Jump to content

ohno

Members
  • Content Count

    77
  • Joined

  • Last visited

  • Days Won

    1

ohno last won the day on March 28

ohno had the most liked content!

Community Reputation

2 Neutral

About ohno

  • Rank
    Regular Member
  1. Thanks, fixed that issue now the payment page has a whole load of similar errors! <input <?php if (isset($_smarty_tpl->tpl_vars['cart']->value->mErrors['BillingFirstName'])) {?>class="error"<?php }?> type="text" name="BillingFirstName" tabindex="8" maxlength="25" value="<?php echo $_smarty_tpl->tpl_vars['cart']->value->mVars['BillingFirstName'];?> Stuck on this one TBH!
  2. Not sure how to find what is causing my issue here, I'm running smarty which gives me this error if I switch PHP version to 7.4 (was on 7.3) : - The line the error refers to is this : - <p class="cart_del_info_box_text"><i class="fa fa-exclamation-triangle" aria-hidden="true"></i> <span class="cart_del_info_box_message"><?php echo $_smarty_tpl->tpl_vars['cart']->value->mDelivery['cartdeliverymessage'];?> How do I go about finding which file has the actual problem? Thanks for any pointers.
  3. This is what he did..... new function.load_search_query.php file <?php function smarty_function_load_search_query($params, $smarty) { $query = new SearchQuery(); $smarty->assign('query', $query->readFromRequest()); } class SearchQuery { public $value = ""; public static function readFromRequest() { $query = new self(); if (isset($_GET["search"]) && is_string($_GET["search"])) { $query->value = $_GET["search"]; } return $query; } } ?> Modified function.load_search.php : - function __construct() { require_once FILE_ROOT . '/data_objects/do_settings.php'; $this->mDoSettings = new DoSettings(); require_once FILE_ROOT . '/data_objects/do_catalogue.php'; $this->mDoCatalogue = new DoCatalogue(); if (!isset($_REQUEST['search']) || !is_string($_REQUEST['search']) ) { header ("Location: /emptysearch/"); die (); } if (strlen(trim($_REQUEST['search']))>0 ) { $this->mSearchString = trim(stripslashes($_REQUEST['search'])); $this->mSearchArray = explode(" ", $this->mSearchString); } else { header ("Location: /emptysearch/"); die (); } } Changed tpl file to include {load_search_query assign="query"} & change the search query to {$query->value|escape:'htmlall'}. It doesn't error with the [], running PCI scan now.....
  4. Thanks again hopefully they can sort the issue now.
  5. Thanks, I'll pass this onto a developer who has been doing other work on my site (as I have no clue where the above code would be used!). Thanks for your help, would the above code fix both errors?
  6. Could I simply do : - $this->mSearchString = str_replace ( "[", " ",($_REQUEST['search'])); To prevent an array in the search?
  7. That gives a slightly different error in the log : - ERRNO: 2 TEXT: trim() expects parameter 1 to be string, array given LOCATION: /home/website/public_html/smarty_plugins/function.load_search.php, line 27, at April 20, 2020, 7:00 pm function.load_search.php is above too. Now, I have no clue how to fix it! Any idea's what code I'd need to fix it?
  8. function.load_product.php IS the above code. The tpl was already posted, it's this code : - {load_chat assign="chat"} {if $chat->mChat} <script type="text/javascript" id="763333b0f312f025d780a8f4451bf6f3" src="https://www.siteaddress.com/online-support/script.php?id=763333b0f312f025d780a8f4451bf6f3"></script> {/if} {if !