Hi,
I have just installed Open Cart for someone and he is getting the following issue:
When trying to upload an image for a product an error was made which was that the image was in tif format rather than jpg. After the upload failed a new product appeared which was not added by him. The title of the product was Test1 and it included a totally unknown image. The first time it was a jetty stretching out in to a blue lake, next time it was Monument Vally... He made a few mistakes, I checked the images folder in his account to find a few images that appeared when there was a mistake with uploading images.
The question is where are they coming from???? Is this system secure.
Obviously this is of great concern so any advice would be welcome.
There is no security problem with opencart.
Your client is obviously doing something wrong or your just making the whole thing up.
do you have a link to this site?
DON'T POST TITLES ALL IN UPPER CASE UNLESS YOU WANT TO BE BANNED!!!!
Your client is obviously doing something wrong or your just making the whole thing up.
do you have a link to this site?
DON'T POST TITLES ALL IN UPPER CASE UNLESS YOU WANT TO BE BANNED!!!!
OpenCart®
Project Owner & Developer.
Hi Daniel,
He is not making this up, I saw it for myself. He was complaining about not being able to upload image so I logged in and talked him through it. He swore blind he was uploading jpgs but on further investigation they were not. As he tried while on the phone to me I could see these 'test 1', 'tes 2' etc. products appearing (on refreshing the browser).
His site can be found at: http://www.thamesphotomemories.co.uk/
The 'test' products and the images have been removed by me I'm afraid so there is nothing to see. I have a demo version installed which I am going to test. I'll get back to you when done.
He is not making this up, I saw it for myself. He was complaining about not being able to upload image so I logged in and talked him through it. He swore blind he was uploading jpgs but on further investigation they were not. As he tried while on the phone to me I could see these 'test 1', 'tes 2' etc. products appearing (on refreshing the browser).
His site can be found at: http://www.thamesphotomemories.co.uk/
The 'test' products and the images have been removed by me I'm afraid so there is nothing to see. I have a demo version installed which I am going to test. I'll get back to you when done.
First off it is doubtable that a hacker would try and create test products as a way to compromise the site.
You sure he just doesn't mean the pictures because if you upload with images with the same filenames it will overwrite them without prompting you.
You sure he just doesn't mean the pictures because if you upload with images with the same filenames it will overwrite them without prompting you.
New member
While the customer was going through the process he was telling me what he was doing and typing because he had become frustrated by the fact he could not add the product and image. This of course turned out to be because of 'tif' instaed of 'jpg' but he did not add 'test' as a title or anything else. He typed in a unique product name filled in the required fiels and tried to ad the product and image. Because the image was a tif adding of the product failed without any notices. When I refreshed my browser to see if he had added the product a 'test' product appeared with an image which he says is not on his computer, it is not on mine and I cannot imagine where is is coming from.amplifywebdesign wrote:First off it is doubtable that a hacker would try and create test products as a way to compromise the site.
You sure he just doesn't mean the pictures because if you upload with images with the same filenames it will overwrite them without prompting you.
He only has 6 products online and I had to help him form the very first, so I donot believe anything was overwritten.
As I said in a previous post I have a demo install I am going to try it there myself and report back.
Hi,
I have tried to replicate the issue on both a demo account and by logging in to the client's account and and adding a product in the normal way and using a 'tif' file instead of 'jpg' myself.
On both occasions I failed with the upload and no 'test' product with stray image was added. I can only think it is something strange with his setup! The question I suppose, is what is going on? Why when a product being added fails in his setup does another image appear and why is the added product renamed to 'test'?
Could this be that there is some type of virus on his computer (Mac laptop)! But still, why the renamed product!
I am baffled, I will advise the client to have his Mac scanned for viruses/spyware etc. Although as a Mac user myself I think this is unlikely to be the problem.
I have tried to replicate the issue on both a demo account and by logging in to the client's account and and adding a product in the normal way and using a 'tif' file instead of 'jpg' myself.
On both occasions I failed with the upload and no 'test' product with stray image was added. I can only think it is something strange with his setup! The question I suppose, is what is going on? Why when a product being added fails in his setup does another image appear and why is the added product renamed to 'test'?
Could this be that there is some type of virus on his computer (Mac laptop)! But still, why the renamed product!
I am baffled, I will advise the client to have his Mac scanned for viruses/spyware etc. Although as a Mac user myself I think this is unlikely to be the problem.
The products were removed via the admin area by selecting them and clicking the delete button. However, none of the images that appeared with these 'test' products had ever been uploaded (intentionally).
I will as a matter of course take a look through the database anyway.
I will as a matter of course take a look through the database anyway.
Just a quick update.
As a matter of course I have checked the database and all seems ok! I have a tendancy to agree with Qphoria and that is that my client has a problem not the software.
Many thanks for all replies - they are appreciaied, but like the man says... time to move on.
As a matter of course I have checked the database and all seems ok! I have a tendancy to agree with Qphoria and that is that my client has a problem not the software.
Many thanks for all replies - they are appreciaied, but like the man says... time to move on.
Who is online
Users browsing this forum: ianhaney50, paulfeakins and 66 guests
