Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

My second really silly Q of the day :blink:


rommany

Recommended Posts

Hi

 

I know this sounds mad, but i truly do not know if this can be done, but would love to do it...

 

As a few here know i'm going to radically change the appearance of my site over the next few weeks " probably months if not years"

 

So my silly question is:

 

I really do not what to change my site at the moment in front of the customers as i am getting many hits and customers and if i start playing around in front of them i could scare most away with all the errors that i am going to get :D and i don't want to close the site down for a few weeks neither.

 

So can i have a second oscommerce loaded with my host that others can not see until i have finished making all the changes, and if this is possible would it be hard to swap them over once i have finished so i can just delete the old site.

 

Told ya it was silly B)

 

Regards

Link to comment
Share on other sites

Not silly at all.

 

You can load as many oscommerce instances as your web host will allow you databases. Just install them to another folder and then password protect that folder to keep others out. You can either put a fresh install into the test folders, load a template store into it or a copy of your existing store.

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Not silly at all.

 

You can load as many oscommerce instances as your web host will allow you databases. Just install them to another folder and then password protect that folder to keep others out. You can either put a fresh install into the test folders, load a template store into it or a copy of your existing store.

 

Thanks mike you are a star, but two questions 1, how do i go about adding a password for that folder, ive seen it done but never done it myself. 2, is it hard to bring it to the front and by doing so will this affect my ranking with the big boys ? i will be copying most files over to it from the store i have now, so really i will be just changing the image and layout of the store. Or should i be worrying about the moving only when im finished.

 

God my partner will kill me if she finds out im redesigning the site again :blink:

 

Regards

Link to comment
Share on other sites

1, how do i go about adding a password for that folder, ive seen it done but never done it myself.

 

2, is it hard to bring it to the front and by doing so will this affect my ranking with the big boys ? i will be copying most files over to it from the store i have now, so really i will be just changing the image and layout of the store.

 

1. The best way is if your web hosting control panel has a feature for password protecting a folder (most do). If not there are several contributions that guide you through the process of securing the admin. It would be the same process, just use it on the main folder instead.

 

2. To move it just do a file backup of both the old and new stores. Then restore the new store to the main store's location and then copy the configure.php files from the old store over the new store's ones. (unless you have made other changes to the configure.php files, in which case you will need to edit the paths in the new store's configure.php to reflect the new location.

 

hth

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Cheers mike,

 

Last question i promise, well for today anyway..

 

i have installed the new folder but im getting this error, have you or anyone seen this before ?

 

Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.

 

I can read what it says just don't understand what it wants me to do?

 

Again thanks

 

Regards

Link to comment
Share on other sites

Cheers mike,

 

Last question i promise, well for today anyway..

 

i have installed the new folder but im getting this error, have you or anyone seen this before ?

 

Server Requirement Error: register_globals is disabled in your PHP configuration. This can be enabled in your php.ini configuration file or in the .htaccess file in your catalog directory.

 

I can read what it says just don't understand what it wants me to do?

 

Again thanks

 

Regards

 

Create a .htaccess file in the catalog folder and add the following line to it:

 

php_flag register_globals on

 

If the catalog folder already has a .htaccess file, then just add that line to it.

 

hth.

 

 

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Create a .htaccess file in the catalog folder and add the following line to it:

 

php_flag register_globals on

 

If the catalog folder already has a .htaccess file, then just add that line to it.

 

hth.

 

By creating a .htaccess file, does that fool oscommerce into believing register_globals are enabled, or does it actually enable them?

 

If it enables them, isn't it safer to use Vger's contribution?

 

You see, I am having a hard time getting my head around this one. I don't understand why, if there is a way of not having register_globals enabled, the developers would have you do it. Considering it is a security risk I mean. :huh:

Link to comment
Share on other sites

By creating a .htaccess file, does that fool oscommerce into believing register_globals are enabled, or does it actually enable them?

 

If it enables them, isn't it safer to use Vger's contribution?

 

You see, I am having a hard time getting my head around this one. I don't understand why, if there is a way of not having register_globals enabled, the developers would have you do it. Considering it is a security risk I mean. :huh:

When osC was first written the globals were not such a large security concern. Over the last few years they've been exploited so people have moved away from them and the more recent versions of php have them disabled by default.

 

osC's use of them is fairly minimal compared to what can be done with them. It's in the get commands which input values from forms. Enabling them for osC is pretty low risk.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

By creating a .htaccess file, does that fool oscommerce into believing register_globals are enabled, or does it actually enable them?

 

It .htaccess directives apply to the folder and it's subfolders. So it is possible to enable them only for osCommerce on a site, while leaving them off otherwise.

 

As I have understood it, the danger of register globals is not so much in themsleves as it is in the risk of holes in the security of applications using them if the code is written well. If the application using them is well written, then the risk is minimal.

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

So is it better to have them enabled or is using the contribution to, I guess, bypass them ok?

Whichever works for you. If you can enable them you'll be fine. If you can't, use the contribution. I've got setups running both ways.

Local: Mac OS X 10.5.8 - Apache 2.2/php 5.3.0/MySQL 5.4.10 • Web Servers: Linux

Tools: BBEdit, Coda, Versions (Subversion), Sequel Pro (db management)

Link to comment
Share on other sites

As I have understood it, the danger of register globals is not so much in themsleves as it is in the risk of holes in the security of applications using them if the code is written well. If the application using them is well written, then the risk is minimal.

 

As someone just pointed out to me, I must have been typing faster than I was thinking or something. ':-

 

My statement "... risk of holes in the security of applications using them if the code is written well ..." should have read " ... risk of holes in the security of applications using them if the code isn't written well..."

 

As far as which is better to use register globals with osc or to use the contribution to remove the need, I agree with Alan. I do seem to recall that there are some contributions that rely upon on them being used and so you would have to tweak them if you needed to install them in a store where use of register globals had been eliminated.

Rule #1: Without exception, backup your database and files before making any changes to your files or database.

Rule #2: Make sure there are no exceptions to Rule #1.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...