$chat->mChat && $settings->mSettings[13]} <script type="text/javascript" id="aaa07817d7cd2a7dce9e0ffac6286dbb" src="https://www.siteaddress.com/online-support/script.php?id=aaa07817d7cd2a7dce9e0ffac6286dbb"></script> {/if} <div id="menu_switch"><i class="fa fa-bars fa toggler"></i></div> <form id="product_search" method="get" action="{$smarty.const.SITE_ROOT}/searchresults/"> <input type="text" name="search" placeholder="&#xf002; Product Search" style="font-family: FontAwesome, Arial; font-style: normal; font-size:18px;" {if isset($smarty.request.search) && $settings->mSettings[107]}value="{$smarty.request.search|escape:'htmlall'}"{/if} /><button type="submit" class="button"><i class="fa fa-search" aria-hidden="true"></i> <i class="fa fa-caret-right" aria-hidden="true"></i></button> </form> <form id="code_search" method="post" action="{$smarty.const.SITE_ROOT}/cart/quickadd.php"> <input type="text" name="code" maxlength="14" placeholder="&#xf061; Product Code" style="font-family: FontAwesome, Arial; font-style: normal; font-size:18px;" /><button type="submit" name="submit" class="orange"><i class="fa fa-shopping-cart" aria-hidden="true"></i> Quick Add <i class="fa fa-caret-right" aria-hidden="true"></i></button> </form> {if !isset($hidecart) && isset($cartsmall) && $cartsmall->mCart.sub > 0} <p id="view_cart"><a class="button orange" href="{$smarty.const.SITE_ROOT}/cart/"><span class="hidden-xs hidden-sm"><i class="fa fa-shopping-cart" aria-hidden="true"></i> View Cart &nbsp;</span>&pound;{$cartsmall->mCart.sub} <i class="fa fa-caret-right" aria-hidden="true"></i></a></p> {/if} <script> Hopefully that helps?
  9. <?php function smarty_function_load_product($params, $smarty) { $product = new Product(); $product->init($params['dir']); $smarty->assign($params['assign'], $product); } class Product { // public fields public $mProduct; //public $mImages; //public $mImageCount; public $mOptions; public $mXsells; // private fields private $mDoSettings; private $mDoCatalogue; function __construct() { require_once FILE_ROOT . '/data_objects/do_settings.php'; $this->mDoSettings = new DoSettings(); require_once FILE_ROOT . '/data_objects/do_catalogue.php'; $this->mDoCatalogue = new DoCatalogue(); } public function init($dir) { $this->mProduct = $this->mDoCatalogue->GetProductFromDir(trim(stripslashes($dir))); if (!$this->mProduct) { header('HTTP/1.1 404 Not Found'); $_GET['e'] = 404; include(FILE_ROOT . '/errors/404.php'); exit(); } $this->mProduct['price_inc'] = number_format($this->mProduct['price'] * (($this->mDoSettings->GetSetting(1) / 100) + 1), 2, ".", ","); $options = trim($this->mProduct['optionprods'], ",\t\n\r\0\x0B"); $options_ids = explode(",", $options); for ($i = 0; $i < count($options_ids); $i++) { if (is_numeric($options_ids[$i])) { $product = $this->mDoCatalogue->GetProduct((int)$options_ids[$i]); if ($product) { $product['price_inc'] = number_format($product['price'] * (($this->mDoSettings->GetSetting(1) / 100) + 1), 2, ".", ","); $this->mOptions[] = $product; } } } $this->mXsells = $this->mDoCatalogue->GetXsells($this->mProduct['productid']); shuffle($this->mXsells); } } ?>
  10. Not sure how to debug this. I have the following error that is ONLY happening when our site has a PCI scan running : - ERRNO: 2 TEXT: htmlspecialchars() expects parameter 1 to be string, array given LOCATION: /home/bttorj45/public_html/smarty_templates_c/dbbe565f1731d4158472b66b75c85442498e81b9_0.file.top_menu_bar.tpl.php, line 42, at April 11, 2020, 5:05 pm Showing backtrace: htmlspecialchars(Array[1], "3", "UTF-8", true) # line 42, file: /home/siteaddress/public_html/smarty_templates_c/dbbe565f1731d4158472b66b75c85442498e81b9_0.file.top_menu_bar.tpl.php content_5e83087341d089_14126332(Object:Smarty_Internal_Template) # line 123, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_resource_base.php Smarty_Template_Resource_Base.getRenderedTemplateCode(Object:Smarty_Internal_Template) # line 114, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_compiled.php Smarty_Template_Compiled.render(Object:Smarty_Internal_Template) # line 216, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_template.php Smarty_Internal_Template.render() # line 385, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_template.php Smarty_Internal_Template._subTemplateRender("file:page_elements/top_menu_bar.tpl", null, null, "0", "120", Array[0], "0", false) # line 56, file: /home/siteaddress/public_html/smarty_templates_c/0e4c1495f7a25cef1d85553f951690964f702a5a_0.file.error404.tpl.php