Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Invalid From Date. Invalid To Date


marcgenou

Recommended Posts

Hi guys

 

I dont know when this feature stopped working but I've checked now and it keeps throwing me this error when I input dates. I tried with generic dates like from 01/01/2008 to 01/01/2009

 

Invalid From Date

Invalid To Date

 

Seems to be an messageStack error from advanced_search_result but I'm not sure.

 

   $date_check_error = false;
   if (tep_not_null($dfrom)) {
     if (!tep_checkdate($dfrom, DOB_FORMAT_STRING, $dfrom_array)) {
       $error = true;
       $date_check_error = true;

       $messageStack->add_session('search', ERROR_INVALID_FROM_DATE);
     }
   }

 

Where this error could be coming from?

Link to comment
Share on other sites

Where this error could be coming from?

I think most of the time this error comes from the DOB_FORMAT_STRING that is set in includes/languages/#language_used#.php

 

For example this is from includes/languages/german.php around line 60:

 

// text for date of birth example
define('DOB_FORMAT_STRING', 'tt.mm.jjjj');

osC is picky about how many digits you use for dates too.

Link to comment
Share on other sites

I think most of the time this error comes from the DOB_FORMAT_STRING that is set in includes/languages/#language_used#.php

 

For example this is from includes/languages/german.php around line 60:

 

// text for date of birth example
define('DOB_FORMAT_STRING', 'tt.mm.jjjj');

osC is picky about how many digits you use for dates too.

 

seems to be fine, it should be working. I am going to keep trying...

 

// text for date of birth example
define('DOB_FORMAT_STRING', 'dd/mm/aaaa');

Link to comment
Share on other sites

  • 2 months later...

I've found it. FWR Security Pro was breaking url's.

 

 

I have this same error showing after installing FWR Security Pro. Were you able to resolve it?

 

Could someone offer any suggestions?

 

Thank you in advance.

Link to comment
Share on other sites

Hi All,

 

I am using Oscommerce 2.2rc2a. The advanced search function will not work at all now. Even if I am not using the date fields and only searching in the top field in advanced search, 2 error messages appear at the top. The regular search function works but not the advanced search.

 

Invalid from date

Invalid to date

 

I searched the forum and read this thread which seems to show the same potential issue as mine, but there is no discussion of a fix. I do not know what the issue is. In the post above, Margenou mentioned something about breaking urls. He also mentioned that he installed FWR Security Pro. I also installed it. I know it is a great contribution and wish to use it.

 

Is there a fix that I am missing? Has anyone else experienced this?

 

Thank you for any help.

Link to comment
Share on other sites

  • 4 weeks later...

I have the same issue, I have finally traced the problem to FWR Security Pro.

The problem with quick find and advanced search only happens when i turn on security pro to "true"

my site is in two languages, for english, it's invalid from and to date

for the other language, the search function will not work at all.

My site needs to be secure, but i cant sacrifice functional for that, search is too important to leave behind.

Anyone have a fix for this?

Please help.

Link to comment
Share on other sites

  • 9 months later...
  • 10 months later...

FWR Security Pro is causing the problem. It looks as if the "/" are being cleansed from the data, so I assume that "slashes" are in it's nature to remove.

 

Removing the "/" from the code for FWR Security Pro also works, but does it open the door for hacking?

 

BEFORE: $cleansed = preg_replace( "/[^\s{}a-z0-9_\.\-]/i", "", urldecode( $get ) );

 

AFTER: $cleansed = preg_replace( "[^\s{}a-z0-9_\.\-]i", "", urldecode( $get ) );

 

Taking out FWR Security Pro entirely will fix it, but you still need to match the date string exactly for osCommerce to work. EX: 00/00/000

 

Adding the exclusion to FWR Security Pro seems ineffective as well.

 

$security_pro->addExclusion( 'advanced_search.php' );

Link to comment
Share on other sites

Team effort here! Reading what you all had to say I came up with the solution.

 

Leave everything the same with FWR Security Pro... Go into your includes/languages/english.php and change it from:

 

// text for date of birth example

define('DOB_FORMAT_STRING', 'mm/dd/yyyy');

 

to

 

// text for date of birth example

define('DOB_FORMAT_STRING', 'mm-dd-yyyy');

 

Dashes that are spaced and not doubled like "--" won't be cleansed from FWR. The date stamp of 00-00-0000 will then pass normally.

Link to comment
Share on other sites

Tweaks to the entire site:

 

Change includes/languages/english.php

 

define('DATE_FORMAT_SHORT', '%m-%d-%Y'); // this is used for strftime()

define('DATE_FORMAT_LONG', '%A, %B %d, %Y'); // this is used for strftime()

define('DATE_FORMAT', 'm-d-Y'); // this is used for date()

define('DATE_TIME_FORMAT', DATE_FORMAT_SHORT . ' %H:%M:%S');

 

define('ENTRY_DATE_OF_BIRTH_ERROR', 'Your Date of Birth must be in this format: MM-DD-YYYY (EX: 05-21-1970)');

define('ENTRY_DATE_OF_BIRTH_TEXT', '<img border="0" src="images/exclamation.gif"></br>(EX: 05-21-1970)');

 

The above represents change on my site, but you should only concern yourself with the "-" vs. the "/". I think it's a fine compromise for security.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...