/catalog/controller/product/product.php
Can force it to reference an undefined index.
If you call it on the URL, and don't use post like so:
<yourURL>/index.php?route=product/product/write&product_id=1
The following if on 393 fails on the first check on REQUEST_METHOD:
It then tries this but error['message'] hasn't been set yet because it hasn't been through the validate function:if (($this->request->server['REQUEST_METHOD'] == 'POST') && $this->validate()) {
So you end up with this, not good:$json['error'] = $this->error['message'];
Also, if it does correctly execute 'validate' (by using post to the above URL) it assumes all the variables are set, and you end up withNotice: Undefined index: message in <basedir>/catalog/controller/product/product.php on line 398{"error":null}
Might stop fiddling with it now and get back to cleaning up my own code.Notice: Undefined index: name in <basedir>/catalog/controller/product/product.php on line 418
Notice: Undefined index: text in <basedir>/catalog/controller/product/product.php on line 422
Notice: Undefined index: rating in <basedir>/catalog/controller/product/product.php on line 426
Notice: Undefined index: captcha in <basedir>/catalog/controller/product/product.php on line 430
{"error":"Error: Verification code does not match the image!"}
I also don't mean to be overly critical, OpenCart's code is seriously well written and is an absolute credit to you.
