@@ -1010,7 +1010,7 @@
$dir = dir($source);
($file = $dir->read()) {
while
( ($file != '.') && ($file != '..') ) {
if
-          
(is_writeable($source . '/' . $file)) {
if
+          
(tep_is_writable($source . '/' . $file)) {
if
tep_remove($source . '/' . $file);
{
else
$messageStack->add(sprintf(ERROR_FILE_NOT_REMOVEABLE, $source . '/' . $file),
'error');
@@ -1020,14 +1020,14 @@
}
$dir->close();
-      
(is_writeable($source)) {
if
+      
(tep_is_writable($source)) {
if
rmdir($source);
{
else
$messageStack->add(sprintf(ERROR_DIRECTORY_NOT_REMOVEABLE, $source), 'error');
$tep_remove_error = 
;
true
}
{
else
-      
(is_writeable($source)) {
if
+      
(tep_is_writable($source)) {
if
unlink($source);
{
else
$messageStack->add(sprintf(ERROR_FILE_NOT_REMOVEABLE, $source), 'error');
@@ -1356,4 +1356,35 @@
$ip_address;
return
}
+
+////
+// Wrapper function 
is_writable() 
Windows compatibility
for
for
+  function tep_is_writable($file) {
+    
(strtolower(substr(PHP_OS, 0, 3)) === 'win') {
if
+      
(file_exists($file)) {
if
+        $file = realpath($file);
+        
(is_dir($file)) {
if
+          $result = @tempnam($file, 'osc');
+          
(is_string($result) && file_exists($result)) {
if
+            unlink($result);
+            
(strpos($result, $file) === 0) ? 
;
return
true
false
+          }
+        } 
{
else
+          $handle = @fopen($file, 'r+');
+          
(is_resource($handle)) {
if
+            fclose($handle);
+            
;
return true
+          }
+        }
+      } 
{
else
+        $dir = dirname($file);
+        
(file_exists($dir) && is_dir($dir) && tep_is_writable($dir)) {
if
+          
;
return true
+        }
+      }
+      
;
return false
+    } 
{
else
+      
is_writable($file);
return
+    }
+  }
?>
catalog/admin/includes/modules/security_check/config_file_catalog.php
Pdf rotate single page - Split, seperate PDF into multiple files in C#.net, ASP.NET, MVC, Ajax, WinForms, WPF
Explain How to Split PDF Document in Visual C#.NET Application
break password pdf; add page break to pdf
Pdf rotate single page - VB.NET PDF File Split Library: Split, seperate PDF into multiple files in vb.net, ASP.NET, MVC, Ajax, WinForms, WPF
VB.NET PDF Document Splitter Control to Disassemble PDF Document
pdf separate pages; split pdf into individual pages
@@ -20,7 +20,7 @@
}
function pass() {
-      
(file_exists(DIR_FS_CATALOG . 'includes/configure.php') &&
return
!is_writable(DIR_FS_CATALOG . 'includes/configure.php'));
+      
(file_exists(DIR_FS_CATALOG . 'includes/configure.php') &&
return
!tep_is_writable(DIR_FS_CATALOG . 'includes/configure.php'));
}
function getMessage() {
catalog/admin/includes/modules/security_check/session_storage.php
@@ -20,14 +20,14 @@
}
function pass() {
-      
((STORE_SESSIONS != '') || (is_dir(tep_session_save_path()) &&
return
is_writable(tep_session_save_path())));
+      
((STORE_SESSIONS != '') || (is_dir(tep_session_save_path()) &&
return
tep_is_writable(tep_session_save_path())));
}
function getMessage() {
(STORE_SESSIONS == '') {
if
(!is_dir(tep_session_save_path())) {
if
WARNING_SESSION_DIRECTORY_NON_EXISTENT;
return
-        } elseif (!is_writable(tep_session_save_path())) {
+        } elseif (!tep_is_writable(tep_session_save_path())) {
WARNING_SESSION_DIRECTORY_NOT_WRITEABLE;
return
}
}
catalog/admin/sec_dir_permissions.php
@@ -24,7 +24,7 @@
(!in_array($filename, $exclude_array)) {
if
$file = array('name' => $path . $filename,
'is_dir' => is_dir($path . $filename),
-                        'writable' => is_writable($path . $filename));
+                        'writable' => tep_is_writable($path . $filename));
$result[] = $file;
(A) (UP) Bypass HTTP Authentication for IIS Webservers
(A) (UP) Bypass HTTP Authentication for IIS Webservers
Importance: Low | Difficulty: Easy
Bypass Administration Tool HTTP Authentication for IIS Webservers.
