Tools -> Security Controls... problem

arieldumbo@gmail.com · April 8, 2021

Good how are you doing, I would like to know if someone can help me.
I cannot carry out the Security checks, I mean, if I click, it does nothing and it keeps putting the legend:

More than 30 days have passed since the extended security checks were last run. Please rerun the extended security checks in Tools -> Security Controls.

Tools -> Security Controls.

after clicking on the button Tools -> Security Controls. ... it advances to the next screen and does not describe or do anything, how do I solve it? Thank you

Hotclutch · April 9, 2021

<?php
/*
  $Id$

  osCommerce, Open Source E-Commerce Solutions
  http://www.oscommerce.com

  Copyright (c) 2013 osCommerce

  Released under the GNU General Public License
*/

  require('includes/application_top.php');

  function tep_sort_secmodules($a, $b) {
    return strcasecmp($a['title'], $b['title']);
  }

  $types = array('info', 'warning', 'error');

  $modules = array();

  if ($secdir = @dir(DIR_FS_ADMIN . 'includes/modules/security_check/')) {
    while ($file = $secdir->read()) {
      if (!is_dir(DIR_FS_ADMIN . 'includes/modules/security_check/' . $file)) {
        if (substr($file, strrpos($file, '.')) == '.php') {
          $class = 'securityCheck_' . substr($file, 0, strrpos($file, '.'));

          include(DIR_FS_ADMIN . 'includes/modules/security_check/' . $file);
          $$class = new $class();

          $modules[] = array('title' => isset($$class->title) ? $$class->title : substr($file, 0, strrpos($file, '.')),
                             'class' => $class,
                             'code' => substr($file, 0, strrpos($file, '.')));
        }
      }
    }
    $secdir->close();
  }

  if ($extdir = @dir(DIR_FS_ADMIN . 'includes/modules/security_check/extended/')) {
    while ($file = $extdir->read()) {
      if (!is_dir(DIR_FS_ADMIN . 'includes/modules/security_check/extended/' . $file)) {
        if (substr($file, strrpos($file, '.')) == '.php') {
          $class = 'securityCheckExtended_' . substr($file, 0, strrpos($file, '.'));

          include(DIR_FS_ADMIN . 'includes/modules/security_check/extended/' . $file);
          $$class = new $class();

          $modules[] = array('title' => isset($$class->title) ? $$class->title : substr($file, 0, strrpos($file, '.')),
                             'class' => $class,
                             'code' => substr($file, 0, strrpos($file, '.')));
        }
      }
    }
    $extdir->close();
  }

  usort($modules, 'tep_sort_secmodules');

  require('includes/template_top.php');
?>

<div style="float: right;"><?php echo tep_draw_button('Reload', 'arrowrefresh-1-e', tep_href_link('security_checks.php')); ?></div>

<h1 class="pageHeading"><?php echo HEADING_TITLE; ?></h1>

<table border="0" width="100%" cellspacing="0" cellpadding="2">
  <tr class="dataTableHeadingRow">
    <td class="dataTableHeadingContent" width="20">&nbsp;</td>
    <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_TITLE; ?></td>
    <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_MODULE; ?></td>
    <td class="dataTableHeadingContent"><?php echo TABLE_HEADING_INFO; ?></td>
    <td class="dataTableHeadingContent" width="20" align="right">&nbsp;</td>
  </tr>

<?php
  foreach ($modules as $module) {
    $secCheck = ${$module['class']};

    if ( !in_array($secCheck->type, $types) ) {
      $secCheck->type = 'info';
    }

    $output = '';

    if ( $secCheck->pass() ) {
      $secCheck->type = 'success';
    } else {
      $output = $secCheck->getMessage();
    }

    echo '  <tr class="dataTableRow" onmouseover="rowOverEffect(this)" onmouseout="rowOutEffect(this)">' . "\n" .
         '    <td class="dataTableContent" align="center" valign="top">' . tep_image('images/ms_' . $secCheck->type . '.png', '', 16, 16) . '</td>' . "\n" .
         '    <td class="dataTableContent" valign="top" style="white-space: nowrap;">' . tep_output_string_protected($module['title']) . '</td>' . "\n" .
         '    <td class="dataTableContent" valign="top">' . tep_output_string_protected($module['code']) . '</td>' . "\n" .
         '    <td class="dataTableContent" valign="top">' . $output . '</td>' . "\n" .
         '    <td class="dataTableContent" align="center" valign="top">' . ((isset($secCheck->has_doc) && $secCheck->has_doc) ? '<a href="http://library.oscommerce.com/Wiki&oscom_2_3&security_checks&' . $module['code'] . '" target="_blank">' . tep_image('images/icons/preview.gif') . '</a>' : '') . '</td>' . "\n" .
         '  </tr>' . "\n";
  }
?>

</table>

<?php
  require('includes/template_bottom.php');
  require('includes/application_bottom.php');
?>

Check this against what you have for admin/security_checks.php

PS: You also need to put password protection on your admin folder.

arieldumbo@gmail.com · April 9, 2021

Ashley, Thank you, as always thank you very much, solved

strati@inwind.it · November 3, 2021

open security_checks.php in catalog/admin

===FIND===

$secCheck = $$module['class'];

===REPLACE===
$secCheck = new $module['class']();

Tools -> Security Controls... problem

Recommended Posts

arieldumbo@gmail.com

Link to comment

Share on other sites

Hotclutch

Link to comment

Share on other sites

arieldumbo@gmail.com

Link to comment

Share on other sites

strati@inwind.it

Link to comment

Share on other sites

Archived

Browse

Activity