Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Register Globals Support


Guest

Recommended Posts

  • Replies 280
  • Created
  • Last Reply

Top Posters In This Topic

Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.

 

If someone is interested in the changes, i can post the changed files.

 

 

Thanks and Greetings

Alex

 

Sorry for my bad english

Link to comment
Share on other sites

Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix.

 

If someone is interested in the changes, i can post the changed files.

 

 

Thanks and Greetings

Alex

 

Sorry for my bad english

I am very interested in your solution, bring it on

Link to comment
Share on other sites

i'm also getting these two warnings:

 

Warning: First argument to array_keys() should be an array in /httpdocs/shop/includes/functions/sessions.php on line 74

 

Warning: Invalid argument supplied for foreach() in /httpdocs/shop/includes/functions/sessions.php on line 75

 

what to do with these?

Link to comment
Share on other sites

This contribution from Richard Bentley is for the case, that Register_Globals is turned off. For security-reasons, this should be allways turned off. But oscommerce is currently not prepared for this case, so that oscommerce without this contribution and without Register_Globals turned on is unable to work.

 

It seems to be, that i still have some problems in the admin at product attributes. I try to find out, where this problem is located. Currently i can not page through the attributes.

 

 

Alex

Link to comment
Share on other sites

I fixed this problem in admin/products_attributes.php. But i do not know, at which places the same problem could occure.

 

Following changes are necessary:

 

	//BOF - RegisterGlobals
//    if (!isset($option_page)) {
//  $option_page = 1;
//    }
   if (!isset($option_page)) {
 if (isset($HTTP_GET_VARS['option_page']))
 {
	 $option_page = $HTTP_GET_VARS['option_page'];
 }
 else
 {
	 $option_page = 1;
 }
   }
// EOF - RegisterGlobals  

 

	//BOF - RegisterGlobals
//    if (!isset($value_page)) {
//  $value_page = 1;
//    }
   if (!isset($value_page)) {
 if (isset($HTTP_GET_VARS['value_page']))
 {
	 $value_page = $HTTP_GET_VARS['value_page'];
 }
 else
 {
	 $value_page = 1;
 }
   }
// EOF - RegisterGlobals

 

	//BOF - RegisterGlobals
//    if (!isset($attribute_page)) {
//  $attribute_page = 1;
//    }
   if (!isset($attribute_page)) {
 if (isset($HTTP_GET_VARS['attribute_page']))
 {
	 $attribute_page = $HTTP_GET_VARS['attribute_page'];
 }
 else
 {
	 $attribute_page = 1;
 }
   }
// EOF - RegisterGlobals

Link to comment
Share on other sites

Just a quick note to say thanks for the feedback - clearly I need to keep a better eye on the message board...

 

...and improve my coding ! Sorry for the problems you all seem to be having - be assured that I shall suitably chastise myself for causing such grief. I'll look at what you've all posted in depth after I've written this.

 

Oh well, at least it's good to know that other people are interested in this.

 

regards,

 

Rich.

Link to comment
Share on other sites

I've put up v1.1.1.

 

This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004.

 

regards,

 

Rich.

Link to comment
Share on other sites

How many files is this contribution going to touch in general?

 

And is it something that could be used on a site with ALOT of mods and hacks?

 

Ta.

 

CC.

Link to comment
Share on other sites

ok seems to work.. I only have another problem, i have a multilanguage shop.

 

Case:

Default language is dutch. Everything shows in dutch ( that's good) when selecting english ( as customer) the page where you are at that moment displays in english and all the links to other parts of the shop are also english.

 

But, when clicking a link to an other part of the shop the language switches back to ( default) dutch again.

 

So i think the variable which containts the languagesetting is not available on other pages or something..

Link to comment
Share on other sites

addition: ( why can't i edit my own message?)

 

In the administration menu there's also a problem with a variable i think...

 

when going to the catalogus section en clicking one category of that section it switches to the Configuration menu ( and closes the catalogus menu)

Link to comment
Share on other sites

Mmmm....

 

I'm not able to look at this right now, but I'll look into it this evening - I'm sure it's nothing difficult to fix (feel free to remind me I said this when I still haven't got a solution in a week's time !)