Affected Files
catalog/admin/administrators.php
View Changes Online
catalog/admin/administrators.php
C# PDF Page Rotate Library: rotate PDF page permanently in C#.net
And C# users may choose to only rotate a single page of PDF file or all the pages. See C# programming demos below. DLLs for PDF Page Rotation in C#.NET Project.
break up pdf into individual pages; how to split pdf file by pages
VB.NET PDF Page Delete Library: remove PDF pages in vb.net, ASP.
Able to remove a single page from adobe PDF document in VB.NET. using RasterEdge. XDoc.PDF; How to VB.NET: Delete a Single PDF Page from PDF File.
break apart pdf pages; break pdf password online
@@ -14,6 +14,7 @@
$htaccess_array = 
;
null
$htpasswd_array = 
;
null
+  $is_iis = stripos($HTTP_SERVER_VARS['SERVER_SOFTWARE'], 'iis');
$authuserfile_array = array('##### OSCOMMERCE ADMIN PROTECTION - BEGIN #####',
'AuthType Basic',
@@ -22,7 +23,7 @@
'Require valid-user',
'##### OSCOMMERCE ADMIN PROTECTION - END #####');
-  
(file_exists(DIR_FS_ADMIN . '.htpasswd_oscommerce') && tep_is_writable(DIR_FS_ADMIN .
if
'.htpasswd_oscommerce') && file_exists(DIR_FS_ADMIN . '.htaccess') && tep_is_writable(DIR_FS_ADMIN
. '.htaccess')) {
+  
(!$is_iis && file_exists(DIR_FS_ADMIN . '.htpasswd_oscommerce') &&
if
tep_is_writable(DIR_FS_ADMIN . '.htpasswd_oscommerce') && file_exists(DIR_FS_ADMIN . '.htaccess')
&& tep_is_writable(DIR_FS_ADMIN . '.htaccess')) {
$htaccess_array = array();
$htpasswd_array = array();
@@ -225,7 +226,7 @@
{
else
$secMessageStack->add(HTPASSWD_SECURED, 'success');
}
-  } 
{
else
+  } 
(!$is_iis) {
else if
$secMessageStack->add(HTPASSWD_PERMISSIONS, 'error');
}
?>
@@ -283,8 +284,13 @@
$aInfo = 
objectInfo($admins);
new
}
+
$htpasswd_secured = tep_image(DIR_WS_IMAGES . 'icon_status_red.gif', 'Not Secured', 10, 10);
+    
($is_iis) {
if
+      $htpasswd_secured = 'N/A';
+    }
+
(is_array($htpasswd_array)) {
if
($i=0, $n=sizeof($htpasswd_array); $i<$n; $i++) {
for
list($ht_username, $ht_password) = explode(':', $htpasswd_array[$i], 2);
(AC) (UP) Update PHP_SELF Value
(AC) (UP) Update PHP_SELF Value
Importance: Low | Difficulty: Easy
Update PHP_SELF value.
Affected Files
catalog/admin/includes/application_top.php
catalog/includes/application_top.php
View Changes Online
catalog/admin/includes/application_top.php
C# PDF Page Delete Library: remove PDF pages in C#.net, ASP.NET
application. Able to remove a single page from PDF document. Ability Demo Code: How to Delete a Single PDF Page from PDF File in C#.NET. How to
a pdf page cut; reader split pdf
VB.NET PDF Page Rotate Library: rotate PDF page permanently in vb.
anticlockwise in VB.NET. Rotate single specified page or entire pages permanently in PDF file in Visual Basic .NET. Batch change PDF page
pdf split and merge; combine pages of pdf documents into one
@@ -34,7 +34,7 @@
require(DIR_WS_FUNCTIONS . 'compatibility.php');
// set php_self in the local scope
-  $PHP_SELF = (isset($HTTP_SERVER_VARS['PHP_SELF']) ? $HTTP_SERVER_VARS['PHP_SELF'] :
$HTTP_SERVER_VARS['SCRIPT_NAME']);
+  $PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo')
== 
)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF'])
false
: basename($HTTP_SERVER_VARS['SCRIPT_NAME']);
// Used in the 
to compress backups
"Backup Manager"
define('LOCAL_EXE_GZIP', '/usr/bin/gzip');
catalog/includes/application_top.php
@@ -43,7 +43,7 @@
$request_type = (getenv('HTTPS') == 'on') ? 'SSL' : 'NONSSL';
// set php_self in the local scope
-  
(!isset($PHP_SELF)) $PHP_SELF = $HTTP_SERVER_VARS['PHP_SELF'];
if
+  $PHP_SELF = (((strlen(ini_get('cgi.fix_pathinfo')) > 0) && ((bool)ini_get('cgi.fix_pathinfo')
== 
)) || !isset($HTTP_SERVER_VARS['SCRIPT_NAME'])) ? basename($HTTP_SERVER_VARS['PHP_SELF'])
false
: basename($HTTP_SERVER_VARS['SCRIPT_NAME']);
($request_type == 'NONSSL') {
if
define('DIR_WS_CATALOG', DIR_WS_HTTP_CATALOG);
(A) (NEW) Introduce Easy Store Logo Uploader
(A) (NEW) Introduce Easy Store Logo Uploader
Importance: Low | Difficulty: Easy
Introduce a new Administration Tool section to easily allow a new store logo to be uploaded.
