Post by dmbrownfield » Tue Nov 04, 2008 6:49 am

I am ready to go live with my store so I took out the lines that referred to "configure your installation" on the home page in:  CATALOG/LANGUAGE/ENGLISH/CONTROLLER/HOME.PHP as suggested in the forum and
now I can't get to my catalog either by clicking on ADMIN/CATALOG or by typing in the URL in the Explorer bar.  Everything else is ok in ADMIN.  HELP !!!!!

New member

Posts

Joined
Fri May 09, 2008 12:37 am

Post by bruce » Tue Nov 04, 2008 8:39 am

Its all a bit vague, with no link back to the instructions you followed, and no indication of what version of opencart you are using (there are a lot of them)

However, I think you will find that your template or controller still wants the language values that you have removed and is generating an error or warning.

As an aside, the reason you see nothing is probably because your web server is configured to only log errors somewhere and not display them.

If you have only deleted text_greeting or it's value from the language file then...

check your home.tpl so that it does not try to do this...

Code: Select all

<?php echo $text_greeting; ?>
and check your home.php so that it does not try to do (something similar to) the following with the removed language value

Code: Select all

		if (!$customer->isLogged())
		{
			$view->set('text_greeting', $language->get('text_greeting', $url->href('account_login'), $url->href('account_create')));
			$view->set('custlog', FALSE);
		}
		else
		{
			//  Bug fix: Addresses the first vulnerability described at http://secunia.com/advisories/30177
			//$view->set('text_greeting', $language->get('text_logged', $customer->getFirstName()));
			$view->set('text_greeting', $language->get('text_logged', htmlspecialchars($customer->getFirstName(), ENT_QUOTES, 'UTF-8')));
			$view->set('custlog', TRUE);
		}
cheers

Bruce

Active Member

Posts

Joined
Wed Dec 12, 2007 2:26 pm

Post by jty » Wed Dec 03, 2008 5:29 am

Has this bit of Bruce code been done or is it no longer required ?

Code: Select all

//  Bug fix: Addresses the first vulnerability described at http://secunia.com/advisories/30177
			//$view->set('text_greeting', $language->get('text_logged', $customer->getFirstName()));
			$view->set('text_greeting', $language->get('text_logged', htmlspecialchars($customer->getFirstName(), ENT_QUOTES, 'UTF-8')));
			$view->set('custlog', TRUE);

jty
Active Member

Posts

Joined
Sat Aug 30, 2008 8:19 am

Post by hm2k » Wed Dec 03, 2008 6:00 am

This should have been fixed else where ages ago using the gethtml() function instead.

It's no longer required. Test it against vulnerability report, see if you can reproduce the bug.

UK Web Hosting


User avatar
Global Moderator

Posts

Joined
Tue Mar 11, 2008 9:06 am
Location - UK

Post by jty » Wed Dec 03, 2008 6:17 am

OK Thanks

jty
Active Member

Posts

Joined
Sat Aug 30, 2008 8:19 am
Who is online

Users browsing this forum: No registered users and 4 guests