content_5e4ffba4a49c66_36622821(Object:Smarty_Internal_Template) # line 123, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_resource_base.php Smarty_Template_Resource_Base.getRenderedTemplateCode(Object:Smarty_Internal_Template) # line 114, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_compiled.php Smarty_Template_Compiled.render(Object:Smarty_Internal_Template) # line 216, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_template.php Smarty_Internal_Template.render(false, "1") # line 232, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_templatebase.php Smarty_Internal_TemplateBase._execute(Object:Smarty_Internal_Template, null, null, null, "1") # line 134, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_templatebase.php Smarty_Internal_TemplateBase.display("pages/error404.tpl") # line 65, file: /home/siteaddress/public_html/errors/404.php include("/home/siteaddress/public_html/errors/404.php") # line 34, file: /home/siteaddress/public_html/smarty_plugins/function.load_product.php Product.init("api") # line 5, file: /home/siteaddress/public_html/smarty_plugins/function.load_product.php smarty_function_load_product(Array[2], Object:Smarty_Internal_Template) # line 39, file: /home/siteaddress/public_html/smarty_templates_c/53725e8a2fc4b6c7c0c42e801dab2741a0994a8e_0.file.product.tpl.php content_5e579e9761f086_59385269(Object:Smarty_Internal_Template) # line 123, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_resource_base.php Smarty_Template_Resource_Base.getRenderedTemplateCode(Object:Smarty_Internal_Template) # line 114, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_template_compiled.php Smarty_Template_Compiled.render(Object:Smarty_Internal_Template) # line 216, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_template.php Smarty_Internal_Template.render(false, "1") # line 232, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_templatebase.php Smarty_Internal_TemplateBase._execute(Object:Smarty_Internal_Template, null, null, null, "1") # line 134, file: /home/siteaddress/public_html/include/smarty/sysplugins/smarty_internal_templatebase.php Smarty_Internal_TemplateBase.display("pages/product.tpl") # line 85, file: /home/siteaddress/public_html/dirs.php I ***think*** the scan must be inputting something in the search box to cause this (I'm awaiting info from Security Metrics with regard to this). {load_chat assign="chat"} {if $chat->mChat} <script type="text/javascript" id="763333b0f312f025d780a8f4451bf6f3" src="https://www.siteaddress.com/online-support/script.php?id=763333b0f312f025d780a8f4451bf6f3"></script> {/if} {if !$chat->mChat && $settings->mSettings[13]} <script type="text/javascript" id="aaa07817d7cd2a7dce9e0ffac6286dbb" src="https://www.siteaddress.com/online-support/script.php?id=aaa07817d7cd2a7dce9e0ffac6286dbb"></script> {/if} <div id="menu_switch"><i class="fa fa-bars fa toggler"></i></div> <form id="product_search" method="get" action="{$smarty.const.SITE_ROOT}/searchresults/"> <input type="text" name="search" placeholder="&#xf002; Product Search" style="font-family: FontAwesome, Arial; font-style: normal; font-size:18px;" {if isset($smarty.request.search) && $settings->mSettings[107]}value="{$smarty.request.search|escape:'htmlall'}"{/if} /><button type="submit" class="button"><i class="fa fa-search" aria-hidden="true"></i> <i class="fa fa-caret-right" aria-hidden="true"></i></button> </form> <form id="code_search" method="post" action="{$smarty.const.SITE_ROOT}/cart/quickadd.php"> <input type="text" name="code" maxlength="14" placeholder="&#xf061; Product Code" style="font-family: FontAwesome, Arial; font-style: normal; font-size:18px;" /><button type="submit" name="submit" class="orange"><i class="fa fa-shopping-cart" aria-hidden="true"></i> Quick Add <i class="fa fa-caret-right" aria-hidden="true"></i></button> </form> {if !isset($hidecart) && isset($cartsmall) && $cartsmall->mCart.sub > 0} <p id="view_cart"><a class="button