Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

help a newbie


jimwin

Recommended Posts

Hello osCommerce experts!

 

I've been asked by a friend of mine to help out as his osCommerce site keeps getting hacked.

Now I come from an IT background, mainly corporare Novell and Microsoft, but I've also "dabbled" in some php web applications like Joomla and SMF forums, so I thought I would be able to help him.

 

The first thing I've noticed is that he is running V2.2 RC2, which I believe is what is causing him the problems.

 

I've looked around the osCommerce site, and I was hoping for a simple upgrade path to get him up to date, but all I have found so far seems to be manually updating php code. I think this is going to be beyond my skill level, so I was wondering if there are any installation scripts or automated patching such as I am more familiar in the worlds of Joomla and SMF?

 

I think if there is not, then I may have to refuse to help him.

 

Thanks for looking!

Link to comment
Share on other sites

Hello osCommerce experts!

 

I've been asked by a friend of mine to help out as his osCommerce site keeps getting hacked.

Now I come from an IT background, mainly corporare Novell and Microsoft, but I've also "dabbled" in some php web applications like Joomla and SMF forums, so I thought I would be able to help him.

 

The first thing I've noticed is that he is running V2.2 RC2, which I believe is what is causing him the problems.

 

I've looked around the osCommerce site, and I was hoping for a simple upgrade path to get him up to date, but all I have found so far seems to be manually updating php code. I think this is going to be beyond my skill level, so I was wondering if there are any installation scripts or automated patching such as I am more familiar in the worlds of Joomla and SMF?

 

I think if there is not, then I may have to refuse to help him.

 

Thanks for looking!

In a word "No" although the manual updates are not difficult, time consuming yes,

Link to comment
Share on other sites

Jim,

 

His RC2 site would have to be updated to RC2a, and then updated to v2.3.1. As Paul mentioned, updates are time consuming and any contributions added to the website would also need to updated to be compatible with the newer versions. IMO, it is less time consuming and more economical to build a new website than it is to update an old site.

 

 

 

 

Chris

Link to comment
Share on other sites

His RC2 site would have to be updated to RC2a, and then updated to v2.3.1. As Paul mentioned, updates are time consuming and any contributions added to the website would also need to updated to be compatible with the newer versions. IMO, it is less time consuming and more economical to build a new website than it is to update an old site.

 

Does anyone know of release 2.3.1 includes all the (anti-hacking) security fixes and patches as per the sercurity section of the forum???

 

Also - is there a note somewhere detailing the database differences between 2.2 qand 2.3.1 as a start from scratch (even if mods have to be reapplied) looks like a better option in he case of the site I am looking after.

Link to comment
Share on other sites

Steffan,

 

2.3.1 incorporates the security patches recommended in the previous version, however it still requires the 5 'must have' security contributions described here. (be sure to use the 2.3.1 versions of those)

 

 

The 2.3.1 download contains information in the /extras folder on how to update the database.

 

 

 

 

 

Chris

Link to comment
Share on other sites

Thanks for the information guys, thats what I feared.

I'm certainly not over-confident on making manual changes on what is essentially a live web shop at this point, so I'm going to have to give my friend the bad news, and see if he wants to do a clean, new site.

 

Cheers,

Jim

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...