Affected Files
catalog/admin/includes/boxes/configuration.php
catalog/admin/includes/filenames.php
catalog/admin/includes/languages/english.php
catalog/admin/includes/languages/english/store_logo.php --- (new file)
catalog/admin/store_logo.php --- (new file)
View Changes Online
This changeset includes updates to English language definition files. Please perform similar changes to other languages
that are also installed.
catalog/admin/includes/boxes/configuration.php
How to C#: Basic SDK Concept of XDoc.PDF for .NET
insert, delete, re-order, copy, paste, cut, rotate, and save or query data and save the PDF document. The PDFPage class presents a single page in a PDFDocument
break pdf file into multiple files; break pdf file into parts
VB.NET PDF- View PDF Online with VB.NET HTML5 PDF Viewer
C#.NET PDF file & pages edit, C#.NET PDF pages extract, copy, paste, C#.NET rotate PDF pages, C# Users can view PDF document in single page or continue
pdf print error no pages selected; break pdf into separate pages
@@ -21,7 +21,8 @@
'link'  => tep_href_link(FILENAME_CONFIGURATION,
'gID=1&selected_box=configuration'));
($selected_box == 'configuration') {
if
-    $cfg_groups = '<a href=
class=
"' . tep_href_link(FILENAME_ADMINISTRATORS, '', 'NONSSL') . '"
>' . BOX_CONFIGURATION_ADMINISTRATORS . '</a><br>';
"menuBoxContentLink"
+    $cfg_groups = '<a href=
class=
"' . tep_href_link(FILENAME_ADMINISTRATORS, '', 'NONSSL') . '"
>' . BOX_CONFIGURATION_ADMINISTRATORS . '</a><br>' .
"menuBoxContentLink"
+                  '<a href=
class=
"' . tep_href_link(FILENAME_STORE_LOGO, '', 'NONSSL') . '"
>' . BOX_CONFIGURATION_STORE_LOGO . '</a><br>';
"menuBoxContentLink"
$configuration_groups_query = tep_db_query("select configuration_group_id as cgID,
. TABLE_CONFIGURATION_GROUP . 
configuration_group_title as cgTitle from "
" where visible = '1'
);
order by sort_order"
($configuration_groups = tep_db_fetch_array($configuration_groups_query)) {
while
$cfg_groups .= '<a href="' . tep_href_link(FILENAME_CONFIGURATION, 'gID=' .
class=
>' .
$configuration_groups['cgID'], 'NONSSL') . '"
"menuBoxContentLink"
$configuration_groups['cgTitle'] . '</a><br>';
catalog/admin/includes/filenames.php
@@ -48,6 +48,7 @@
define('FILENAME_STATS_CUSTOMERS', 'stats_customers.php');
define('FILENAME_STATS_PRODUCTS_PURCHASED', 'stats_products_purchased.php');
define('FILENAME_STATS_PRODUCTS_VIEWED', 'stats_products_viewed.php');
+  define('FILENAME_STORE_LOGO', 'store_logo.php');
define('FILENAME_TAX_CLASSES', 'tax_classes.php');
define('FILENAME_TAX_RATES', 'tax_rates.php');
define('FILENAME_VERSION_CHECK', 'version_check.php');
catalog/admin/includes/languages/english.php
@@ -61,6 +61,7 @@ define('BOX_CONFIGURATION_MYSTORE', 'My Store');
define('BOX_CONFIGURATION_LOGGING', 'Logging');
define('BOX_CONFIGURATION_CACHE', 'Cache');
define('BOX_CONFIGURATION_ADMINISTRATORS', 'Administrators');
+define('BOX_CONFIGURATION_STORE_LOGO', 'Store Logo');
// modules box text in includes/boxes/modules.php
define('BOX_HEADING_MODULES', 'Modules');
catalog/admin/includes/languages/english/store_logo.php --- (new file)
This is a new file. (Download File)
catalog/admin/store_logo.php --- (new file)
This is a new file. (Download File)
(AC) (SQL) (UP) Update Password Hashing to Phpass
(AC) (SQL) (UP) Update Password Hashing to Phpass
Importance: High | Difficulty: Easy
Update password hashing to Phpass for increased security. Existing customer and administrator passwords are automatically and
transparently hashed with Phpass when the customer or administrator logs in.
