Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Improper Error Handling


Guest

Recommended Posts

I am using McAfee's PCI scanning for my site and my site developed a vulnerability related to improper error handling. When I do the demo to see where the error is coming from, this is what comes up at the top of the page:

 

"Warning: checkdate() expects parameter 1 to be long, string given in /home/content/a/b/c/mysite/html/create_account.php on line 80"

 

I changed the domain to generic... can anyone give me some insight as to how to fix this problem?

Link to comment
Share on other sites

Original code:

 

	  if (checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4)) == false) {

Change to:

 

	  if (checkdate((int)substr(tep_date_raw($dob), 4, 2), (int)substr(tep_date_raw($dob), 6, 2), (int)substr(tep_date_raw($dob), 0, 4)) == false) {

BACKUP THE FILE BEFORE MAKING ANY EDITS.

If I suggest you edit any file(s) make a backup first - I'm not perfect and neither are you.

 

"Given enough impetus a parallelogramatically shaped projectile can egress a circular orifice."

- Me -

 

"Headers already sent" - The definitive help

 

"Cannot redeclare ..." - How to find/fix it

 

SSL Implementation Help

 

Like this post? "Like" it again over there >

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...