Guest Posted May 16, 2004 Posted May 16, 2004 In case anyone is interested, please use this thread to post support questions / thoughts for the 'Register Globals' contribution. The contribution can be found here... http://www.oscommerce.com/community/contributions,2097 Comments / abuse / vacuous indifference (delete as you see fit - if you can be bothered) welcomed. regards, Rich. Quote
Guest Posted May 20, 2004 Posted May 20, 2004 Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix. If someone is interested in the changes, i can post the changed files. Thanks and Greetings Alex Sorry for my bad english Quote
Deodupke Posted May 21, 2004 Posted May 21, 2004 Thanks for this contribution. I tested it on a server, where the provider do not want to turn on globals in the php-settings. So i was forced to use it. There were only some little problems with the logoff. It was unpossible to log out of the site. After some hours of work for understanding the complete thing, i found out, where the problem is located. In tep_session_unregister its seems to be important, to insert after link_session_variable($variable, false); a call to unset the variable from session. Otherwise the variable is never unregistered really. I made also another change. To avoid possible problems with other variables stored in $_SESSION, i used a suffix "global." for the storing. In every function i check now, if this suffix is included or add the suffix. If someone is interested in the changes, i can post the changed files. Thanks and Greetings Alex Sorry for my bad english I am very interested in your solution, bring it on Quote Dupke's Place
Deodupke Posted May 21, 2004 Posted May 21, 2004 i'm also getting these two warnings: Warning: First argument to array_keys() should be an array in /httpdocs/shop/includes/functions/sessions.php on line 74 Warning: Invalid argument supplied for foreach() in /httpdocs/shop/includes/functions/sessions.php on line 75 what to do with these? Quote Dupke's Place
Guest Posted May 21, 2004 Posted May 21, 2004 I added the changed files to http://www.oscommerce.com/community/contributions,2097. Can you add the part of the code, where these warnings occured? Just some lines and in which function. Alex Quote
akkinmore Posted May 22, 2004 Posted May 22, 2004 Hi, Can anyone tell me the advantages of installing this contrib? Is this for security reasons? Thanks. :lol: Quote
Guest Posted May 22, 2004 Posted May 22, 2004 This contribution from Richard Bentley is for the case, that Register_Globals is turned off. For security-reasons, this should be allways turned off. But oscommerce is currently not prepared for this case, so that oscommerce without this contribution and without Register_Globals turned on is unable to work. It seems to be, that i still have some problems in the admin at product attributes. I try to find out, where this problem is located. Currently i can not page through the attributes. Alex Quote
Guest Posted May 22, 2004 Posted May 22, 2004 I fixed this problem in admin/products_attributes.php. But i do not know, at which places the same problem could occure. Following changes are necessary: //BOF - RegisterGlobals // if (!isset($option_page)) { // $option_page = 1; // } if (!isset($option_page)) { if (isset($HTTP_GET_VARS['option_page'])) { $option_page = $HTTP_GET_VARS['option_page']; } else { $option_page = 1; } } // EOF - RegisterGlobals //BOF - RegisterGlobals // if (!isset($value_page)) { // $value_page = 1; // } if (!isset($value_page)) { if (isset($HTTP_GET_VARS['value_page'])) { $value_page = $HTTP_GET_VARS['value_page']; } else { $value_page = 1; } } // EOF - RegisterGlobals //BOF - RegisterGlobals // if (!isset($attribute_page)) { // $attribute_page = 1; // } if (!isset($attribute_page)) { if (isset($HTTP_GET_VARS['attribute_page'])) { $attribute_page = $HTTP_GET_VARS['attribute_page']; } else { $attribute_page = 1; } } // EOF - RegisterGlobals Quote
Guest Posted May 22, 2004 Posted May 22, 2004 Just a quick note to say thanks for the feedback - clearly I need to keep a better eye on the message board... ...and improve my coding ! Sorry for the problems you all seem to be having - be assured that I shall suitably chastise myself for causing such grief. I'll look at what you've all posted in depth after I've written this. Oh well, at least it's good to know that other people are interested in this. regards, Rich. Quote
Guest Posted May 22, 2004 Posted May 22, 2004 I've put up v1.1.1. This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004. regards, Rich. Quote
CC Posted May 23, 2004 Posted May 23, 2004 How many files is this contribution going to touch in general? And is it something that could be used on a site with ALOT of mods and hacks? Ta. CC. Quote
Deodupke Posted May 24, 2004 Posted May 24, 2004 I've put up v1.1.1. This includes all the fixes that have been posted here to date, plus a fix for the array referencing problem reported by Deodupke on 21/05/2004. regards, Rich. thx, gonna test it Quote Dupke's Place
Deodupke Posted May 24, 2004 Posted May 24, 2004 ok seems to work.. I only have another problem, i have a multilanguage shop. Case: Default language is dutch. Everything shows in dutch ( that's good) when selecting english ( as customer) the page where you are at that moment displays in english and all the links to other parts of the shop are also english. But, when clicking a link to an other part of the shop the language switches back to ( default) dutch again. So i think the variable which containts the languagesetting is not available on other pages or something.. Quote Dupke's Place
Deodupke Posted May 24, 2004 Posted May 24, 2004 addition: ( why can't i edit my own message?) In the administration menu there's also a problem with a variable i think... when going to the catalogus section en clicking one category of that section it switches to the Configuration menu ( and closes the catalogus menu) Quote Dupke's Place
Guest Posted May 24, 2004 Posted May 24, 2004 (edited) Mmmm.... I'm not able to look at this right now, but I'll look into it this evening - I'm sure it's nothing difficult to fix (feel free to remind me I said this when I still haven't got a solution in a week's time !) In response to CC's question - download and look at the contribution! The answer is 'not many' - I think it's 4 files in admin and 3 files in catalog (or something like that - I don't have the code in front of me). The changes are actually very small. Also, I have specifically written the change instructions in a way that is less likely to interfere with other modifications. But if you read the contribution, you'd know this already :-) regards, Rich. Edited May 24, 2004 by CMOTD Quote