Affected Files
catalog/admin/includes/classes/passwordhash.php --- (new file)
catalog/admin/includes/functions/password_funcs.php
catalog/admin/login.php
C# PDF Convert to Tiff SDK: Convert PDF to tiff images in C#.net
Both single page and multipage tiff image files can be created from PDF. Supports tiff compression selection. Supports for changing image size.
break pdf into multiple pages; break a pdf into parts
VB.NET PDF: Basic SDK Concept of XDoc.PDF
insert, delete, re-order, copy, paste, cut, rotate, and save or query data and save the PDF document. The PDFPage class presents a single page in a PDFDocument
split pdf; pdf splitter
catalog/includes/classes/passwordhash.php --- (new file)
catalog/includes/functions/password_funcs.php
catalog/login.php
View Changes Online
SQL Queries
alter table administrators modify user_password varchar(60) NOT NULL;
alter table customers modify customers_password varchar(60) NOT NULL;
catalog/admin/includes/classes/passwordhash.php --- (new file)
This is a new file. (Download File)
catalog/admin/includes/functions/password_funcs.php
@@ -11,10 +11,31 @@
*/
////
-// This funstion validates a plain text password with an
-// encrpyted password
+// This function validates a plain text password with a
+// salted or phpass password
function tep_validate_password($plain, $encrypted) {
(tep_not_null($plain) && tep_not_null($encrypted)) {
if
+      
(tep_password_type($encrypted) == 'salt') {
if
+        
tep_validate_old_password($plain, $encrypted);
return
+      }
+
+      
(!class_exists('PasswordHash')) {
if
+        include(DIR_WS_CLASSES . 'passwordhash.php');
+      }
+
+      $hasher = 
PasswordHash(10, 
);
new
true
+
+      
$hasher->CheckPassword($plain, $encrypted);
return
+    }
+
+    
;
return false
+  }
+
+////
+// This function validates a plain text password with a
+// salted password
+  function tep_validate_old_password($plain, $encrypted) {
+    
(tep_not_null($plain) && tep_not_null($encrypted)) {
if
// split apart the hash / salt
$stack = explode(':', $encrypted);
@@ -29,8 +50,22 @@
}
////
-// This function makes a 
password from a plaintext password. 
new
+// This function encrypts a phpass password from a plaintext
+// password.
function tep_encrypt_password($plain) {
+    
(!class_exists('PasswordHash')) {
if
+      include(DIR_WS_CLASSES . 'passwordhash.php');
+    }
+
+    $hasher = 
PasswordHash(10, 
);
new
true
+
+    
$hasher->HashPassword($plain);
return
+  }
+
+////
VB.NET PDF File & Page Process Library SDK for vb.net, ASP.NET
With VB.NET PDF SDK, PDF document page can be rotated to 90, 180, and 270 in clockwise. Both a single page and whole file pages can be rotated and saved as
pdf rotate single page; break a pdf file
VB.NET PDF File Merge Library: Merge, append PDF files in vb.net
all. This guiding page will help you merge two or more PDF documents into a single one in a Visual Basic .NET imaging application.
break pdf into multiple documents; acrobat split pdf into multiple files
+// This function encrypts a salted password from a plaintext
+// password.
+  function tep_encrypt_old_password($plain) {
$password = '';
($i=0; $i<10; $i++) {
for
@@ -45,6 +80,17 @@
}
////
+// This function returns the type of the encrpyted password
+// (phpass or salt)
+  function tep_password_type($encrypted) {
+    
(preg_match('/^[A-Z0-9]{32}\:[A-Z0-9]{2}$/i', $encrypted) === 1) {
if
+      
'salt';
return
+    }
+
+    
'phpass';
return
+  }
+
+////
// This function produces a crypted string using the APR-MD5 algorithm
// Source: http://www.php.net/crypt
function tep_crypt_apr_md5($password, $salt = 
) {
null
catalog/admin/login.php
@@ -42,6 +42,11 @@
$check = tep_db_fetch_array($check_query);
(tep_validate_password($password, $check['user_password'])) {
if
+// migrate old hashed password to 
phpass password
new
+              
(tep_password_type($check['user_password']) != 'phpass') {
if
+                tep_db_query(
. TABLE_ADMINISTRATORS . 
