jan 2004
    Posts
    66,363
    Blog Entries
    7
    Plugin Contributions
    274

    Default Re: Ajax security fix November 2015

    Hi Mark,

    Yes, you're right. Ian and I were talking about this earlier and discovered the same. I've posted an updated ajax.php file in the announcement thread.
    https://www.zen-cart.com/showthread....94#post1297794
    .

    Zen Cart - putting the dream of business ownership within reach of anyone!
    Donate to: DrByte directly or to the Zen Cart team as a whole

    Remember: Any code suggestions you see here are merely suggestions. You assume full responsibility for your use of any such suggestions, including any impact ANY alterations you make to your site may have on your PCI compliance.
    Furthermore, any advice you see here about PCI matters is merely an opinion, and should not be relied upon as "official". Official PCI information should be obtained from the PCI Security Council directly or from one of their authorized Assessors.

  3. #3
    Join Date
    Jul 2012
    Posts
    16,710
    Plugin Contributions
    17

    Default Re: Ajax security fix November 2015

    Quote Originally Posted by brittainmark View Post
    On Applying the Ajax fix for the security update I am now receiving the following error on the Ckeckout page.

    "An unknown response null: :text/html; charset=utf-8: :SyntaxError: JSON.parse: unexpected end of data at line 1 column 1 of the JSON data was received while processing an ajax call. The action you requested could not be completed"

    every time I complete a step. The error does not stop the processing but you have to click ok to continue. I have reverted back to the previous version.

    Any Ideas?
    Ideas that come to mind are the following:

    1. Template is not "updated" to ZC 1.5.4 (Does problem persist if temporarily use default ZC template?)
    2. There is another "error" occurring that is perhaps logged in the /logs directory.
    3. Database is not utf-8/utf8 as applicable/appropriate
    4. Language file(s) are not utf-8/utf8 as applicable/appropriate
    5. configure.php file(s)are not utf-8/utf8 as applicable/appropriate
    6. There is already a problem with the code that is being highlighted by the usage of the correct ajax.php file... Compare files against a known unaltered set to verify that *all* files are modified only to the extent expected... This includes images and other extraneous files/folders/locations.
    7. Javascript error/conflict.
    8. SSL certificate issue. (does the same error occur when attempting to login, or go to the contact_us page?) Do you use a SSL certificate? Do you have your site a) partially or b) fully assigned to https or c) not using a SSL nor https:?

    More information about your setup would be needed I think to give much else of a suggestion.

    Nevermind the above... Apparently between the time that I read the message, went to download/install and test the update, and then post here??? Well DrB posted an updated version... :) So, I've left my "thoughts" above but it appears that the issue has been resolved as reported by the previous message.

    Huh.. Although the version I tested was the old version and didn't get an error... But, I also don't have SSL on the test site... So, maybe more to follow...
    Last edited by mc12345678; 27 Nov 2015 at 06:51 PM.
    ZC Installation/Maintenance Support <- Site
    Contribution for contributions welcome...

  4. #4
    Join Date
    Apr 2009
    Posts
    415
    Plugin Contributions
    2

    Default Re: Ajax security fix November 2015

    New ajax file works fine. Thanks for the work and the feedback.
    Mark Brittain
    http:\\innerlightcrystals.co.uk\sales\

  5. #5
    Join Date
    Jun 2009
    Posts
    65
    Plugin Contributions
    0

    Default Re: Ajax security fix November 2015

    Hi, I was about to apply this fix but cannot find the ajax file on the server.
    I am wondering if this file is only an addon in which case I don't want or need to put this file in.
    If it is in the standard install please can someone tell me where. Many thanks.

  6. #6
    Join Date
    Aug 2005
    Location
    Arizona
    Posts
    27,761
    Plugin Contributions
    9

    Default Re: Ajax security fix November 2015

    veronicathecow,
    If you are using ZenCart v1.5.4 it should be at the root of your shop - if not then if you upgraded you missed something or if not you need to check your distribution files
    Zen-Venom Get Bitten

  7. #7
    Join Date
    Feb 2006
    Location
    Tampa Bay, Florida
    Posts
    9,612
    Plugin Contributions
    123

    Default Re: Ajax security fix November 2015

    To clarify Kobra's remarks, if you are *not* using 1.5.4, this change does not apply.
    That Software Guy. My Store: Zen Cart Modifications
    Available for hire - See my ad in Services
    Plugin Moderator, Documentation Curator, Chief Cook and Bottle-Washer.
    Do you benefit from Zen Cart? Then please support the project.

  8. #8
    Join Date
    Jun 2009
    Posts
    65
    Plugin Contributions
    0

    Default Re: Ajax security fix November 2015

    Hi Kobra and SWguy thanks for your replies.
    I am using 1.54 it was upgraded by a professional a while back.
    I have now found it in the root of public, thank you I did a search before (using FTP and the Zen Cart tools) and it didn't seem to come up, strange I will look into that later.
    I have now updated it, many thanks to you both for your help.

  9. #9
    Join Date
    Apr 2016
    Location
    Savannah, Georgia
    Posts
    9
    Plugin Contributions
    0

    Default Re: Ajax security fix November 2015

    I downloaded and replaced my ajax.php with your file and I still get the same error. Could it be caused by the server setup? We are building a new store and just got our SSL installed an hour ago and I am trying it out for the first time.

    It happens wherever I try to click on anything that requires SSL. For example, clicking on Sign In. Could the server guru's have done something wrong? Help.... This is way over my little perl experience head.... :)
    Last edited by bushpilot444; 13 May 2016 at 02:05 AM.

  10. #10
    Join Date
    Nov 2007
    Location
    Sunny Coast, Australia
    Posts
    3,379
    Plugin Contributions
    9

    Default Re: Ajax security fix November 2015

    Quote Originally Posted by bushpilot444 View Post
    I downloaded and replaced my ajax.php with your file and I still get the same error. Could it be caused by the server setup? We are building a new store and just got our SSL installed an hour ago and I am trying it out for the first time.

    It happens wherever I try to click on anything that requires SSL. For example, clicking on Sign In. Could the server guru's have done something wrong? Help.... This is way over my little perl experience head.... :)
    Which ZC version are you running?

    Also, can we have a link to the site please?

 

 

Similar Threads

  1. v151 PayPal SHA-256 Security Update Sept 2015
    By Malaperth in forum Built-in Shipping and Payment Modules
    Replies: 26
    Last Post: 19 Mar 2016, 12:09 AM
  2. Replies: 6
    Last Post: 5 Dec 2015, 09:29 PM
  3. Security Patches for v1.5.4 - November 2015
    By DrByte in forum Zen Cart Release Announcements
    Replies: 1
    Last Post: 27 Nov 2015, 06:31 PM
  4. USPS RateV4 Intl RateV2 - May 31, 2015 Version K7 for May 31, 2015
    By Ajeh in forum Zen Cart Release Announcements
    Replies: 0
    Last Post: 31 May 2015, 12:20 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR