osCommerce and osCMax shopping cart software forums

Shopping Cart Software

osCommerce with teeth!

 

Cart Quantity Security Flaw Patch

This is a discussion on Cart Quantity Security Flaw Patch within the New osCommerce Contributions forums, part of the osCommerce 2.2 Forums category; Easier method IMO. edit catalog/includes/application_top.php find case 'update_product' : ... find this line in that section $cart->add_cart($...


Go Back   osCommerce and osCMax shopping cart software forums > osCommerce 2.2 Forums > New osCommerce Contributions

Cart Quantity Security Flaw Patch Cart Quantity Security Flaw Patch

Register FAQ Members List Calendar Mark Forums Read


Free community membership! Fast easy FREE membership
Reply

 

LinkBack Thread Tools
  #1  
Old 10-02-2007, 01:01 PM
michael_s's Avatar
osCMax Developer

  
Join Date: Jul 2002
Location: Phoenix, AZ
Posts: 10,243
Thanks: 66
Thanked 294 Times in 280 Posts
Rep Power: 10
michael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond repute
Post Cart Quantity Security Flaw Patch
Easier method IMO.

edit catalog/includes/application_top.php

find

case 'update_product' : ...


find this line in that section

$cart->add_cart($HTTP_POST_VARS['products_id'][$i], $HTTP_POST_VARS['cart_quantity'][$i], $attributes, false);


and add above it

if ((int)$HTTP_POST_VARS['cart_quantity'][$i] > 9999999) {
$HTTP_POST_VARS['cart_quantity'][$i] = 9999999;
}

change the first 9999999 to the maximum amount allowed... any value over that will automatically be set to the second 9999999 maximum amount..

file included contains only this text.

insaini

More...
__________________
Michael Sasek
osCMax Developer

osCMax Templates - Hundreds of premium quality templates. New designs every month!

xShop for osCMax - Windows Based osCMax administration. Improved workflow, security, speed and convenience

osCMax Hosting - From basic hosting to High Availability, Load Balanced arrays, the most experienced osCMax host.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Net1 Sage Payments credit card module | No buy button if quantity = 0 »


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
Cart Quantity Security Flaw Patch michael_s New osCommerce Contributions 0 10-02-2007 05:20 AM
Cart Quantity Security Flaw Patch michael_s New osCommerce Contributions 0 10-02-2007 03:02 AM
Security Patch osCMax 2.0RC2 warrenthewindmill osCMax v1.7 Discussion 2 12-04-2005 10:50 AM
Re: Security Patch loba osCMax v1.7 Discussion 13 03-25-2005 06:01 AM
Security patch killed pop-up function bjrafferty osCMax v1.7 Discussion 2 03-24-2005 01:13 PM


All times are GMT -8. The time now is 07:34 PM.

osCMax Home - Site Map - Top

Powered by vBulletin®
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO
Copyright 2008 osCMax