Fixes some issues people were having with \n \r etc
Compatible with the new vQmod 2.3.0 which ads extra tags and attributes.
Added a vqcache file viewer
Separated the language into a language file so it can be translated
Moved the package on to GitHub
http://uksb.github.com/vqgen/
Maybe someone can help with the translations ?
GitHub -> https://github.com/uksb/vqgen
Please fork, use the Develop branch if adding / changnig anything.
If people will copy the package, please retain the copyright info and license from the package.
Any questions, please let me know.
A major security vulnerability though, is the "Enable this mod" link on top of the page after xml is generated. This way anyone can add mods to anyone's shop without permission, potentially even bringing the roof down.
Shop Admin should be required to enable the mod either via FTP or via Admin panel.
OC2PS
OC 3.0.3.7, vQmod 2.6.2, Journal3 theme
Arcfesték, Csillámtetoválás, Henna
Check out: All my extensions | My FREE extensions
Firstly the vqgen folder should be password protected
Secondly the Enable this mod only removes an underscore from the extension.xml_ file to make it extension.xml and thus make it live.
If I am missing something glaringly obvious though, please do explain
That's the "workaround" that I've been using, but most folks don't.uksitebuilder wrote:Firstly the vqgen folder should be password protected
And that little task makes all the difference. A malicious person (lets say a competitor) may keep piling on harmful vqmods into the xml folder, but shop would still be safe as long as extension is xml_. As soon as some outside entity gets the power to activate/make live the mod, that's where there's potential for disaster.uksitebuilder wrote:Enable this mod only removes an underscore from the extension.xml_ file to make it extension.xml and thus make it live.
OC2PS
OC 3.0.3.7, vQmod 2.6.2, Journal3 theme
Arcfesték, Csillámtetoválás, Henna
Check out: All my extensions | My FREE extensions
but generally people don't how to do it .... may be you can add a instruction file for that or implement authentication on vqgen ... anyways very cool extension ...saves developer's time ...uksitebuilder wrote: Firstly the vqgen folder should be password protected
+1ChetanCx wrote:very cool extension ...saves developer's time ...
OC2PS
OC 3.0.3.7, vQmod 2.6.2, Journal3 theme
Arcfesték, Csillámtetoválás, Henna
Check out: All my extensions | My FREE extensions
I understand where you are coming from.
Although I do point out in the install text to password protet the folder, but you are right, some people need to have their hand held.
Next update coming in a day or two will have a login/session form/method built in.
In addition I will also be adding the function to view core files in a collapsable splitscreen so you can load up an original file to view the code and work in the editor to vqmod it.
Cheers!uksitebuilder wrote:Next update coming in a day or two will have a login/session form/method built in.
Ooh! Turning all the bells and whistles on, are we?uksitebuilder wrote:In addition I will also be adding the function to view core files in a collapsable splitscreen so you can load up an original file to view the code and work in the editor to vqmod it.
Seriously, though, that will make this module indispensable!
OC2PS
OC 3.0.3.7, vQmod 2.6.2, Journal3 theme
Arcfesték, Csillámtetoválás, Henna
Check out: All my extensions | My FREE extensions
Please update your versions
Thank you for a nice tool
I have a question:
Why do you set permission to 777 on new or edited files created via the mod?
For me (the environment we are in) it should be 644
Suppose I could just change the code at line 146 in action.php to 644 instead, or would that mess things up?
Thank You
// kjg
I am using the latest vqgen, latest vqmod 2.3.2, and oc 1.5.4.1
I don't know what I am missing but all generated xmls are not working because vqgen is adding lots of \\\ everywhere. See example below from the search operation.
Code: Select all
<td class=\\\"left\\\"><?php if ($sort == \\\'status\\\') { ?>
Regards,
Marvin Mendez
You want to thank me for my time! Click here to donate
Most probably due to php magic_quotes_gpc on your server
If your host does not allow this, please try adding the following to the top of index.php, after the opening <?php tag
Code: Select all
if (get_magic_quotes_gpc()) {
function stripslashes_gpc(&$value)
{
$value = stripslashes($value);
}
array_walk_recursive($_GET, 'stripslashes_gpc');
array_walk_recursive($_POST, 'stripslashes_gpc');
array_walk_recursive($_REQUEST, 'stripslashes_gpc');
}
Thanks.
Marvin
You want to thank me for my time! Click here to donate
Professional Robotics Repair Center
Specializing in Roomba, Scooba, and Neato Robot Parts and Repair
http://www.iFixRobot.com
On needing permission, check permissions, dirs 755, files 644. On modern Linux servers set up to prevent the risks of 777, setting 777 can actually lock dir and file access. The final 7 gives outside anonymous "world" all rights to read, write, execute. The middle 7 does so for "group" including the system. Thus, 5 in 2nd and 3rd positions, and nowadays for 777 expect misbehaviors and hacking.
Users browsing this forum: No registered users and 38 guests