.
"update "
" set user_password = '"
tep_encrypt_password($password) . 
. (
)$check['id'] . 
);
"' where id = '"
int
"'"
+              }
+
tep_session_register('admin');
$admin = array('id' => $check['id'],
catalog/includes/classes/passwordhash.php --- (new file)
This is a new file. (Download File)
catalog/includes/functions/password_funcs.php
@@ -11,10 +11,31 @@
*/
////
-// This funstion validates a plain text password with an
-// encrpyted password
+// This function validates a plain text password with a
+// salted or phpass password
function tep_validate_password($plain, $encrypted) {
(tep_not_null($plain) && tep_not_null($encrypted)) {
if
+      
(tep_password_type($encrypted) == 'salt') {
if
+        
tep_validate_old_password($plain, $encrypted);
return
+      }
+
+      
(!class_exists('PasswordHash')) {
if
+        include(DIR_WS_CLASSES . 'passwordhash.php');
+      }
+
+      $hasher = 
PasswordHash(10, 
);
new
true
+
+      
$hasher->CheckPassword($plain, $encrypted);
return
+    }
+
+    
;
return false
+  }
+
+////
+// This function validates a plain text password with a
+// salted password
+  function tep_validate_old_password($plain, $encrypted) {
+    
(tep_not_null($plain) && tep_not_null($encrypted)) {
if
// split apart the hash / salt
$stack = explode(':', $encrypted);
@@ -29,8 +50,22 @@
}
////
-// This function makes a 
password from a plaintext password. 
new
+// This function encrypts a phpass password from a plaintext
+// password.
function tep_encrypt_password($plain) {
+    
(!class_exists('PasswordHash')) {
if
+      include(DIR_WS_CLASSES . 'passwordhash.php');
+    }
+
+    $hasher = 
PasswordHash(10, 
);
new
true
+
+    
$hasher->HashPassword($plain);
return
+  }
+
+////
+// This function encrypts a salted password from a plaintext
+// password.
+  function tep_encrypt_old_password($plain) {
$password = '';
($i=0; $i<10; $i++) {
for
@@ -43,4 +78,15 @@
$password;
return
}
-?>
+
+////
+// This function returns the type of the encrpyted password
+// (phpass or salt)
+  function tep_password_type($encrypted) {
+    
(preg_match('/^[A-Z0-9]{32}\:[A-Z0-9]{2}$/i', $encrypted) === 1) {
if
+      
'salt';
return
+    }
+
+    
'phpass';
return
+  }
+?>
catalog/login.php
@@ -38,6 +38,11 @@
tep_session_recreate();
}
+// migrate old hashed password to 
phpass password
new
+        
(tep_password_type($check_customer['customers_password']) != 'phpass') {
if
+          tep_db_query(
. TABLE_CUSTOMERS . 
.
"update "
" set customers_password = '"
tep_encrypt_password($password) . 
. (
"' where customers_id = '"
int
)$check_customer['customers_id'] . 
);
"'"
+        }
+
$check_country_query = tep_db_query(
.
"select entry_country_id, entry_zone_id from "
TABLE_ADDRESS_BOOK . 
. (
)$check_customer['customers_id'] . 
" where customers_id = '"
int
"' and
. (
)$check_customer['customers_default_address_id'] . 
);
address_book_id = '"
int
"'"
$check_country = tep_db_fetch_array($check_country_query);
(C) (BUG) Fix Length Check of Customer Passwords
(C) (BUG) Fix Length Check of Customer Passwords
Importance: Low | Difficulty: Easy
Fix the length check of customer passwords.
Affected Files
catalog/account_password.php
catalog/includes/form_check.js.php
View Changes Online
catalog/account_password.php
@@ -27,11 +27,7 @@
$error = 
;
false
-    
(strlen($password_current) < ENTRY_PASSWORD_MIN_LENGTH) {
if
-      $error = 
;
true
-
-      $messageStack->add('account_password', ENTRY_PASSWORD_CURRENT_ERROR);
-    } elseif (strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
+    
(strlen($password_new) < ENTRY_PASSWORD_MIN_LENGTH) {
if
$error = 
;
true
$messageStack->add('account_password', ENTRY_PASSWORD_NEW_ERROR);
catalog/includes/form_check.js.php
Documents you may be interested
Documents you may be interested