The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
Code: Select all
zlib.output_compression = On;
zlib.output_compression_level = 8;
add:
Code: Select all
if (!empty($this->session->data['user_token'])) {
echo 'test123';
}
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
However I have seen now that I have contact.php under /storage/modification/catalog/controller/information/ as well.
Maybe this is the reason of that vQmod does not update contact.php.
How should I include this path in csrf.xml?
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
I have managed to install the CSRF Protection Extension, but it seems that it does not run the CSRF_check function properly, so that every bot keeps on spamming my site.
I could find out that for my installation on the contact form $_SERVER['REQUEST_METHOD'] is GET and not POST, so "if ($_SERVER['REQUEST_METHOD'] !== 'POST') {" is not working as it should and it does not run the csrf_check until the end, but returns. It is not checking if the token is correct or not and allows all bots to send me spam. Of course $_POST['__csrf'] will not work, too, so i am lost how to get it work.
Thank you for your help.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
Instructions: All new files, upload them all (override the CSRF library if you already have it). Install the admin extension module called: CSRF Protection, edit the module, enable the module (and the log if you want for monitoring purposes).
Where is the "CSRF Protection" module? When I search for it, it takes me back to the page with the two folders.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
https://www.opencart.com/index.php?rout ... SRF%20v3.2
Thanks.
You simply need to add it.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
Inaccurate analysis. I have done installations for users as a custom job who uses various OC v2.x releases and it works as it should. Ensure to have the zlib compression in your php.ini file as already recommended with OC installations in order to use page compressions and to monitor your CSRF installation protection with the help of the zlib output in your php.ini file.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
but your xml file contains only TWIG modifications which isn´t for OC 2.x.
This is example what you have there
Code: Select all
<file name="catalog/view/theme/*/template/account/*.twig" error="skip">
<operation error="skip">
<search position="replace" regex="true"><![CDATA[~(<form[^>]*method\s*=\s*["\']post["\'][^>]*>)~i]]></search>
<add><![CDATA[$1]]></add>
</operation>
</file>
<file name="catalog/view/theme/*/template/affiliate/*.twig" error="skip">
<operation error="skip">
<search position="replace" regex="true"><![CDATA[~(<form[^>]*method\s*=\s*["\']post["\'][^>]*>)~i]]></search>
<add><![CDATA[$1]]></add>
</operation>
</file>
Thanks.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
Code: Select all
<file name="admin/controller/common/header.php" error="skip">
<operation error="skip">
<search position="before"><![CDATA[$data['scripts']]]></search>
<add><![CDATA[
$this->load->helper('csrf_helper');
csrf_start();
]]></add>
</operation>
</file>
And also you have installation instruction:
But there is no module in admin to install. You have just two files to upload (xml and system *.php) so I don´t understand how should I see the module in Admin anyway.Instructions: All new files, upload them all (override the CSRF library if you already have it). Install the admin extension module called: CSRF Protection, edit the module, enable the module (and the log if you want for monitoring purposes).
Thanks.
The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.
F. Rules:
- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804
Regards,
Straightlight
- I should upload files
replace .twig to .tpl in xml
be sure that I have zlib compression and zlib output in my php.ini
How I recognize that is really working or no?
And also a question. I´m using Journal2 will be compatible?
Thanks.
Users browsing this forum: No registered users and 3 guests