Post by Xsecrets » Thu Sep 08, 2011 9:18 pm

wolfsteritory wrote:
JAY6390 wrote:There's no reason you can't update the cache file, but it should be the data input that's sanitized IMO

what exactly do you mean by that ?

thank you
he means that the data should be sanitized as soon as you assign it to a variable in the zone file not after you've passed it off to two other files and gotten to the chache file.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by webpie it. » Fri Sep 09, 2011 1:43 am

So from reading this over time is it confirmed that the cache file should be updated?

Thanks

Chris

Regards

Chris


Active Member

Posts

Joined
Mon Jan 31, 2011 7:28 pm

Post by Xsecrets » Fri Sep 09, 2011 2:25 am

webpie it. wrote:So from reading this over time is it confirmed that the cache file should be updated?

Thanks

Chris
well yes currently it is the only solution to the problem that has been provided. Though it really should not have to be changed, because you should never pass data to it that has not been sanitized, but at this point yes I would implement the fix if you have a live store.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by Qphoria » Fri Sep 09, 2011 2:35 am

webpie it. wrote:So from reading this over time is it confirmed that the cache file should be updated?

Thanks

Chris
Yes

Image


User avatar
Administrator

Posts

Joined
Tue Jul 22, 2008 3:02 am

Post by fealldagal » Fri Sep 09, 2011 2:58 am

Can someone help me i have 3 stores thank you

Newbie

Posts

Joined
Fri Oct 30, 2009 1:31 am

Post by fealldagal » Fri Sep 09, 2011 3:02 am

I am using 1491 and 1494

Thanks

Newbie

Posts

Joined
Fri Oct 30, 2009 1:31 am

Post by MattW » Fri Sep 09, 2011 3:15 am

fealldagal wrote:Can someone help me i have 3 stores thank you
You should just be able to download the file from the attachment in the first post, and FTP it into your hosting and overwrite the old file.

Image


User avatar
New member

Posts

Joined
Sat Aug 28, 2010 11:37 am
Location - Sheffield

Post by webpie it. » Fri Sep 09, 2011 3:17 am

Thanks for the confirm guys!

Regards

Chris


Active Member

Posts

Joined
Mon Jan 31, 2011 7:28 pm

Post by fealldagal » Fri Sep 09, 2011 3:21 am

Thnaks MattW so just upload it and it should be find correct?

Thanks

Newbie

Posts

Joined
Fri Oct 30, 2009 1:31 am

Post by MattW » Fri Sep 09, 2011 3:37 am

fealldagal wrote:Thnaks MattW so just upload it and it should be find correct?

Thanks
Yep, that is all I've done on the 3 stores I support (all 1.4.9.6)

Image


User avatar
New member

Posts

Joined
Sat Aug 28, 2010 11:37 am
Location - Sheffield

Post by FnF » Fri Sep 09, 2011 11:09 am

How insane would it be to put this important update on the OpenCart news feed? ::)

User avatar
FnF
Active Member

Posts

Joined
Sat Mar 19, 2011 9:59 pm

Post by Qphoria » Fri Sep 09, 2011 11:17 am

FnF wrote:How insane would it be to put this important update on the OpenCart news feed? ::)
Done

Image


User avatar
Administrator

Posts

Joined
Tue Jul 22, 2008 3:02 am

Post by FnF » Fri Sep 09, 2011 12:14 pm

Beautiful
Thxs, Q

User avatar
FnF
Active Member

Posts

Joined
Sat Mar 19, 2011 9:59 pm

Post by Daniel » Sat Sep 10, 2011 12:26 am

its also php version related. not all version of php allow this hack.

php 5.3+ does not have this problem but 5.2.9 has.

OpenCart®
Project Owner & Developer.


User avatar
Administrator

Posts

Joined
Fri Nov 03, 2006 6:57 pm

Post by Xsecrets » Sat Sep 10, 2011 1:07 am

actually I'm running 5.3.6 and the hack somewhat works on it. You can create arbitrary files, but you cannot overwrite files because the %00 doesn't work.

OpenCart commercial mods and development http://spotonsolutions.net
Layered Navigation
Shipment Tracking
Vehicle Year/Make/Model Filter


Guru Member

Posts

Joined
Sun Oct 25, 2009 3:51 am
Location - FL US

Post by JoaniesGifts » Sat Sep 10, 2011 3:19 pm

Thanks for letting us know guys.

Can someone post the actual code change here because we modified this file already with the @touch($file); fixes to stop the cache error in the log files.

Kind Regards, Joan

Thoughtful Gifts by Joanie's Gifts - The Thought Counts...


User avatar
Active Member

Posts

Joined
Fri Oct 29, 2010 8:59 pm
Location - UK

User avatar
Guru Member

Posts

Joined
Wed May 26, 2010 11:47 pm
Location - United Kingdom

Post by madlime » Mon Sep 12, 2011 3:05 pm

xxxxxxxxxxx
Last edited by madlime on Thu Mar 29, 2012 10:21 pm, edited 1 time in total.

http://www.madlime.com
Always Free Shipping


User avatar
New member

Posts

Joined
Sat May 28, 2011 5:56 pm
Location - Hong Kong

Post by Qphoria » Mon Sep 12, 2011 9:05 pm

madlime wrote:upload this file after not access admin panel ? user name and password not working
no. there is no possible way for that to happen with this file.

Image


User avatar
Administrator

Posts

Joined
Tue Jul 22, 2008 3:02 am

Post by madlime » Tue Sep 13, 2011 1:29 am

xxxxxxxxxxxxxx
Last edited by madlime on Thu Mar 29, 2012 10:21 pm, edited 1 time in total.

http://www.madlime.com
Always Free Shipping


User avatar
New member

Posts

Joined
Sat May 28, 2011 5:56 pm
Location - Hong Kong
Who is online

Users browsing this forum: No registered users and 6 guests