X-Cart: shopping cart software
Page 2 of 5 < 1 2 34 > Last »
Show 40 posts from this thread on one page

X-Cart forums (https://forum.x-cart.com/index.php)
-   News and Announcements (https://forum.x-cart.com/forumdisplay.php?f=28)
-   -   X-Cart v4.1.11 released (https://forum.x-cart.com/showthread.php?t=42147)

JWait 09-04-2008 09:07 AM
Re: X-Cart v4.1.10 released
 
Quote:
Originally Posted by intel352
Funny how the email from Qualiteam minimized the size of this upgrade, yet it's still a pretty sizable changelog. Regardless, gj Qualiteam

Looking at the DIFF files, a lot of them do nothing but "update" the version number and date of the file.

tobychapman 09-04-2008 11:25 AM
Re: X-Cart v4.1.11 released
 
I traced the little black squares problem to a php file that hadn't saved properly.

As to the HTML entities, the handling of &nbsp; has changed since I last worked on a template. "&nbsp;&euro;" is converted to " &euro;" in a template. Why is &nbsp; changed and not &euro;? Is ths a security issue?

In fact are all instances of "&nbsp;" changed to " " before being saved in the database? Is this what is meant by variables? Or is it just some sections of the database?

Does variables refer to language variables? Unix servers have never been very friendly to accented characters and non english alphabets. What is now the best practice for saving accented characters in the database?

intel352 09-05-2008 04:09 AM
Re: X-Cart v4.1.10 released
 
Quote:
Originally Posted by JWait
Looking at the DIFF files, a lot of them do nothing but "update" the version number and date of the file.

lmfao, I've seen that happen in other updates as well. Quite annoying if you ask me, if you're having to manually patch files and keep running across DIFFs like that. :?

elmirage001 09-05-2008 07:23 AM
Re: X-Cart v4.1.11 released
 
Hi Jon or Anyone!

Edit--> Worked through the blank page and now live on 4.1.11 - Info on the link below

Any clues why during the upgrade after step 1 is all ok that in step 2 the page goes to a blank x-cart/admin/patch.php?mode=result page?

This has happened to 2 of us now. More details in the upgrading section http://forum.x-cart.com/showthread.php?t=42176

Thank you,

Paul

georgewf 09-05-2008 09:15 PM
Re: X-Cart v4.1.11 released
 
Minor disaster doing this upgrade, but I am getting through it. Big problems with some include/func/*.php upgrades, and then some new security mechanism locked me out of my store because the SQL patch had not been applied. So I applied the patch through phpmyadmin.

Noted a discrepancy in

include/templater/plugins/modifier.escape.php ...already patched

In fact the gold version I downloaded for reference does not match the patch version.

include\templater\plugins\modifier.escape.php

case 'htmlall':
$string = func_unhtmlentities($string);

is not the same in the gold version. So should I take it out of the patched version or should Qualiteam add it to the gold version?

George

elmirage001 09-05-2008 10:23 PM
Re: X-Cart v4.1.11 released
 
Quote:
Originally Posted by georgewf
Minor disaster doing this upgrade, but I am getting through it. Big problems with some include/func/*.php upgrades, and then some new security mechanism locked me out of my store because the SQL patch had not been applied. So I applied the patch through phpmyadmin.

Noted a discrepancy in

include/templater/plugins/modifier.escape.php ...already patched

In fact the gold version I downloaded for reference does not match the patch version.

include\templater\plugins\modifier.escape.php

case 'htmlall':
$string = func_unhtmlentities($string);

is not the same in the gold version. So should I take it out of the patched version or should Qualiteam add it to the gold version?

George

Hi George,

My include/templater/plugins/modifier.escape.php from 4.1.10 was "could not patch" with the differences shown below

Code in 4.1.10 after both security patches <--edited
Quote:
case 'htmlall':
$string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlentities($string, ENT_QUOTES, $char_set);
else
return htmlentities($string, ENT_QUOTES);

Code in 4.1.11
Quote:
case 'htmlall':
if (phpversion() >= '4.1.0')
return htmlentities($string, ENT_QUOTES, $char_set);
else
return htmlentities($string, ENT_QUOTES);

Hope this helps,

Paul

georgewf 09-06-2008 09:49 AM
Re: X-Cart v4.1.11 released
 
I found the cause of the discrepancy - there was a security patch dated 7-31 which I applied

+++ include/templater/plugins/modifier.escape.php 2008-07-31 16:23:54.000000000 +0400
@@ -50,12 +50,14 @@

switch ($esc_type) {
case 'html':
+ $string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlspecialchars($string, ENT_QUOTES, $char_set);
else
return htmlspecialchars($string, ENT_QUOTES);

case 'htmlall':
+ $string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlentities($string, ENT_QUOTES, $char_set);
else


But the line after htmlall is not in the gold version distributive nor in the new patch. No idea if this is important or not. Could be nothing, or could be the cause of future subtle bugs impossible to track down.

EN4U 09-06-2008 09:53 AM
Re: X-Cart v4.1.11 released
 
How important is this update? For instance, we use linkpoint, and linkpoint is pointed out in the docs. DOES this mean my current version is messed up with this processor?

Just trying to figure out if this truly needs to be done for that alone and other levels?

Thanks

elmirage001 09-06-2008 10:05 AM
Re: X-Cart v4.1.11 released
 
Quote:
Originally Posted by georgewf
I found the cause of the discrepancy - there was a security patch dated 7-31 which I applied

+++ include/templater/plugins/modifier.escape.php 2008-07-31 16:23:54.000000000 +0400
@@ -50,12 +50,14 @@

switch ($esc_type) {
case 'html':
+ $string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlspecialchars($string, ENT_QUOTES, $char_set);
else
return htmlspecialchars($string, ENT_QUOTES);

case 'htmlall':
+ $string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlentities($string, ENT_QUOTES, $char_set);
else


But the line after htmlall is not in the gold version distributive nor in the new patch. No idea if this is important or not. Could be nothing, or could be the cause of future subtle bugs impossible to track down.

You make an excellent point! Did QT mean to remove this line in 4.1.11 or did they forget to add it in from the second security patch???
Edited 9/8 --> Vyacheslav from Qualiteam was nice enough to reply that in 4.1.11 this line is not needed due to changes in other files.
Quote:
case 'htmlall':
$string = func_unhtmlentities($string);
if (phpversion() >= '4.1.0')
return htmlentities($string, ENT_QUOTES, $char_set);
else
return htmlentities($string, ENT_QUOTES);

georgewf 09-07-2008 03:59 PM
Re: X-Cart v4.1.11 released
 
re: html entities

I have most of my database encoded using html entities like &eacute. These still display correctly and I can create descriptions using them, however I cannot edit these items without losing most of the codes.

Try some of these for yourself:

&acute; U+00B4
&AElig; U+00C6
&aelig; U+00E6
&Agrave; U+00C0
&agrave; U+00E0
&alefsym; U+2135
&Alpha; U+0391
&alpha; U+03B1
&amp; U+0026

It seems like all the entities which are less than hex x00FF value cannot be edited in xcart.

Can Qualiteam please confirm if this is expected behaviour now? The message in the changelog about entities is very vague.

Thanks


All times are GMT -8. The time now is 06:38 PM.
Page 2 of 5 < 1 2 34 > Last »
Show 40 posts from this thread on one page

Powered by vBulletin Version 3.5.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.