Question about XSS patch upgrade

**kinget** · 1 Aug 2007, 11:03 PM

Hi...

I have a custom file in my templates directory which is affected by the XSS patch. I need to manually alter the lines in this file "tpl_account_history_info_default.php" -- I was reading through the patch upgrade code that was left by Dr. Byte, but I didn't see any manual edits for this file. What lines need to be changed for the XSS patch? (If I missed this somehow I apologize ahead of time).

Many thanks as always for your help and guidance.

Kinget

**DrByte** · 1 Aug 2007, 11:21 PM

The fastest way to find out what exactly has changed, is to compare the original against the new, and then merge the differences.
A tool such as WinMerge is extremely handy for this.

**kinget** · 1 Aug 2007, 11:29 PM

Thank you for this, however, I made lots of changes in that particular file, so there are a lot of changes and I think the Winmerge at this point really would be not that much help. Is it just one little line as you stated in the other thread? It would be very much help to me...I really don't have a lot of time or seeing availability to sit and compare.

Thanks for your help.
Kinget

Originally Posted by DrByte

The fastest way to find out what exactly has changed, is to compare the original against the new, and then merge the differences.
A tool such as WinMerge is extremely handy for this.

**DrByte** · 1 Aug 2007, 11:32 PM

With the thousands of lines of code I look at each day, the only way for me to identify what's changed is to do the same comparison I recommended. I don't always remember the details off the top of my head, but I know how to find them.

Instead of first comparing your customized file, compare the original template_default version of the file against the new/patched template_default version of the file. That should show you the differences.

Then you can apply those differences to your customized file.

This is the very same procedure that should be followed to upgrade an entire site ... one file at a time.

**kinget** · 2 Aug 2007, 12:44 AM

Hi Dr. Byte,

I downloaded the program as you suggested, and it didn't detect any changes in the XSS patch on that file. Interesting, because this store was downloaded and installed a while ago. I'm going to compare other files....thanks as always for your help.

Kinget