| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | User manuals | Login |
Attention users of X-Cart vv.4.0.x - 4.7.1 | ||||
|
|
Thread Tools |
#11
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
For what it is worth, this is what I've found so far with testing with applying the 4.5.5 patches to 4.5.0.
I get a white blank screen of death in their related functions if I upload any of these files: func/func.backoffice.php func/func.cart.php func/func.core.php func/func.user.php include/register.php Also this files doesn't exist in 4.5.0: include/func.perms.php provider/register.php The Smarty update is pretty straight forward and I don't see that causing an issue. Same pretty much goes with the skin .tpl files. The real question comes down to those 4 above and the 2 that don't exist in 4.5.0. My next move will be to try applying the diffs with patch but I won't get around until that tomorrow. One thing I'm not sure about is pconf.diff - do I need that? My understanding from one of the previous posts here is that I don't need to do anything with patch.sql as it just marks that it was updated. FYI earlier this week the x-cart site was being hammered by various probes from Isreal. They were probing the review portions in the catalog. Could be they were already looking for active explores or not. Mainly just a small load factor on the server. Far as I can tell, nothing was done and WAF OWSAP rules blocked anything bad.
__________________
Version 4.5.0 with Ability Template v1.052 (modified) LAWP - PHP 5.3.29 (patched) - MySQL - 5.0.96 Community - suPHP |
|||||||
#12
|
|||||||||
|
|||||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
I can't see the 4.5.4 patch either
__________________
Richard Ultimate 5.4 testing |
|||||||||
#13
|
|||||||||
|
|||||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
I just applied the security update to my 4.6.6 test server after making backups of DB, and files, as well as the 3 individual files and the 2 SQL DBs that were affected in my case.
I applied the Patch.sql - and the 3 diff files and all applied successfully. I tested an order from start to finish, and had no problems. Then I repeated on my production server, and again all applied fine for me. Thanks for the quick patch for the problem.
__________________
X-Cart GP 4.7.12 | XCARTMODS.CO.UK reBOOT (reDUX)4.7.12.8 | Live IONOS Hosting | Linux | PHP 7.4.33 | MySQL 5.7 |
|||||||||
#14
|
|||||||||
|
|||||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
The patches for 4.5.5 won't work for previous 4.5.x versions as there are major differences. There will need to be separate patches for those branches.
|
|||||||||
|
#15
|
|||||||||
|
|||||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
Quote:
|
|||||||||
|
#16
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
Patch (4.4.5) applied to a 4.4.4 store successfully.
However there is no provider/register.php in 4.4.4 (both my version and the version in the file area) Is this a 4.4.5 file only?
__________________
Multiple instances of X-cart |
|||||||
#17
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
After applying the patch for 4.3.2 all of the user information disappears in the backend. The data is still in the database but just not displaying.
I restored the original func.user.php and the functionality returns. Here are the new lines of code (starting at line 201): $need_password = (bool)$need_password; $need_cc = (bool)$need_cc; $user = abs(intval($user)); $usertype = addslashes($usertype); Does anyone have a suggestion as to how to get the new file to work without disrupting the store? Thanks very much.
__________________
X-Cart Gold 4.3.2 (Windows) X-Cart Gold Plus 4.6.1 (Linux) Magic Toolbox slider and zoom |
|||||||
#18
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
Quote:
There appears to be a small bug where the default payment method on the checkout now defaults to the last method, not the first?
__________________
Multiple instances of X-cart |
|||||||
#19
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
Quote:
I have reuploaded the security-patch-2015-04-28_4.0.19.tgz security-patch-2015-04-28_4.1.12.tgz security-patch-2015-04-28_4.2.3.tgz security-patch-2015-04-28_4.3.2.tgz security patches. I have removed the line $user = abs(intval($user)); from these patches. Sorry for that.
__________________
Sincerely yours, Ildar Amankulov Head of Maintenance group |
|||||||
|
#20
|
|||||||
|
|||||||
Re: Attention users of X-Cart vv.4.0.x - 4.7.1
Hello,
I have X-Cart 4.1.10 and would like to apply the most recent security patches. However I am not seeing the archive in the "Updates and patches". Will this be added soon? Thank you, Greg
__________________
4.0 |
|||||||
|
|||
X-Cart forums © 2001-2020
|