Guest Posted May 24, 2004 Posted May 24, 2004 (edited) Hello again, I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't. Re The problem with admin category selection switching back to Configuration.... What setting do you have for 'variables_order' in php.ini ? The default value for this is "EGPCS" I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe. In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated. puzzled.... regards, Rich. Edited May 24, 2004 by CMOTD Quote
Deodupke Posted May 24, 2004 Posted May 24, 2004 Hello again, I don't suppose you can be a bit more specific about the language problem can you ? Is there any particular link you can click on that causes the language to switch back to its default ? I have tried to reproduce the problem but can't. Re The problem with admin category selection switching back to Configuration.... What setting do you have for 'variables_order' in php.ini ? The default value for this is "EGPCS" I tried setting this to "ES" because it's more secure but it breaks quite a bit of code. One of the problems I observed was exactly the one you describe. In the meantime, if this is not your problem then all I can suggest for now is that you go back and check that all the changes are applied correctly. Either way, feedback is much appreciated. puzzled.... regards, Rich. Hey Rich. thanks for looking at the problem about the PHP.ini setting: i'm running this thing on a host so i can't look at the php.ini about he language thing i send you a PM Quote Dupke's Place
rzazueta Posted May 24, 2004 Posted May 24, 2004 Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files. Any idea what's happening? Thanks! Rob Z. Quote
Deodupke Posted May 24, 2004 Posted May 24, 2004 Hello, all. I've dutifully applied all the patches to an uninstalled copy of 2.2 DLed straight from the site. I wanted to do this before actually installing. However, I'm still seeing the "Register Globals" error, even though I've confirmed that the check has been commented out in each of the admin and catalog files. Any idea what's happening? Thanks! Rob Z. do you get the error while installing? because i had this too, i solved this by commenting the register_globals check in application.php in your /install/includes Quote Dupke's Place
rzazueta Posted May 24, 2004 Posted May 24, 2004 Y'know, I looked in there and didn't see it. But now that you've made me look again it magically appeared! ;-) Thanks a ton! Rob Z. Quote
Guest Posted May 24, 2004 Posted May 24, 2004 Sorry about this omission - I've already added it to the patch ready for the next upload Rich. Quote
Guest Posted May 27, 2004 Posted May 27, 2004 (edited) An appeal On the 24 May, Twan reported a couple of problems; one in admin whereby it switches back to the configuration at the wrong time, and one in catalog where the language switches back to (what we now know / think ?) is the browser default language. I'm having some real problems reproducing these issues - basically, I can't. With Twan's help, I have been able to confirm the issues exist though. If anyone out there can confirm that these ARE or ARE NOT an issue for them, I would be very interested to hear. (If you want to avoid cluttering up the message board with reports then send me a PM if you like) I think the problems may have something to do with some php.ini settings on the shared server that faulty OSC is running on (specifically, the variables_order value), but we are unable to get to the php.ini values, so can't confirm this. At the moment I want to try and fixes these issues but am at a bit of a loss. regards, Rich. Edited May 27, 2004 by CMOTD Quote
bnoji Posted June 2, 2004 Posted June 2, 2004 I have patched the necessary files for this contrib, yet when using the admin control panel I get a fatal error from the new link_session_variable function in sessions.php. It looks like the variables "cart" and "currency" have not been properly defined. The variables (in order) are: language languages_id selected_box cart - Fatal error: Session variable cart is not globally defined currency - Fatal error: Session variable currency is not globally defined messageToStack This actually just popped up after working fine for a day. Anyone else run into this problem? Am I missing something? I managed to get rid of the error by adding those two into the var_refs array in the link_session_variable function, but I'm completely new to osC and I'm not sure if I'm about to break something by doing so... Anyway, any insight would be appreciated. Thanks. Quote
wild one Posted June 2, 2004 Posted June 2, 2004 Hello, I've installed this contribution and it seems mostly to be fine except for this error I get when trying to checkout of my shop: "Warning: session_write_close(): Your script possibly relies on a session side-effect which existed until PHP 4.2.3. Please be advised that the session extension does not consider global variables as a source of data, unless register_globals is enabled. You can disable this functionality and this warning by setting session.bug_compat_42 or session.bug_compat_warn to off, respectively. in \\nas12ent\domains\1\1stopscaleshop.co.uk\user\htdocs\includes\functions\sessions.php on line 212" I've been trolling the forum for a similar scenario to learn from but have had no luck. My hosting company will give me no access to the php.ini file but I was wondering about ini_set as an alternative?? This seems like it may be too easy option and wishful thinking?? Has anyone got any thoughts on ini_set? Or has anyone encountered the above error message when doing a checkout? please have a look at http://www.1stopscaleshop.co.uk if you would like to see this error in action. Many Thanks Rebecca Quote
Veinman Posted June 8, 2004 Posted June 8, 2004 Thanks for all the hard work on this. I have just finally got osCommerce installed for the first time, and am taking a look at it. I was surprised when it wanted globals on, and was happy to find this thread to help get around the installation issues. :D Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.