orange" href="{$smarty.const.SITE_ROOT}/cart/"><span class="hidden-xs hidden-sm"><i class="fa fa-shopping-cart" aria-hidden="true"></i> View Cart &nbsp;</span>&pound;{$cartsmall->mCart.sub} <i class="fa fa-caret-right" aria-hidden="true"></i></a></p> {/if} <script> $('.toggler').click(function() { $(this).toggleClass("fa-bars fa-times"); }); </script> function.load_search.php :- <?php function smarty_function_load_search($params, $smarty) { $search = new Search(); $search->init(); $smarty->assign($params['assign'], $search); } class Search { // public fields public $mSearchString; public $mSearchArray; public $mProducts; public $mProductCount; // private fields private $mDoSettings; private $mDoCatalogue; function __construct() { require_once FILE_ROOT . '/data_objects/do_settings.php'; $this->mDoSettings = new DoSettings(); require_once FILE_ROOT . '/data_objects/do_catalogue.php'; $this->mDoCatalogue = new DoCatalogue(); if (isset($_REQUEST['search']) && strlen(trim($_REQUEST['search']))>0 ) { $this->mSearchString = trim(stripslashes($_REQUEST['search'])); $this->mSearchArray = explode(" ", $this->mSearchString); } else { header ("Location: /emptysearch/"); die (); } } public function init() { $this->mProducts = $this->mDoCatalogue->SearchProducts($this->mSearchArray); $this->mProductCount = count($this->mProducts); for ($i = 0; $i < count($this->mProducts); $i++) { $this->mProducts[$i]['price_inc'] = number_format($this->mProducts[$i]['price'] * (($this->mDoSettings->GetSetting(1) / 100) + 1), 2, ".", ","); } } } ?> do_catalogue.php :- public function SearchProducts($search) { $fields = array("code", "title", "keywords"); $query_string = "SELECT p.code, p.title, p.cattext, p.price, p.img, p.url, p.available, p.due, p.special, p.newproduct, p.discontinued, c.name, c.menulinktext FROM " . $this->mProductTable . " p " . "JOIN categories c ON p.category = c.id " . "WHERE (("; for ($f = 0; $f < count($fields); $f++) { if ($f != 0) { $query_string .= ") OR ("; } for ($s = 0; $s < count($search); $s++) { if ($s != 0) { $query_string .= " AND "; } $query_string .= "p." . $fields[$f] . " LIKE '%" . $this->mDoQuery->dbManager->DbEscape($search[$s]) . "%'"; } } $query_string .= ")) AND active=1 AND live=1 " . "ORDER BY p.rating ASC"; return $this->mDoQuery->dbManager->DbGetAll($query_string); } Any idea's how to fix it? I can't replicate it with a specific issue as I don't know what the scan is doing to cause this! Thanks
  11. &copy; 2010-<?php echo date("Y");?>
  12. I'll take a look Monday. PHP 7.3 btw. Thanks
  13. Well I guess that sums it up! What I posted works as far as O can see (perhaps you could be more helpful and state what won't work?). I came here for help. I don't help someone if I don't know what I'm doing. I DO help someone who doesn't know what they are doing but I do! Sorry. But in my day that's what forums were all about.
  14. Do you never help someone? Wiring a telecom system is not easy but I could help you blindfolded with my hands behind my back & yes, I've pulled apart many things in the past. That's how some people learn. I really don't have time to start learning PHP from the beginning & finding a coder to something as small as this is impossible (much like finding a telecoms engineer to fit a telephone socket )
  15. I tried as what I said above & it works. No errors. Most probably not the correct way but works! So I have this : - if (isset($_SESSION['cartid']) && isset($_POST['cartitem']) && isset($_POST['quantity']) && is_numeric($_POST['quantity']) && (!isset($_SESSION['lockedcard']) && $_SESSION['lockedcard'] == '') && (!isset($_SESSION['lockedpaypal']) && $_SESSION['lockedpaypal'] == '')) { On the card page :- $_SESSION['lockedpaypal'] = 0; $_SESSION['lockedcard'] = 1; On the PayPal page :- $_SESSION['lockedcard'] = 0; $_SESSION['lockedpaypal'] = 1; I'll take a look at what was suggested another day Right now I need some piece & a cool beer. Take care all
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.