The original report was a little confusing as it seemed to suggest that the problem was with login/password forgotten code on the catalog side of Zen Cart.
I would like to thank Armorize Technologies for responding very swiftly to my emails.
The problem it seems lies in the admin code, not catalog and the 2 files they mention are
/admin/login.php
/admin/password_forgotten.php
taking each in turn:
admin/login.php line 57
Code:
<input style="float: left" type="text" id="admin_name" name="admin_name" value="<?php echo $_POST['admin_name']; ?>" />
should be changed to
Code:
<input style="float: left" type="text" id="admin_name" name="admin_name" value="<?php echo zen_output_string($admin_name); ?>" />
and on line 60
Code:
<input style="float: left" type="password" id="admin_pass" name="admin_pass" value="<?php echo $_POST['admin_pass']; ?>" />
should be changed to
Code:
<input style="float: left" type="password" id="admin_pass" name="admin_pass" value="<?php echo zen_output_string($admin_pass); ?>" />
and admin/password_forgotten.php line 84
Code:
<label for="admin_email"><?php echo TEXT_ADMIN_EMAIL; ?><input type="text" id="admin_email" name="admin_email" value="<?php echo $_POST['admin_email']; ?>" /></label>
changed to
Code:
<label for="admin_email"><?php echo TEXT_ADMIN_EMAIL; ?><input type="text" id="admin_email" name="admin_email" value="<?php echo zen_output_string($admin_email); ?>" /></label>
We are currently preparing a patch for 1.3.5 to address this issue,
Bookmarks