 

In response to CC's question - download and look at the contribution!

 

The answer is 'not many' - I think it's 4 files in admin and 3 files in catalog (or something like that - I don't have the code in front of me). The changes are actually very small.

 

Also, I have specifically written the change instructions in a way that is less likely to interfere with other modifications. But if you read the contribution, you'd know this already :-)

 

regards,

 

Rich.

Edited by CMOTD
Link to comment
Share on other sites

Hello again,

 

I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.

 

Re The problem with admin category selection switching back to Configuration....

 

What setting do you have for 'variables_order' in php.ini ?

 

The default value for this is "EGPCS"

 

I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.

 

In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.

 

puzzled....

 

regards,

 

Rich.

Edited by CMOTD
Link to comment
Share on other sites

Hello again,

 

I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't.

 

Re The problem with admin category selection switching back to Configuration....

 

What setting do you have for 'variables_order' in php.ini ?

 

The default value for this is "EGPCS"

 

I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe.

 

In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated.

 

puzzled....

 

regards,

 

Rich.

Hey Rich.

 

thanks for looking at the problem

 

about the PHP.ini setting: i'm running this thing on a host so i can't look at the php.ini

 

about he language thing i send you a PM

Link to comment
Share on other sites

Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.

 

Any idea what's happening?

 

Thanks!

 

Rob Z.

Link to comment
Share on other sites

Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files.

 

Any idea what's happening?

 

Thanks!

 

Rob Z.

do you get the error while installing? because i had this too,

 

i solved this by commenting the register_globals check in application.php in your /install/includes

Link to comment
Share on other sites

An appeal

 

On the 24 May, Twan reported a couple of problems; one in admin whereby it switches back to the configuration at the wrong time, and one in catalog where the language switches back to (what we now know / think ?) is the browser default language.

 

I'm having some real problems reproducing these issues - basically, I can't. With Twan's help, I have been able to confirm the issues exist though. If anyone out there can confirm that these ARE or ARE NOT an issue for them, I would be very interested to hear.

 

(If you want to avoid cluttering up the message board with reports then send me a PM if you like)

 

I think the problems may have something to do with some php.ini settings on the shared server that faulty OSC is running on (specifically, the variables_order value), but we are unable to get to the php.ini values, so can't confirm this.

 

At the moment I want to try and fixes these issues but am at a bit of a loss.

 

regards,

 

Rich.

Edited by CMOTD
Link to comment
Share on other sites

I have patched the necessary files for this contrib, yet when using the admin control panel I get a fatal error from the new link_session_variable function in sessions.php.

 

It looks like the variables "cart" and "currency" have not been properly defined. The variables (in order) are:

 

language

languages_id

selected_box

cart - Fatal error: Session variable cart is not globally defined

currency - Fatal error: Session variable currency is not globally defined

messageToStack

 

This actually just popped up after working fine for a day. Anyone else run into this problem? Am I missing something? I managed to get rid of the error by adding those two into the var_refs array in the link_session_variable function, but I'm completely new to osC and I'm not sure if I'm about to break something by doing so...

 

Anyway, any insight would be appreciated. Thanks.

Link to comment
Share on other sites

Hello,

 

I've installed this contribution and it seems mostly to be fine except for this error I get when trying to checkout of my shop:

 

"Warning: session_write_close(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in \\nas12ent\domains\1\1stopscaleshop.co.uk\user\htdocs\includes\functions\sessions.php on line 212"

 

I've been trolling the forum for a similar scenario to learn from but have had no luck. My hosting company will give me no access to the php.ini file but I was wondering about ini_set as an alternative?? This seems like it may be too easy option and wishful thinking??

 

Has anyone got any thoughts on ini_set? Or has anyone encountered the above error message when doing a checkout?

 

please have a look at http://www.1stopscaleshop.co.uk if you would like to see this error in action.

 

Many Thanks

Rebecca

Link to comment
Share on other sites

Thanks for all the hard work on this. I have just finally got osCommerce installed for the first time, and am taking a look at it. I was surprised when it wanted globals on, and was happy to find this thread to help get around the installation issues. :D

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Unfortunately, your content contains terms that we do not allow. Please edit your content to remove the highlighted words below.
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...