Thee is a new security patch, identified as "SEVERITY: Critical" for users of 4.1.7
It should be in your file area.
security-patch-2007-06-20
One comment:
In the install instructions, it states:
Quote:
|
2. If the version of your X-Cart is 4.1.7, replace the file <xcart_dir>/include/login.php with the file include/login.php from this patch.
|
If you have a modified login.php, you must not do this, and instead, do a compare and manually decide what code to upgrade.
CDSEO, "Remember Me" and other mods/hacks (including a redirect to a static page after logout) all have modified login.php, so don't forget to backup, and be careful out there.
Thank you to x-cart for the patch -- (for those of us using 4.1.7 that are not prepared to upgrade to 4.1.8 just yet)