Jump to content

rweiss's Content

There have been 9 items by rweiss (Search limited from 08-Dec 18)


Sort by                Order  

#19572 Hacked by someone in Eastern Europe

Posted by rweiss on 23 August 2007 - 02:51 PM in v1.x Security

Idiot may have been a strong reaction - but the implication was that I had left the config.php at 777 - which any webmaster worth his/her salt would no better than that.

No one verified that this was the case- it was just assumed. That felt like an insult - and it didn't resolve anything.

My point has been that people in this forum ask for help and the answers are non-specific. One person asks about security, and he is told to read the security forum. That is the area he wrote the question in? He was obviously reading the security area.

The fact that the cart was hacked, and the config.php file was properly at 644, is an issue for me.

As to there being other causes on the server - that may be the case. But when I open the config.php file that was hacked, and it has the hackers signature all over it says to me that this is where the problem existed.

How he hacked a properly configured file is beyond me - so I was looking for some help here.

I am re-installing the cart - so the evidence is now gone.

Hopefully we can get over the hurt feelings and get down to the business of making this cart secure and therefore usable.

I think this is the best cart on the market for the price, and I don't want to see it get a bad rep.

Rick



#19569 Hacked by someone in Eastern Europe

Posted by rweiss on 23 August 2007 - 02:00 PM in v1.x Security

One person suggests the my config.php is 777 and you all jump on the bandwagon saying what an idiot I am. When did anyone verify that this was the issue?

The config.php file was set at 644

Now, can someone deal with the real issues here?



#19540 Hacked by someone in Eastern Europe

Posted by rweiss on 22 August 2007 - 08:34 PM in v1.x Security

My cart config.php file was hacked and it caused the viewer to be redirected to a message board in Eastern Europe.

Even though I deleted that config.php file and uploaded the one on my computer, I still get either redirected again, or I get error messages about connecting with the database.

I am looking over the security questions discussed on this forum, and frankly, they are not very helpful. One answer says read the security section of the forum....which is where the questioner was when asking the question in the first place!

I have spent 6 months getting this cart ready for the client to use, if it is now going to be subject to a hacker - I have wasted my time, and the client is losing money.

I think the cs-cart developers need to be a lot more helpful (as one contributor wrote) on how we can protect our carts. Security attacks seem to be more and more common lately, and we need to know how to stop them.

Rick



#18809 Setting product order

Posted by rweiss on 07 August 2007 - 06:55 PM in General Questions

I did what is suggested here, the search and then product order, and it has not made any difference, the products still list in the order that they were placed in the cart.



#18621 Smarty error

Posted by rweiss on 02 August 2007 - 05:30 PM in General Questions

Thanks for the offer.

I submitted it to the help desk and they fixed it. I don't know how yet, but I would like to know in case it comes up again.

Rick



#18571 Smarty error

Posted by rweiss on 01 August 2007 - 03:42 AM in General Questions

I tried all that you suggested - replaced the tpl file (but I don't think this has anything to do with the tpl file, since I get a similar message on the front page related to a sidebox tpl file.

I had already adjusted permissions in the /var/ /images/ and the other directory someone suggested (my mind has gone blank.

Nothing has changed the situation that has been recommended in the forum.



#18545 Smarty error

Posted by rweiss on 31 July 2007 - 05:41 PM in General Questions

I'm getting the following error:

Warning: Smarty error: unable to read resource: "auth_pages/login.tpl" in /home/httpd/**/**/httpdocs/cart/classes/templater/Smarty.class.php on line 1096

An earlier post siad that the user probably changed the name of something. Not true in this case. At least not that I recall. They also said to change skins and see if that made it work. How do you change skins if you can't login to the admin area?

Rick



#11992 can't unpack file

Posted by rweiss on 02 March 2007 - 03:59 PM in v1.x Installation & Upgrade

I had no trouble expanding the tgz on the server.

Have you tried Untar available at:
http://www.edenwaith...products/untar/


Bob


It was a simple issue of the file not downloading all the way. It appeared to be a complete download, because the size was pretty much the same as the file area indicated it would be.


Rick



#11928 can't unpack file

Posted by rweiss on 01 March 2007 - 07:12 PM in v1.x Installation & Upgrade

I don't usually have issues like this, but when I try to unpack the tgz file I just bought this is what I get:

If I do it on my computer it tells me:
"Unable to unarchive "cscart_v1.3.4-sp2.tgz" into "CS-Cart" (error 2 - No such file or directory).

It is sitting in the CS-Cart directory when I do this.

When I upload the tgz file to the server and put it in the cart folder I want it to work in - and then do the tar command on the server. When I do that I get this error:

tar -xzvf cscart_v1.3.4-sp2.tgz
tar: This does not look like a tar archive
tar: Skipping to next header
tar: Archive contains obsolescent base-64 headers
tar: Error exit delayed from previous errors

So, needless to say, I am not getting very far with this installation.

I am on a Mac by the way...so don't give me Windows based responses (like using WinZip). I tried Stuffit to unpack the file on my computer, which has always been successful in the past with .tgz files.